From dc2d8671a070ddf5598e25054fc8c1a0ac2cebad Mon Sep 17 00:00:00 2001 From: Kevin Ruggiero Date: Wed, 4 Oct 2023 11:56:15 -0400 Subject: [PATCH 1/2] update ruby sdk --- .DS_Store | Bin 0 -> 8196 bytes jcapiv1/.gitignore | 2 +- jcapiv1/.rubocop.yml | 154 + jcapiv1/.swagger-codegen/VERSION | 2 +- jcapiv1/Gemfile | 4 +- jcapiv1/README.md | 1458 +- jcapiv1/docs/Application.md | 14 +- jcapiv1/docs/ApplicationConfig.md | 3 +- jcapiv1/docs/ApplicationConfigAcsUrl.md | 3 +- .../docs/ApplicationConfigAcsUrlTooltip.md | 1 - ...ApplicationConfigAcsUrlTooltipVariables.md | 1 - .../ApplicationConfigConstantAttributes.md | 1 - ...pplicationConfigConstantAttributesValue.md | 1 - .../ApplicationConfigDatabaseAttributes.md | 1 - .../docs/ApplicationConfigSignAssertion.md | 14 + jcapiv1/docs/ApplicationLogo.md | 8 + jcapiv1/docs/ApplicationTemplatesApi.md | 62 +- jcapiv1/docs/ApplicationsApi.md | 77 +- jcapiv1/docs/Applicationslist.md | 2 +- jcapiv1/docs/Applicationtemplate.md | 9 +- jcapiv1/docs/ApplicationtemplateJit.md | 1 - jcapiv1/docs/ApplicationtemplateLogo.md | 7 + jcapiv1/docs/ApplicationtemplateOidc.md | 10 + jcapiv1/docs/ApplicationtemplateProvision.md | 9 + jcapiv1/docs/Applicationtemplateslist.md | 1 - jcapiv1/docs/Body1.md | 9 - jcapiv1/docs/Command.md | 11 +- jcapiv1/docs/CommandResultsApi.md | 80 +- jcapiv1/docs/CommandTriggersApi.md | 24 +- jcapiv1/docs/Commandfilereturn.md | 3 +- jcapiv1/docs/CommandfilereturnResults.md | 1 - jcapiv1/docs/Commandresult.md | 5 +- jcapiv1/docs/CommandresultResponse.md | 1 - jcapiv1/docs/CommandresultResponseData.md | 1 - jcapiv1/docs/Commandresultslist.md | 5 +- jcapiv1/docs/CommandresultslistResults.md | 17 + jcapiv1/docs/CommandsApi.md | 260 +- jcapiv1/docs/Commandslist.md | 1 - jcapiv1/docs/CommandslistResults.md | 1 - jcapiv1/docs/Error.md | 9 + jcapiv1/docs/ErrorDetails.md | 10 + jcapiv1/docs/Fde.md | 1 - .../Mfa.md => jcapiv1/docs/IdResetmfaBody.md | 5 +- jcapiv1/docs/InlineResponse200.md | 8 + jcapiv1/docs/InlineResponse412.md | 7 + jcapiv1/docs/ManagedServiceProviderApi.md | 239 + jcapiv1/docs/Mfa.md | 2 +- jcapiv1/docs/MfaEnrollment.md | 10 + .../docs/MfaEnrollmentStatus.md | 3 +- jcapiv1/docs/Organization.md | 19 + jcapiv1/docs/Organizationentitlement.md | 10 + ...anizationentitlementEntitlementProducts.md | 14 + jcapiv1/docs/OrganizationsApi.md | 146 +- jcapiv1/docs/OrganizationsIdBody.md | 7 + jcapiv1/docs/Organizationsettings.md | 36 + jcapiv1/docs/OrganizationsettingsFeatures.md | 9 + ...zationsettingsFeaturesDirectoryInsights.md | 4 +- ...ettingsFeaturesDirectoryInsightsPremium.md | 9 + ...anizationsettingsFeaturesSystemInsights.md | 12 + ...ationsettingsNewSystemUserStateDefaults.md | 9 + .../OrganizationsettingsPasswordPolicy.md | 32 + .../docs/OrganizationsettingsUserPortal.md | 7 + .../docs/OrganizationsettingsWindowsMDM.md | 8 + jcapiv1/docs/Organizationsettingsput.md | 28 + ...onsettingsputNewSystemUserStateDefaults.md | 9 + .../OrganizationsettingsputPasswordPolicy.md | 29 + jcapiv1/docs/Organizationslist.md | 1 - jcapiv1/docs/OrganizationslistResults.md | 1 - jcapiv1/docs/RadiusServersApi.md | 183 +- jcapiv1/docs/Radiusserver.md | 6 +- jcapiv1/docs/Radiusserverpost.md | 6 +- jcapiv1/docs/Radiusserverput.md | 6 +- .../docs/{Body.md => RadiusserversIdBody.md} | 8 +- jcapiv1/docs/Radiusserverslist.md | 1 - jcapiv1/docs/RunCommandBody.md | 8 + jcapiv1/docs/Search.md | 1 - jcapiv1/docs/SearchApi.md | 216 +- jcapiv1/docs/Sshkeylist.md | 1 - jcapiv1/docs/Sshkeypost.md | 1 - jcapiv1/docs/Sso.md | 15 + ...{Errorresponse.md => StateActivateBody.md} | 5 +- jcapiv1/docs/System.md | 22 +- jcapiv1/docs/SystemBuiltInCommands.md | 8 + jcapiv1/docs/SystemDomainInfo.md | 8 + jcapiv1/docs/SystemMdm.md | 14 + jcapiv1/docs/SystemMdmInternal.md | 8 + .../docs/SystemMdmWindows.md | 5 +- jcapiv1/docs/SystemNetworkInterfaces.md | 1 - jcapiv1/docs/SystemOsVersionDetail.md | 16 + jcapiv1/docs/SystemProvisionMetadata.md | 7 + .../SystemProvisionMetadataProvisioner.md | 8 + jcapiv1/docs/SystemSecureLogin.md | 8 + jcapiv1/docs/SystemServiceAccountState.md | 9 + jcapiv1/docs/SystemSshdParams.md | 1 - jcapiv1/docs/SystemSystemInsights.md | 1 - jcapiv1/docs/SystemUserMetrics.md | 11 + jcapiv1/docs/Systemput.md | 1 - jcapiv1/docs/SystemputAgentBoundMessages.md | 1 - jcapiv1/docs/SystemsApi.md | 355 +- jcapiv1/docs/Systemslist.md | 1 - jcapiv1/docs/Systemuser.md | 48 - jcapiv1/docs/Systemuserbindingsput.md | 9 - jcapiv1/docs/Systemuserput.md | 11 +- jcapiv1/docs/SystemuserputAddresses.md | 1 - .../docs/SystemuserputAttributes.md | 6 +- jcapiv1/docs/SystemuserputPhoneNumbers.md | 1 - jcapiv1/docs/SystemuserputRelationships.md | 8 + jcapiv1/docs/Systemuserputpost.md | 12 +- jcapiv1/docs/SystemuserputpostAddresses.md | 1 - jcapiv1/docs/SystemuserputpostPhoneNumbers.md | 1 - .../docs/SystemuserputpostRecoveryEmail.md | 7 + jcapiv1/docs/Systemuserreturn.md | 16 +- jcapiv1/docs/SystemuserreturnAddresses.md | 1 - jcapiv1/docs/SystemuserreturnPhoneNumbers.md | 1 - jcapiv1/docs/SystemuserreturnRecoveryEmail.md | 9 + jcapiv1/docs/SystemusersApi.md | 441 +- jcapiv1/docs/Systemuserslist.md | 1 - jcapiv1/docs/Tag.md | 19 - jcapiv1/docs/Tagpost.md | 17 - jcapiv1/docs/Tagput.md | 17 - jcapiv1/docs/TagsApi.md | 339 - jcapiv1/docs/Tagslist.md | 9 - jcapiv1/docs/Totpenrollmentinfo.md | 7 + jcapiv1/docs/Triggerreturn.md | 7 + jcapiv1/docs/TrustedappConfigGet.md | 8 + .../docs/TrustedappConfigGetTrustedApps.md | 9 + jcapiv1/docs/TrustedappConfigPut.md | 7 + jcapiv1/docs/Userput.md | 13 + jcapiv1/docs/Userreturn.md | 26 + jcapiv1/docs/UserreturnGrowthData.md | 8 + jcapiv1/docs/UsersApi.md | 172 + jcapiv1/docs/Usersystembindingsput.md | 9 - jcapiv1/jcapiv1.gemspec | 30 +- jcapiv1/lib/jcapiv1.rb | 80 +- .../jcapiv1/api/application_templates_api.rb | 137 +- jcapiv1/lib/jcapiv1/api/applications_api.rb | 206 +- .../lib/jcapiv1/api/command_results_api.rb | 188 +- .../lib/jcapiv1/api/command_triggers_api.rb | 65 +- jcapiv1/lib/jcapiv1/api/commands_api.rb | 467 +- .../api/managed_service_provider_api.rb | 266 + jcapiv1/lib/jcapiv1/api/organizations_api.rb | 201 +- jcapiv1/lib/jcapiv1/api/radius_servers_api.rb | 294 +- jcapiv1/lib/jcapiv1/api/search_api.rb | 330 +- jcapiv1/lib/jcapiv1/api/systems_api.rb | 605 +- jcapiv1/lib/jcapiv1/api/systemusers_api.rb | 840 +- jcapiv1/lib/jcapiv1/api/tags_api.rb | 398 - jcapiv1/lib/jcapiv1/api/users_api.rb | 195 + jcapiv1/lib/jcapiv1/api_client.rb | 105 +- jcapiv1/lib/jcapiv1/api_error.rb | 29 +- jcapiv1/lib/jcapiv1/configuration.rb | 18 +- jcapiv1/lib/jcapiv1/models/application.rb | 230 +- .../lib/jcapiv1/models/application_config.rb | 134 +- .../models/application_config_acs_url.rb | 128 +- .../application_config_acs_url_tooltip.rb | 82 +- ...cation_config_acs_url_tooltip_variables.rb | 82 +- .../application_config_constant_attributes.rb | 112 +- ...cation_config_constant_attributes_value.rb | 96 +- .../application_config_database_attributes.rb | 78 +- .../application_config_sign_assertion.rb | 269 + .../lib/jcapiv1/models/application_logo.rb | 249 + .../lib/jcapiv1/models/applicationslist.rb | 95 +- .../lib/jcapiv1/models/applicationtemplate.rb | 250 +- .../jcapiv1/models/applicationtemplate_jit.rb | 82 +- .../models/applicationtemplate_logo.rb | 206 + .../models/applicationtemplate_oidc.rb | 275 + .../models/applicationtemplate_provision.rb | 224 + .../models/applicationtemplateslist.rb | 84 +- jcapiv1/lib/jcapiv1/models/body.rb | 278 - jcapiv1/lib/jcapiv1/models/body_1.rb | 197 - jcapiv1/lib/jcapiv1/models/command.rb | 204 +- .../lib/jcapiv1/models/commandfilereturn.rb | 88 +- .../models/commandfilereturn_results.rb | 86 +- jcapiv1/lib/jcapiv1/models/commandresult.rb | 140 +- .../jcapiv1/models/commandresult_response.rb | 86 +- .../models/commandresult_response_data.rb | 84 +- .../lib/jcapiv1/models/commandresultslist.rb | 87 +- .../models/commandresultslist_results.rb | 307 + jcapiv1/lib/jcapiv1/models/commandslist.rb | 84 +- .../jcapiv1/models/commandslist_results.rb | 122 +- jcapiv1/lib/jcapiv1/models/error.rb | 227 + jcapiv1/lib/jcapiv1/models/error_details.rb | 243 + jcapiv1/lib/jcapiv1/models/errorresponse.rb | 188 - jcapiv1/lib/jcapiv1/models/fde.rb | 85 +- .../lib/jcapiv1/models/id_resetmfa_body.rb | 224 + .../lib/jcapiv1/models/inline_response_200.rb | 217 + .../lib/jcapiv1/models/inline_response_412.rb | 207 + jcapiv1/lib/jcapiv1/models/mfa.rb | 97 +- jcapiv1/lib/jcapiv1/models/mfa_enrollment.rb | 233 + .../jcapiv1/models/mfa_enrollment_status.rb | 33 + jcapiv1/lib/jcapiv1/models/organization.rb | 314 + .../jcapiv1/models/organizationentitlement.rb | 235 + ...izationentitlement_entitlement_products.rb | 269 + .../jcapiv1/models/organizations_id_body.rb | 206 + .../jcapiv1/models/organizationsettings.rb | 502 + .../models/organizationsettings_features.rb | 224 + ...ionsettings_features_directory_insights.rb | 206 + ...ngs_features_directory_insights_premium.rb | 224 + ...zationsettings_features_system_insights.rb | 251 + ...settings_new_system_user_state_defaults.rb | 285 + .../organizationsettings_password_policy.rb | 432 + .../organizationsettings_user_portal.rb | 206 + .../organizationsettings_windows_mdm.rb | 217 + .../jcapiv1/models/organizationsettingsput.rb | 430 + ...tingsput_new_system_user_state_defaults.rb | 282 + ...organizationsettingsput_password_policy.rb | 405 + .../lib/jcapiv1/models/organizationslist.rb | 84 +- .../models/organizationslist_results.rb | 90 +- jcapiv1/lib/jcapiv1/models/radiusserver.rb | 186 +- .../lib/jcapiv1/models/radiusserverpost.rb | 180 +- jcapiv1/lib/jcapiv1/models/radiusserverput.rb | 172 +- .../jcapiv1/models/radiusservers_id_body.rb | 347 + .../lib/jcapiv1/models/radiusserverslist.rb | 84 +- .../lib/jcapiv1/models/run_command_body.rb | 219 + jcapiv1/lib/jcapiv1/models/search.rb | 84 +- jcapiv1/lib/jcapiv1/models/sshkeylist.rb | 90 +- jcapiv1/lib/jcapiv1/models/sshkeypost.rb | 86 +- jcapiv1/lib/jcapiv1/models/sso.rb | 278 + .../lib/jcapiv1/models/state_activate_body.rb | 206 + jcapiv1/lib/jcapiv1/models/system.rb | 377 +- .../models/system_built_in_commands.rb | 261 + .../lib/jcapiv1/models/system_domain_info.rb | 215 + jcapiv1/lib/jcapiv1/models/system_mdm.rb | 315 + .../lib/jcapiv1/models/system_mdm_internal.rb | 215 + .../lib/jcapiv1/models/system_mdm_windows.rb | 206 + .../models/system_network_interfaces.rb | 122 +- .../models/system_os_version_detail.rb | 287 + .../models/system_provision_metadata.rb | 206 + .../system_provision_metadata_provisioner.rb | 251 + .../lib/jcapiv1/models/system_secure_login.rb | 215 + .../models/system_service_account_state.rb | 224 + .../lib/jcapiv1/models/system_sshd_params.rb | 82 +- .../jcapiv1/models/system_system_insights.rb | 83 +- .../lib/jcapiv1/models/system_user_metrics.rb | 242 + jcapiv1/lib/jcapiv1/models/systemput.rb | 114 +- .../models/systemput_agent_bound_messages.rb | 78 +- jcapiv1/lib/jcapiv1/models/systemslist.rb | 84 +- jcapiv1/lib/jcapiv1/models/systemuser.rb | 827 - .../lib/jcapiv1/models/systemuserbinding.rb | 179 - .../jcapiv1/models/systemuserbindingsput.rb | 213 - jcapiv1/lib/jcapiv1/models/systemuserput.rb | 571 +- .../jcapiv1/models/systemuserput_addresses.rb | 242 +- .../models/systemuserput_attributes.rb | 215 + .../models/systemuserput_phone_numbers.rb | 114 +- .../models/systemuserput_relationships.rb | 215 + .../lib/jcapiv1/models/systemuserputpost.rb | 415 +- .../models/systemuserputpost_addresses.rb | 114 +- .../models/systemuserputpost_phone_numbers.rb | 82 +- .../systemuserputpost_recovery_email.rb | 206 + .../lib/jcapiv1/models/systemuserreturn.rb | 669 +- .../models/systemuserreturn_addresses.rb | 246 +- .../models/systemuserreturn_phone_numbers.rb | 118 +- .../models/systemuserreturn_recovery_email.rb | 224 + jcapiv1/lib/jcapiv1/models/systemuserslist.rb | 84 +- jcapiv1/lib/jcapiv1/models/tag.rb | 296 - jcapiv1/lib/jcapiv1/models/tagpost.rb | 283 - jcapiv1/lib/jcapiv1/models/tagput.rb | 278 - jcapiv1/lib/jcapiv1/models/tagslist.rb | 201 - .../lib/jcapiv1/models/totpenrollmentinfo.rb | 207 + jcapiv1/lib/jcapiv1/models/triggerreturn.rb | 208 + .../jcapiv1/models/trustedapp_config_get.rb | 230 + .../trustedapp_config_get_trusted_apps.rb | 233 + .../jcapiv1/models/trustedapp_config_put.rb | 215 + jcapiv1/lib/jcapiv1/models/userput.rb | 260 + jcapiv1/lib/jcapiv1/models/userreturn.rb | 377 + .../jcapiv1/models/userreturn_growth_data.rb | 219 + .../lib/jcapiv1/models/usersystembinding.rb | 179 - .../jcapiv1/models/usersystembindingsput.rb | 213 - jcapiv1/lib/jcapiv1/version.rb | 11 +- .../api/application_templates_api_spec.rb | 33 +- jcapiv1/spec/api/applications_api_spec.rb | 39 +- jcapiv1/spec/api/command_results_api_spec.rb | 33 +- jcapiv1/spec/api/command_triggers_api_spec.rb | 18 +- jcapiv1/spec/api/commands_api_spec.rb | 82 +- .../api/managed_service_provider_api_spec.rb | 90 + jcapiv1/spec/api/organizations_api_spec.rb | 47 +- jcapiv1/spec/api/radius_servers_api_spec.rb | 57 +- jcapiv1/spec/api/search_api_spec.rb | 71 +- jcapiv1/spec/api/systems_api_spec.rb | 127 +- jcapiv1/spec/api/systemusers_api_spec.rb | 159 +- jcapiv1/spec/api/tags_api_spec.rb | 115 - jcapiv1/spec/api/users_api_spec.rb | 72 + jcapiv1/spec/api_client_spec.rb | 77 +- jcapiv1/spec/base_object_spec.rb | 109 + jcapiv1/spec/configuration_spec.rb | 25 +- .../models/application_config_acs_url_spec.rb | 38 +- ...application_config_acs_url_tooltip_spec.rb | 14 +- ...n_config_acs_url_tooltip_variables_spec.rb | 14 +- ...ication_config_constant_attributes_spec.rb | 28 +- ...n_config_constant_attributes_value_spec.rb | 20 +- ...ication_config_database_attributes_spec.rb | 12 +- .../application_config_sign_assertion_spec.rb | 82 + .../spec/models/application_config_spec.rb | 36 +- jcapiv1/spec/models/application_logo_spec.rb | 50 + jcapiv1/spec/models/application_spec.rb | 74 +- jcapiv1/spec/models/applicationslist_spec.rb | 20 +- .../models/applicationtemplate_jit_spec.rb | 14 +- .../models/applicationtemplate_logo_spec.rb | 40 + .../models/applicationtemplate_oidc_spec.rb | 66 + .../applicationtemplate_provision_spec.rb | 52 + .../spec/models/applicationtemplate_spec.rb | 88 +- .../models/applicationtemplateslist_spec.rb | 14 +- jcapiv1/spec/models/body_1_spec.rb | 48 - jcapiv1/spec/models/body_spec.rb | 76 - jcapiv1/spec/models/command_spec.rb | 64 +- .../models/commandfilereturn_results_spec.rb | 16 +- jcapiv1/spec/models/commandfilereturn_spec.rb | 14 +- .../commandresult_response_data_spec.rb | 14 +- .../models/commandresult_response_spec.rb | 16 +- jcapiv1/spec/models/commandresult_spec.rb | 38 +- .../models/commandresultslist_results_spec.rb | 100 + .../spec/models/commandresultslist_spec.rb | 14 +- .../spec/models/commandslist_results_spec.rb | 30 +- jcapiv1/spec/models/commandslist_spec.rb | 14 +- jcapiv1/spec/models/error_details_spec.rb | 58 + jcapiv1/spec/models/error_spec.rb | 52 + jcapiv1/spec/models/errorresponse_spec.rb | 42 - jcapiv1/spec/models/fde_spec.rb | 14 +- jcapiv1/spec/models/id_resetmfa_body_spec.rb | 52 + .../spec/models/inline_response_200_spec.rb | 46 + .../spec/models/inline_response_412_spec.rb | 40 + jcapiv1/spec/models/mfa_enrollment_spec.rb | 58 + .../spec/models/mfa_enrollment_status_spec.rb | 34 + jcapiv1/spec/models/mfa_spec.rb | 22 +- jcapiv1/spec/models/organization_spec.rb | 112 + ...onentitlement_entitlement_products_spec.rb | 82 + .../models/organizationentitlement_spec.rb | 58 + .../spec/models/organizations_id_body_spec.rb | 40 + ...eatures_directory_insights_premium_spec.rb | 52 + ...ttings_features_directory_insights_spec.rb | 40 + .../organizationsettings_features_spec.rb | 52 + ...nsettings_features_system_insights_spec.rb | 70 + ...ngs_new_system_user_state_defaults_spec.rb | 64 + ...ganizationsettings_password_policy_spec.rb | 190 + .../spec/models/organizationsettings_spec.rb | 218 + .../organizationsettings_user_portal_spec.rb | 40 + .../organizationsettings_windows_mdm_spec.rb | 46 + ...put_new_system_user_state_defaults_spec.rb | 64 + ...izationsettingsput_password_policy_spec.rb | 172 + .../models/organizationsettingsput_spec.rb | 170 + .../models/organizationslist_results_spec.rb | 16 +- jcapiv1/spec/models/organizationslist_spec.rb | 14 +- jcapiv1/spec/models/radiusserver_spec.rb | 72 +- jcapiv1/spec/models/radiusserverpost_spec.rb | 66 +- jcapiv1/spec/models/radiusserverput_spec.rb | 66 +- .../spec/models/radiusservers_id_body_spec.rb | 104 + jcapiv1/spec/models/radiusserverslist_spec.rb | 14 +- jcapiv1/spec/models/run_command_body_spec.rb | 46 + jcapiv1/spec/models/search_spec.rb | 16 +- jcapiv1/spec/models/sshkeylist_spec.rb | 18 +- jcapiv1/spec/models/sshkeypost_spec.rb | 14 +- jcapiv1/spec/models/sso_spec.rb | 88 + .../spec/models/state_activate_body_spec.rb | 40 + .../models/system_built_in_commands_spec.rb | 54 + .../spec/models/system_domain_info_spec.rb | 46 + .../spec/models/system_mdm_internal_spec.rb | 46 + jcapiv1/spec/models/system_mdm_spec.rb | 90 + .../spec/models/system_mdm_windows_spec.rb | 40 + .../models/system_network_interfaces_spec.rb | 22 +- .../models/system_os_version_detail_spec.rb | 94 + ...tem_provision_metadata_provisioner_spec.rb | 50 + .../models/system_provision_metadata_spec.rb | 40 + .../spec/models/system_secure_login_spec.rb | 46 + .../system_service_account_state_spec.rb | 52 + jcapiv1/spec/models/system_spec.rb | 166 +- .../spec/models/system_sshd_params_spec.rb | 14 +- .../models/system_system_insights_spec.rb | 20 +- .../spec/models/system_user_metrics_spec.rb | 64 + .../systemput_agent_bound_messages_spec.rb | 12 +- jcapiv1/spec/models/systemput_spec.rb | 24 +- jcapiv1/spec/models/systemslist_spec.rb | 14 +- jcapiv1/spec/models/systemuser_spec.rb | 282 - jcapiv1/spec/models/systemuserbinding_spec.rb | 36 - .../spec/models/systemuserbindingsput_spec.rb | 48 - .../models/systemuserput_addresses_spec.rb | 26 +- .../models/systemuserput_attributes_spec.rb | 46 + .../systemuserput_phone_numbers_spec.rb | 14 +- .../systemuserput_relationships_spec.rb | 46 + jcapiv1/spec/models/systemuserput_spec.rb | 124 +- .../systemuserputpost_addresses_spec.rb | 26 +- .../systemuserputpost_phone_numbers_spec.rb | 14 +- .../systemuserputpost_recovery_email_spec.rb | 40 + jcapiv1/spec/models/systemuserputpost_spec.rb | 132 +- .../models/systemuserreturn_addresses_spec.rb | 28 +- .../systemuserreturn_phone_numbers_spec.rb | 16 +- .../systemuserreturn_recovery_email_spec.rb | 52 + jcapiv1/spec/models/systemuserreturn_spec.rb | 170 +- jcapiv1/spec/models/systemuserslist_spec.rb | 14 +- jcapiv1/spec/models/tag_spec.rb | 108 - jcapiv1/spec/models/tagpost_spec.rb | 96 - jcapiv1/spec/models/tagput_spec.rb | 96 - jcapiv1/spec/models/tagslist_spec.rb | 48 - .../spec/models/totpenrollmentinfo_spec.rb | 40 + jcapiv1/spec/models/triggerreturn_spec.rb | 40 + .../spec/models/trustedapp_config_get_spec.rb | 46 + ...trustedapp_config_get_trusted_apps_spec.rb | 52 + .../spec/models/trustedapp_config_put_spec.rb | 40 + jcapiv1/spec/models/userput_spec.rb | 76 + .../models/userreturn_growth_data_spec.rb | 46 + jcapiv1/spec/models/userreturn_spec.rb | 154 + jcapiv1/spec/models/usersystembinding_spec.rb | 36 - .../spec/models/usersystembindingsput_spec.rb | 48 - jcapiv1/spec/spec_helper.rb | 9 +- jcapiv2/.gitignore | 2 +- jcapiv2/.rubocop.yml | 154 + jcapiv2/.swagger-codegen/VERSION | 2 +- jcapiv2/Gemfile | 4 +- jcapiv2/README.md | 13179 +++++++++++++++- jcapiv2/docs/ADE.md | 11 + jcapiv2/docs/ADES.md | 8 + ...eDirectoryOutput.md => ActiveDirectory.md} | 5 +- ...eListOutput.md => ActiveDirectoryAgent.md} | 3 +- ...etOutput.md => ActiveDirectoryAgentGet.md} | 8 +- jcapiv2/docs/ActiveDirectoryAgentList.md | 12 + jcapiv2/docs/ActiveDirectoryApi.md | 354 +- jcapiv2/docs/ActiveDirectoryInput.md | 8 - ...stemuserputpostAddresses.md => Address.md} | 4 +- jcapiv2/docs/Administrator.md | 5 +- jcapiv2/docs/AdministratorOrganizationLink.md | 8 + .../docs/AdministratorOrganizationLinkReq.md | 7 + jcapiv2/docs/AdministratorsApi.md | 237 + ...etingAlertConfigurationListRecordsItems.md | 18 + ...etingAlertConfigurationListRecordsItems.md | 14 + jcapiv2/docs/AllOfPwmAllUsersResultsItems.md | 24 + .../docs/AllOfPwmItemsMetadataResultsItems.md | 18 + ...etingAlertConfigurationListRecordsItems.md | 17 + .../docs/AnyValue.md | 3 +- jcapiv2/docs/AppleMDM.md | 12 +- jcapiv2/docs/AppleMDMApi.md | 948 +- jcapiv2/docs/AppleMdmDevice.md | 16 + jcapiv2/docs/AppleMdmDeviceInfo.md | 19 + jcapiv2/docs/AppleMdmDeviceSecurityInfo.md | 11 + jcapiv2/docs/AppleMdmPatch.md | 15 + jcapiv2/docs/AppleMdmPatchInput.md | 9 - jcapiv2/docs/AppleMdmPublicKeyCert.md | 6 + jcapiv2/docs/AppleMdmSignedCsrPlist.md | 6 + jcapiv2/docs/ApplicationIdLogoBody.md | 7 + jcapiv2/docs/ApplicationsApi.md | 391 +- .../docs/Apps.md | 3 +- jcapiv2/docs/AppsInner.md | 8 + jcapiv2/docs/AuthInfo.md | 1 - jcapiv2/docs/AuthInput.md | 1 - jcapiv2/docs/AuthInputObject.md | 1 - jcapiv2/docs/AuthenticationPoliciesApi.md | 302 + jcapiv2/docs/AuthinputBasic.md | 1 - jcapiv2/docs/AuthinputOauth.md | 1 - jcapiv2/docs/AuthnPolicy.md | 14 + jcapiv2/docs/AuthnPolicyEffect.md | 8 + jcapiv2/docs/AuthnPolicyObligations.md | 9 + ...icyObligationsExternalIdentityProvider.md} | 4 +- jcapiv2/docs/AuthnPolicyObligationsMfa.md | 7 + .../AuthnPolicyObligationsUserVerification.md | 7 + jcapiv2/docs/AuthnPolicyResourceTarget.md | 8 + jcapiv2/docs/AuthnPolicyTargets.md | 10 + jcapiv2/docs/AuthnPolicyType.md | 6 + .../docs/AuthnPolicyUserAttributeFilter.md | 9 + .../docs/AuthnPolicyUserAttributeTarget.md | 8 + jcapiv2/docs/AuthnPolicyUserGroupTarget.md | 8 + jcapiv2/docs/AuthnPolicyUserTarget.md | 7 + jcapiv2/docs/AutotaskCompany.md | 8 + jcapiv2/docs/AutotaskCompanyResp.md | 8 + jcapiv2/docs/AutotaskCompanyTypeResp.md | 8 + jcapiv2/docs/AutotaskContract.md | 9 + jcapiv2/docs/AutotaskContractField.md | 8 + jcapiv2/docs/AutotaskContractFieldValues.md | 8 + jcapiv2/docs/AutotaskIntegration.md | 9 + jcapiv2/docs/AutotaskIntegrationPatchReq.md | 8 + jcapiv2/docs/AutotaskIntegrationReq.md | 8 + jcapiv2/docs/AutotaskMappingRequest.md | 7 + jcapiv2/docs/AutotaskMappingRequestCompany.md | 8 + .../docs/AutotaskMappingRequestContract.md | 6 + jcapiv2/docs/AutotaskMappingRequestData.md | 11 + .../AutotaskMappingRequestOrganization.md | 8 + jcapiv2/docs/AutotaskMappingRequestService.md | 6 + jcapiv2/docs/AutotaskMappingResponse.md | 12 + .../docs/AutotaskMappingResponseCompany.md | 8 + .../docs/AutotaskMappingResponseContract.md | 8 + .../AutotaskMappingResponseOrganization.md | 8 + .../docs/AutotaskMappingResponseService.md | 9 + jcapiv2/docs/AutotaskService.md | 9 + jcapiv2/docs/AutotaskSettings.md | 8 + jcapiv2/docs/AutotaskSettingsPatchReq.md | 8 + .../AutotaskTicketingAlertConfiguration.md | 18 + ...AutotaskTicketingAlertConfigurationList.md | 7 + ...totaskTicketingAlertConfigurationOption.md | 8 + ...TicketingAlertConfigurationOptionValues.md | 8 + ...otaskTicketingAlertConfigurationOptions.md | 8 + ...askTicketingAlertConfigurationPriority.md} | 3 +- ...otaskTicketingAlertConfigurationRequest.md | 14 + ...taskTicketingAlertConfigurationResource.md | 9 + jcapiv2/docs/BillingIntegrationCompanyType.md | 8 + jcapiv2/docs/Body.md | 8 - jcapiv2/docs/BulkJobRequestsApi.md | 376 +- .../docs/BulkScheduledStatechangeCreate.md | 11 + jcapiv2/docs/BulkUserCreate.md | 1 - jcapiv2/docs/BulkUserExpire.md | 9 + jcapiv2/docs/BulkUserUnlock.md | 9 + jcapiv2/docs/BulkUserUpdate.md | 4 +- jcapiv2/docs/CasesResponse.md | 8 + jcapiv2/docs/CommandResultList.md | 8 + jcapiv2/docs/CommandResultListResults.md | 11 + jcapiv2/docs/CommandResultsApi.md | 68 + jcapiv2/docs/CommandsApi.md | 215 +- jcapiv2/docs/CommandsGraphObjectWithPaths.md | 19 + jcapiv2/docs/ConfiguredPolicyTemplate.md | 10 + jcapiv2/docs/ConfiguredPolicyTemplateValue.md | 9 + jcapiv2/docs/ConnectWiseMappingRequest.md | 7 + .../docs/ConnectWiseMappingRequestCompany.md | 8 + jcapiv2/docs/ConnectWiseMappingRequestData.md | 11 + .../ConnectWiseMappingRequestOrganization.md | 8 + jcapiv2/docs/ConnectWiseMappingResponse.md | 12 + .../ConnectWiseMappingResponseAddition.md | 8 + jcapiv2/docs/ConnectWiseSettings.md | 8 + jcapiv2/docs/ConnectWiseSettingsPatchReq.md | 8 + .../ConnectWiseTicketingAlertConfiguration.md | 14 + ...nectWiseTicketingAlertConfigurationList.md | 7 + ...ctWiseTicketingAlertConfigurationOption.md | 8 + ...tWiseTicketingAlertConfigurationOptions.md | 7 + ...tWiseTicketingAlertConfigurationRequest.md | 10 + jcapiv2/docs/ConnectwiseAddition.md | 8 + jcapiv2/docs/ConnectwiseAgreement.md | 9 + jcapiv2/docs/ConnectwiseCompany.md | 8 + jcapiv2/docs/ConnectwiseCompanyResp.md | 8 + jcapiv2/docs/ConnectwiseCompanyTypeResp.md | 8 + jcapiv2/docs/ConnectwiseIntegration.md | 10 + .../docs/ConnectwiseIntegrationPatchReq.md | 10 + jcapiv2/docs/ConnectwiseIntegrationReq.md | 10 + jcapiv2/docs/CreateOrganization.md | 8 + jcapiv2/docs/CustomEmail.md | 14 + jcapiv2/docs/CustomEmailTemplate.md | 10 + jcapiv2/docs/CustomEmailTemplateField.md | 10 + jcapiv2/docs/CustomEmailType.md | 6 + jcapiv2/docs/CustomEmailsApi.md | 285 + jcapiv2/docs/DEP.md | 9 + jcapiv2/docs/DEPSetupAssistantOption.md | 7 + jcapiv2/docs/DEPWelcomeScreen.md | 9 + jcapiv2/docs/DefaultApi.md | 284 - ...dgelistoutputInner.md => DefaultDomain.md} | 4 +- jcapiv2/docs/DeviceIdEraseBody.md | 7 + jcapiv2/docs/DeviceIdLockBody.md | 7 + jcapiv2/docs/DeviceIdResetpasswordBody.md | 8 + jcapiv2/docs/DeviceIdRestartBody.md | 7 + jcapiv2/docs/DevicePackageV1Device.md | 14 + .../DevicePackageV1ListDevicesResponse.md | 8 + ...sGetSignInWithJumpCloudSettingsResponse.md | 8 + ...esSetSignInWithJumpCloudSettingsRequest.md | 8 + .../docs/DevicesSignInWithJumpCloudSetting.md | 9 + ...vicesSignInWithJumpCloudSettingOSFamily.md | 6 + ...cesSignInWithJumpCloudSettingPermission.md | 6 + jcapiv2/docs/DirectoriesApi.md | 22 +- jcapiv2/docs/Directory.md | 3 +- ...ntProfile.md => DirectoryDefaultDomain.md} | 5 +- jcapiv2/docs/DuoAccount.md | 1 - jcapiv2/docs/DuoApi.md | 190 +- jcapiv2/docs/DuoApplication.md | 1 - jcapiv2/docs/DuoApplicationReq.md | 1 - jcapiv2/docs/DuoApplicationUpdateReq.md | 7 +- jcapiv2/docs/DuoRegistrationApplication.md | 10 - jcapiv2/docs/DuoRegistrationApplicationReq.md | 8 - jcapiv2/docs/Emailrequest.md | 8 - jcapiv2/docs/EnterprisesEnterpriseIdBody.md | 8 + jcapiv2/docs/Error.md | 7 +- jcapiv2/docs/ErrorDetails.md | 10 + jcapiv2/docs/Errorresponse.md | 8 - jcapiv2/docs/FdeApi.md | 11 +- jcapiv2/docs/Feature.md | 7 + jcapiv2/docs/FeatureTrialData.md | 8 + jcapiv2/docs/FeatureTrialsApi.md | 61 + jcapiv2/docs/Filter.md | 9 + jcapiv2/docs/FilterQuery.md | 8 + jcapiv2/docs/GSuiteApi.md | 519 +- jcapiv2/docs/GSuiteBuiltinTranslation.md | 1 - jcapiv2/docs/GSuiteDirectionTranslation.md | 6 + jcapiv2/docs/GSuiteImportApi.md | 139 + jcapiv2/docs/GSuiteTranslationRule.md | 2 +- jcapiv2/docs/GSuiteTranslationRuleRequest.md | 2 +- jcapiv2/docs/GoogleEMMApi.md | 832 + jcapiv2/docs/GoogleProtobufAny.md | 6 + jcapiv2/docs/GoogleRpcStatus.md | 9 + jcapiv2/docs/GraphApi.md | 2970 ++-- jcapiv2/docs/GraphAttributeLdapGroups.md | 7 + jcapiv2/docs/GraphAttributePosixGroups.md | 7 + .../GraphAttributePosixGroupsPosixGroups.md | 8 + jcapiv2/docs/GraphAttributeRadius.md | 7 + jcapiv2/docs/GraphAttributeRadiusRadius.md | 7 + .../docs/GraphAttributeRadiusRadiusReply.md | 8 + jcapiv2/docs/GraphAttributeSambaEnabled.md | 7 + jcapiv2/docs/GraphAttributeSudo.md | 7 + jcapiv2/docs/GraphAttributeSudoSudo.md | 8 + jcapiv2/docs/GraphAttributes.md | 6 + jcapiv2/docs/GraphConnection.md | 2 +- jcapiv2/docs/GraphObject.md | 2 +- jcapiv2/docs/GraphObjectWithPaths.md | 2 +- ...raphManagementReq.md => GraphOperation.md} | 4 +- jcapiv2/docs/GraphOperationActiveDirectory.md | 10 + jcapiv2/docs/GraphOperationApplication.md | 10 + jcapiv2/docs/GraphOperationCommand.md | 10 + jcapiv2/docs/GraphOperationGSuite.md | 10 + jcapiv2/docs/GraphOperationLdapServer.md | 10 + jcapiv2/docs/GraphOperationOffice365.md | 10 + ...nagementReq.md => GraphOperationPolicy.md} | 7 +- jcapiv2/docs/GraphOperationPolicyGroup.md | 10 + ....md => GraphOperationPolicyGroupMember.md} | 7 +- jcapiv2/docs/GraphOperationRadiusServer.md | 10 + jcapiv2/docs/GraphOperationSoftwareApp.md | 10 + jcapiv2/docs/GraphOperationSystem.md | 10 + jcapiv2/docs/GraphOperationSystemGroup.md | 10 + .../docs/GraphOperationSystemGroupMember.md | 10 + ...ManagementReq.md => GraphOperationUser.md} | 6 +- jcapiv2/docs/GraphOperationUserGroup.md | 10 + ...eq.md => GraphOperationUserGroupMember.md} | 6 +- jcapiv2/docs/GraphType.md | 1 - jcapiv2/docs/Group.md | 4 +- jcapiv2/docs/GroupAttributesUserGroup.md | 11 + jcapiv2/docs/GroupIdSuggestionsBody.md | 7 + jcapiv2/docs/GroupIdSuggestionsBody1.md | 7 + jcapiv2/docs/GroupMembershipMethodType.md | 6 + jcapiv2/docs/GroupPwm.md | 13 + jcapiv2/docs/GroupType.md | 1 - jcapiv2/docs/Groups.md | 6 + jcapiv2/docs/GroupsApi.md | 28 +- jcapiv2/docs/GroupsInner.md | 8 + jcapiv2/docs/{GsuiteOutput.md => Gsuite.md} | 6 +- .../{JcEnrollmentProfile.md => IPList.md} | 8 +- jcapiv2/docs/IPListRequest.md | 9 + jcapiv2/docs/IPListsApi.md | 361 + jcapiv2/docs/ImageApi.md | 63 + jcapiv2/docs/ImportOperation.md | 6 + jcapiv2/docs/ImportUser.md | 24 + jcapiv2/docs/ImportUserAddress.md | 12 + jcapiv2/docs/ImportUserPhoneNumber.md | 8 + jcapiv2/docs/ImportUsersRequest.md | 9 + jcapiv2/docs/ImportUsersResponse.md | 8 + jcapiv2/docs/InlineResponse200.md | 7 +- jcapiv2/docs/InlineResponse2001.md | 5 +- jcapiv2/docs/InlineResponse20010.md | 8 + jcapiv2/docs/InlineResponse20011.md | 10 + jcapiv2/docs/InlineResponse20012.md | 9 + jcapiv2/docs/InlineResponse20012Users.md | 10 + jcapiv2/docs/InlineResponse20013.md | 8 + jcapiv2/docs/InlineResponse20014.md | 8 + jcapiv2/docs/InlineResponse20015.md | 8 + jcapiv2/docs/InlineResponse2002.md | 8 + jcapiv2/docs/InlineResponse2002Users.md | 11 + jcapiv2/docs/InlineResponse2003.md | 8 + jcapiv2/docs/InlineResponse2004.md | 8 + jcapiv2/docs/InlineResponse2005.md | 8 + jcapiv2/docs/InlineResponse2006.md | 8 + jcapiv2/docs/InlineResponse2007.md | 8 + jcapiv2/docs/InlineResponse2008.md | 8 + jcapiv2/docs/InlineResponse2009.md | 8 + jcapiv2/docs/InlineResponse201.md | 4 +- jcapiv2/docs/InlineResponse400.md | 1 - jcapiv2/docs/InstallActionType.md | 6 + jcapiv2/docs/Integration.md | 8 + jcapiv2/docs/IntegrationSyncError.md | 10 + jcapiv2/docs/IntegrationSyncErrorResp.md | 8 + jcapiv2/docs/IntegrationType.md | 6 + jcapiv2/docs/IntegrationsResponse.md | 8 + jcapiv2/docs/JobDetails.md | 15 - jcapiv2/docs/JobId.md | 1 - jcapiv2/docs/JobWorkresult.md | 7 +- jcapiv2/docs/JumpcloudGappsDomain.md | 10 + .../docs/JumpcloudGappsDomainListResponse.md | 8 + jcapiv2/docs/JumpcloudGappsDomainResponse.md | 7 + .../JumpcloudGoogleEmmAllowPersonalUsage.md | 6 + .../docs/JumpcloudGoogleEmmCommandResponse.md | 6 + ...umpcloudGoogleEmmCommonCriteriaModeInfo.md | 7 + .../JumpcloudGoogleEmmConnectionStatus.md | 9 + ...udGoogleEmmCreateEnrollmentTokenRequest.md | 11 + ...dGoogleEmmCreateEnrollmentTokenResponse.md | 12 + ...mpcloudGoogleEmmCreateEnterpriseRequest.md | 8 + ...JumpcloudGoogleEmmCreateWebTokenRequest.md | 9 + jcapiv2/docs/JumpcloudGoogleEmmDevice.md | 9 + .../JumpcloudGoogleEmmDeviceAndroidPolicy.md | 7 + jcapiv2/docs/JumpcloudGoogleEmmDeviceData.md | 8 + .../JumpcloudGoogleEmmDeviceInformation.md | 12 + .../docs/JumpcloudGoogleEmmDeviceSettings.md | 13 + .../docs/JumpcloudGoogleEmmDeviceStateInfo.md | 15 + .../JumpcloudGoogleEmmEMMEnrollmentInfo.md | 13 + jcapiv2/docs/JumpcloudGoogleEmmEnterprise.md | 14 + jcapiv2/docs/JumpcloudGoogleEmmFeature.md | 6 + .../docs/JumpcloudGoogleEmmHardwareInfo.md | 12 + .../JumpcloudGoogleEmmListDevicesResponse.md | 8 + ...mpcloudGoogleEmmListEnterprisesResponse.md | 8 + jcapiv2/docs/JumpcloudGoogleEmmMemoryInfo.md | 8 + jcapiv2/docs/JumpcloudGoogleEmmNetworkInfo.md | 10 + .../docs/JumpcloudGoogleEmmSecurityPosture.md | 7 + jcapiv2/docs/JumpcloudGoogleEmmSignupURL.md | 8 + .../docs/JumpcloudGoogleEmmSoftwareInfo.md | 16 + .../JumpcloudGoogleEmmSystemUpdateInfo.md | 8 + .../docs/JumpcloudGoogleEmmTelephonyInfo.md | 8 + jcapiv2/docs/JumpcloudGoogleEmmWebToken.md | 8 + .../docs/JumpcloudMspGetDetailsResponse.md | 10 + jcapiv2/docs/JumpcloudMspProduct.md | 10 + ...loudPackageValidatorApplePackageDetails.md | 15 + ...alidateApplicationInstallPackageRequest.md | 7 + ...lidateApplicationInstallPackageResponse.md | 7 + jcapiv2/docs/KnowledgeApi.md | 72 - jcapiv2/docs/LDAPServersApi.md | 175 +- .../docs/{ProviderContact.md => LdapGroup.md} | 4 +- .../{LdapServerOutput.md => LdapServer.md} | 9 +- jcapiv2/docs/LdapServerAction.md | 1 - jcapiv2/docs/LdapServerInput.md | 10 - .../docs/{Body3.md => LdapserversIdBody.md} | 3 +- jcapiv2/docs/LogosApi.md | 54 + jcapiv2/docs/ManagedServiceProviderApi.md | 1141 ++ jcapiv2/docs/MemberSuggestion.md | 8 + jcapiv2/docs/MemberSuggestionsPostResult.md | 8 + jcapiv2/docs/Mobileconfig.md | 1 - jcapiv2/docs/ModelCase.md | 15 + jcapiv2/docs/O365Domain.md | 10 + jcapiv2/docs/O365DomainResponse.md | 7 + jcapiv2/docs/O365DomainsListResponse.md | 8 + jcapiv2/docs/OSRestriction.md | 11 + .../docs/OSRestrictionAppleRestrictions.md | 8 + jcapiv2/docs/ObjectStorageItem.md | 8 + jcapiv2/docs/ObjectStorageVersion.md | 13 + .../{GsuitePatchInput.md => Office365.md} | 7 +- jcapiv2/docs/Office365Api.md | 530 +- jcapiv2/docs/Office365BuiltinTranslation.md | 1 - jcapiv2/docs/Office365DirectionTranslation.md | 6 + jcapiv2/docs/Office365IdDomainsBody.md | 7 + jcapiv2/docs/Office365ImportApi.md | 76 + jcapiv2/docs/Office365TranslationRule.md | 2 +- .../docs/Office365TranslationRuleRequest.md | 2 +- jcapiv2/docs/OrgCryptoSettings.md | 8 - jcapiv2/docs/Organization.md | 9 + jcapiv2/docs/OrganizationsApi.md | 236 +- jcapiv2/docs/OrgcryptosettingsSshKeys.md | 10 - jcapiv2/docs/PasswordManagerApi.md | 122 + jcapiv2/docs/PasswordsSecurity.md | 10 + ...rputpostPhoneNumbers.md => PhoneNumber.md} | 4 +- jcapiv2/docs/PoliciesApi.md | 467 +- jcapiv2/docs/Policy.md | 1 - jcapiv2/docs/PolicyGroup.md | 12 + jcapiv2/docs/PolicyGroupAssociationsApi.md | 254 + jcapiv2/docs/PolicyGroupData.md | 7 + .../docs/PolicyGroupMembersMembershipApi.md | 191 + jcapiv2/docs/PolicyGroupTemplate.md | 10 + ...{Body1.md => PolicyGroupTemplateMember.md} | 7 +- jcapiv2/docs/PolicyGroupTemplateMembers.md | 8 + jcapiv2/docs/PolicyGroupTemplates.md | 8 + jcapiv2/docs/PolicyGroupTemplatesApi.md | 367 + jcapiv2/docs/PolicyGroupsApi.md | 733 + jcapiv2/docs/PolicyRequest.md | 2 +- jcapiv2/docs/PolicyRequestTemplate.md | 1 - jcapiv2/docs/PolicyResult.md | 1 - jcapiv2/docs/PolicyTemplate.md | 7 +- jcapiv2/docs/PolicyTemplateConfigField.md | 7 +- .../docs/PolicyTemplateConfigFieldTooltip.md | 1 - ...licyTemplateConfigFieldTooltipVariables.md | 1 - jcapiv2/docs/PolicyTemplateWithDetails.md | 2 +- jcapiv2/docs/PolicyValue.md | 3 +- jcapiv2/docs/PolicyWithDetails.md | 2 +- jcapiv2/docs/PolicytemplatesApi.md | 48 +- jcapiv2/docs/Provider.md | 5 +- jcapiv2/docs/ProviderAdminReq.md | 4 +- jcapiv2/docs/ProviderInvoice.md | 13 + jcapiv2/docs/ProviderInvoiceResponse.md | 8 + jcapiv2/docs/ProvidersApi.md | 3714 ++++- jcapiv2/docs/PushEndpointResponse.md | 12 + jcapiv2/docs/PushEndpointResponseDevice.md | 12 + ....md => PushendpointsPushEndpointIdBody.md} | 5 +- jcapiv2/docs/PwmAllUsers.md | 8 + jcapiv2/docs/PwmCloudBackupRestores.md | 8 + jcapiv2/docs/PwmItemHistory.md | 10 + jcapiv2/docs/PwmItemsCountByType.md | 8 + jcapiv2/docs/PwmItemsMetadata.md | 9 + jcapiv2/docs/PwmOverviewAppVersions.md | 8 + jcapiv2/docs/PwmOverviewAppVersionsResults.md | 8 + jcapiv2/docs/PwmOverviewMain.md | 16 + jcapiv2/docs/PwmOverviewMainDevices.md | 9 + jcapiv2/docs/PwmUser.md | 20 + jcapiv2/docs/PwmUserById.md | 24 + jcapiv2/docs/PwmUserItem.md | 14 + jcapiv2/docs/PwmUserItems.md | 9 + jcapiv2/docs/PwmUserSharedFolders.md | 8 + jcapiv2/docs/PwmUserSharedFoldersResults.md | 15 + jcapiv2/docs/Query.md | 7 + jcapiv2/docs/QueuedCommandList.md | 8 + jcapiv2/docs/QueuedCommandListResults.md | 10 + jcapiv2/docs/RADIUSServersApi.md | 98 +- jcapiv2/docs/SCIMImportApi.md | 76 + .../{SambaDomainInput.md => SambaDomain.md} | 6 +- jcapiv2/docs/SambaDomainOutput.md | 10 - jcapiv2/docs/SambaDomainsApi.md | 112 +- jcapiv2/docs/ScheduleOSUpdate.md | 9 + jcapiv2/docs/ScheduledUserstateResult.md | 10 + jcapiv2/docs/SetupAssistantOption.md | 6 + jcapiv2/docs/SharedFolder.md | 14 + jcapiv2/docs/SharedFolderAccessLevels.md | 7 + .../docs/SharedFolderAccessLevelsResults.md | 9 + jcapiv2/docs/SharedFolderDetails.md | 18 + jcapiv2/docs/SharedFolderGroups.md | 8 + jcapiv2/docs/SharedFolderUsers.md | 8 + jcapiv2/docs/SharedFolderUsersResults.md | 16 + jcapiv2/docs/SharedFoldersList.md | 8 + jcapiv2/docs/SoftwareApp.md | 9 + jcapiv2/docs/SoftwareAppAppleVpp.md | 13 + jcapiv2/docs/SoftwareAppCreate.md | 10 + jcapiv2/docs/SoftwareAppGoogleAndroid.md | 27 + jcapiv2/docs/SoftwareAppPermissionGrants.md | 8 + jcapiv2/docs/SoftwareAppReclaimLicenses.md | 10 + jcapiv2/docs/SoftwareAppSettings.md | 26 + jcapiv2/docs/SoftwareAppStatus.md | 14 + jcapiv2/docs/SoftwareAppWithStatus.md | 8 + jcapiv2/docs/SoftwareAppsApi.md | 774 + .../SoftwareAppsRetryInstallationRequest.md | 7 + jcapiv2/docs/Sshkeylist.md | 11 - jcapiv2/docs/Subscription.md | 11 + jcapiv2/docs/SubscriptionsApi.md | 49 + jcapiv2/docs/SuggestionCounts.md | 9 + ...SyncroBillingMappingConfigurationOption.md | 8 + ...oBillingMappingConfigurationOptionValue.md | 9 + ...lingMappingConfigurationOptionValueLine.md | 8 + ...oBillingMappingConfigurationOptionsResp.md | 7 + jcapiv2/docs/SyncroCompany.md | 8 + jcapiv2/docs/SyncroCompanyResp.md | 8 + jcapiv2/docs/SyncroIntegration.md | 9 + jcapiv2/docs/SyncroIntegrationPatchReq.md | 8 + jcapiv2/docs/SyncroIntegrationReq.md | 8 + jcapiv2/docs/SyncroMappingRequest.md | 7 + ...ncroMappingRequestBillingConfigurations.md | 7 + ...ppingRequestBillingConfigurationsFields.md | 10 + ...stBillingConfigurationsFieldsLineItemId.md | 8 + ...BillingConfigurationsFieldsLineItemName.md | 8 + jcapiv2/docs/SyncroMappingRequestData.md | 10 + jcapiv2/docs/SyncroMappingResponse.md | 8 + jcapiv2/docs/SyncroSettings.md | 7 + jcapiv2/docs/SyncroSettingsPatchReq.md | 7 + .../docs/SyncroTicketingAlertConfiguration.md | 17 + .../SyncroTicketingAlertConfigurationList.md | 7 + ...SyncroTicketingAlertConfigurationOption.md | 8 + ...yncroTicketingAlertConfigurationOptions.md | 7 + ...yncroTicketingAlertConfigurationRequest.md | 13 + .../SystemGraphManagementReqAttributes.md | 8 - jcapiv2/docs/SystemGroup.md | 10 +- jcapiv2/docs/SystemGroupAssociationsApi.md | 211 +- jcapiv2/docs/SystemGroupData.md | 8 - .../docs/SystemGroupMembersMembershipApi.md | 152 +- jcapiv2/docs/SystemGroupMembersReq.md | 10 - jcapiv2/docs/SystemGroupPost.md | 14 + jcapiv2/docs/SystemGroupPut.md | 14 + jcapiv2/docs/SystemGroupsApi.md | 522 +- jcapiv2/docs/SystemInsightsAlf.md | 15 + jcapiv2/docs/SystemInsightsAlfExceptions.md | 10 + .../docs/SystemInsightsAlfExplicitAuths.md | 9 + jcapiv2/docs/SystemInsightsApi.md | 2662 ++-- jcapiv2/docs/SystemInsightsAppcompatShims.md | 14 + jcapiv2/docs/SystemInsightsApps.md | 3 +- jcapiv2/docs/SystemInsightsAuthorizedKeys.md | 12 + .../SystemInsightsAzureInstanceMetadata.md | 24 + .../docs/SystemInsightsAzureInstanceTags.md | 11 + jcapiv2/docs/SystemInsightsBattery.md | 3 +- jcapiv2/docs/SystemInsightsBitlockerInfo.md | 1 - jcapiv2/docs/SystemInsightsBrowserPlugins.md | 1 - jcapiv2/docs/SystemInsightsCertificates.md | 28 + jcapiv2/docs/SystemInsightsChassisInfo.md | 21 + .../docs/SystemInsightsChromeExtensions.md | 1 - jcapiv2/docs/SystemInsightsConnectivity.md | 17 + jcapiv2/docs/SystemInsightsCrashes.md | 3 +- .../docs/SystemInsightsCupsDestinations.md | 10 + jcapiv2/docs/SystemInsightsDiskEncryption.md | 1 - jcapiv2/docs/SystemInsightsDiskInfo.md | 1 - jcapiv2/docs/SystemInsightsDnsResolvers.md | 13 + jcapiv2/docs/SystemInsightsEtcHosts.md | 1 - jcapiv2/docs/SystemInsightsFirefoxAddons.md | 1 - jcapiv2/docs/SystemInsightsGroups.md | 1 - jcapiv2/docs/SystemInsightsIeExtensions.md | 1 - .../docs/SystemInsightsInterfaceAddresses.md | 1 - .../docs/SystemInsightsInterfaceDetails.md | 42 + jcapiv2/docs/SystemInsightsKernelInfo.md | 1 - jcapiv2/docs/SystemInsightsLaunchd.md | 1 - jcapiv2/docs/SystemInsightsLinuxPackages.md | 18 + jcapiv2/docs/SystemInsightsLoggedInUsers.md | 1 - ...vies.md => SystemInsightsLogicalDrives.md} | 3 +- jcapiv2/docs/SystemInsightsManagedPolicies.md | 14 + jcapiv2/docs/SystemInsightsMounts.md | 1 - jcapiv2/docs/SystemInsightsOsVersion.md | 1 - jcapiv2/docs/SystemInsightsPatches.md | 1 - jcapiv2/docs/SystemInsightsPrograms.md | 1 - jcapiv2/docs/SystemInsightsPythonPackages.md | 14 + .../docs/SystemInsightsSafariExtensions.md | 1 - jcapiv2/docs/SystemInsightsScheduledTasks.md | 17 + jcapiv2/docs/SystemInsightsSecureboot.md | 10 + jcapiv2/docs/SystemInsightsServices.md | 19 + jcapiv2/docs/SystemInsightsShadow.md | 18 + jcapiv2/docs/SystemInsightsSharedFolders.md | 10 + jcapiv2/docs/SystemInsightsSharedResources.md | 16 + .../docs/SystemInsightsSharingPreferences.md | 18 + jcapiv2/docs/SystemInsightsSipConfig.md | 11 + jcapiv2/docs/SystemInsightsStartupItems.md | 14 + jcapiv2/docs/SystemInsightsSystemControls.md | 1 - jcapiv2/docs/SystemInsightsSystemInfo.md | 1 - jcapiv2/docs/SystemInsightsTpmInfo.md | 17 + jcapiv2/docs/SystemInsightsUptime.md | 1 - jcapiv2/docs/SystemInsightsUsbDevices.md | 1 - jcapiv2/docs/SystemInsightsUserGroups.md | 1 - jcapiv2/docs/SystemInsightsUserSshKeys.md | 11 + jcapiv2/docs/SystemInsightsUserassist.md | 12 + jcapiv2/docs/SystemInsightsUsers.md | 7 +- jcapiv2/docs/SystemInsightsWifiNetworks.md | 20 + jcapiv2/docs/SystemInsightsWifiStatus.md | 21 + jcapiv2/docs/SystemInsightsWindowsCrashes.md | 28 - .../SystemInsightsWindowsSecurityCenter.md | 15 + .../SystemInsightsWindowsSecurityProducts.md | 14 + jcapiv2/docs/Systemfdekey.md | 1 - jcapiv2/docs/SystemsApi.md | 336 +- .../docs/SystemsOrganizationSettingsApi.md | 116 + jcapiv2/docs/Systemuser.md | 48 - jcapiv2/docs/Systemuserputpost.md | 45 - jcapiv2/docs/TicketingIntegrationAlert.md | 10 + .../docs/TicketingIntegrationAlertsResp.md | 7 + jcapiv2/docs/User.md | 19 + jcapiv2/docs/UserGroup.md | 10 +- jcapiv2/docs/UserGroupAssociationsApi.md | 268 +- jcapiv2/docs/UserGroupAttributes.md | 9 - jcapiv2/docs/UserGroupMembersMembershipApi.md | 148 +- jcapiv2/docs/UserGroupMembersReq.md | 10 - jcapiv2/docs/UserGroupPost.md | 9 +- jcapiv2/docs/UserGroupPut.md | 9 +- jcapiv2/docs/UserGroupsApi.md | 637 +- jcapiv2/docs/UsersApi.md | 539 +- jcapiv2/docs/WorkdayFields.md | 1 - jcapiv2/docs/WorkdayImportApi.md | 325 +- jcapiv2/docs/WorkdayInput.md | 1 - jcapiv2/docs/WorkdayOutput.md | 1 - jcapiv2/docs/WorkdayWorker.md | 1 - jcapiv2/docs/WorkdayoutputAuth.md | 1 - jcapiv2/jcapiv2.gemspec | 30 +- jcapiv2/lib/jcapiv2.rb | 446 +- .../lib/jcapiv2/api/active_directory_api.rb | 725 +- jcapiv2/lib/jcapiv2/api/administrators_api.rb | 266 + jcapiv2/lib/jcapiv2/api/apple_mdm_api.rb | 1258 +- jcapiv2/lib/jcapiv2/api/applications_api.rb | 576 +- .../api/authentication_policies_api.rb | 326 + .../lib/jcapiv2/api/bulk_job_requests_api.rb | 590 +- .../lib/jcapiv2/api/command_results_api.rb | 82 + jcapiv2/lib/jcapiv2/api/commands_api.rb | 379 +- jcapiv2/lib/jcapiv2/api/custom_emails_api.rb | 308 + jcapiv2/lib/jcapiv2/api/default_api.rb | 309 - jcapiv2/lib/jcapiv2/api/directories_api.rb | 68 +- jcapiv2/lib/jcapiv2/api/duo_api.rb | 488 +- jcapiv2/lib/jcapiv2/api/fde_api.rb | 42 +- jcapiv2/lib/jcapiv2/api/feature_trials_api.rb | 76 + jcapiv2/lib/jcapiv2/api/g_suite_api.rb | 881 +- jcapiv2/lib/jcapiv2/api/g_suite_import_api.rb | 165 + jcapiv2/lib/jcapiv2/api/google_emm_api.rb | 909 ++ jcapiv2/lib/jcapiv2/api/graph_api.rb | 5822 ++++--- jcapiv2/lib/jcapiv2/api/groups_api.rb | 75 +- jcapiv2/lib/jcapiv2/api/image_api.rb | 79 + jcapiv2/lib/jcapiv2/api/ip_lists_api.rb | 389 + jcapiv2/lib/jcapiv2/api/knowledge_api.rb | 91 - jcapiv2/lib/jcapiv2/api/ldap_servers_api.rb | 432 +- jcapiv2/lib/jcapiv2/api/logos_api.rb | 76 + .../api/managed_service_provider_api.rb | 1253 ++ jcapiv2/lib/jcapiv2/api/office365_api.rb | 850 +- .../lib/jcapiv2/api/office365_import_api.rb | 97 + jcapiv2/lib/jcapiv2/api/organizations_api.rb | 351 +- .../lib/jcapiv2/api/password_manager_api.rb | 137 + jcapiv2/lib/jcapiv2/api/policies_api.rb | 1014 +- .../api/policy_group_associations_api.rb | 289 + .../policy_group_members_membership_api.rb | 217 + .../jcapiv2/api/policy_group_templates_api.rb | 419 + jcapiv2/lib/jcapiv2/api/policy_groups_api.rb | 792 + .../lib/jcapiv2/api/policytemplates_api.rb | 127 +- jcapiv2/lib/jcapiv2/api/providers_api.rb | 4072 ++++- jcapiv2/lib/jcapiv2/api/radius_servers_api.rb | 252 +- jcapiv2/lib/jcapiv2/api/samba_domains_api.rb | 229 +- jcapiv2/lib/jcapiv2/api/scim_import_api.rb | 103 + jcapiv2/lib/jcapiv2/api/software_apps_api.rb | 841 + jcapiv2/lib/jcapiv2/api/subscriptions_api.rb | 70 + .../api/system_group_associations_api.rb | 446 +- .../system_group_members_membership_api.rb | 279 +- jcapiv2/lib/jcapiv2/api/system_groups_api.rb | 1093 +- .../lib/jcapiv2/api/system_insights_api.rb | 5183 +++--- jcapiv2/lib/jcapiv2/api/systems_api.rb | 615 +- .../api/systems_organization_settings_api.rb | 131 + .../api/user_group_associations_api.rb | 681 +- .../api/user_group_members_membership_api.rb | 279 +- jcapiv2/lib/jcapiv2/api/user_groups_api.rb | 1397 +- jcapiv2/lib/jcapiv2/api/users_api.rb | 1010 +- jcapiv2/lib/jcapiv2/api/workday_import_api.rb | 643 +- jcapiv2/lib/jcapiv2/api_client.rb | 105 +- jcapiv2/lib/jcapiv2/api_error.rb | 29 +- jcapiv2/lib/jcapiv2/configuration.rb | 18 +- .../lib/jcapiv2/models/active_directory.rb | 217 + .../jcapiv2/models/active_directory_agent.rb | 197 + .../models/active_directory_agent_get.rb | 301 + .../active_directory_agent_get_output.rb | 204 - .../models/active_directory_agent_input.rb | 179 - .../models/active_directory_agent_list.rb | 286 + .../active_directory_agent_list_output.rb | 231 - .../jcapiv2/models/active_directory_input.rb | 189 - .../jcapiv2/models/active_directory_output.rb | 204 - jcapiv2/lib/jcapiv2/models/address.rb | 278 + jcapiv2/lib/jcapiv2/models/ade.rb | 253 + jcapiv2/lib/jcapiv2/models/ades.rb | 215 + jcapiv2/lib/jcapiv2/models/administrator.rb | 138 +- .../models/administrator_organization_link.rb | 217 + .../administrator_organization_link_req.rb | 207 + ..._alert_configuration_list_records_items.rb | 339 + ..._alert_configuration_list_records_items.rb | 274 + .../all_of_pwm_all_users_results_items.rb | 383 + ...all_of_pwm_items_metadata_results_items.rb | 339 + ..._alert_configuration_list_records_items.rb | 296 + jcapiv2/lib/jcapiv2/models/any_value.rb | 198 + jcapiv2/lib/jcapiv2/models/apple_mdm.rb | 244 +- .../lib/jcapiv2/models/apple_mdm_device.rb | 287 + .../jcapiv2/models/apple_mdm_device_info.rb | 315 + .../models/apple_mdm_device_security_info.rb | 243 + jcapiv2/lib/jcapiv2/models/apple_mdm_patch.rb | 285 + .../jcapiv2/models/apple_mdm_patch_input.rb | 215 - .../models/apple_mdm_public_key_cert.rb | 197 + .../models/apple_mdm_signed_csr_plist.rb | 197 + .../models/application_id_logo_body.rb | 207 + jcapiv2/lib/jcapiv2/models/apps.rb | 201 + jcapiv2/lib/jcapiv2/models/apps_inner.rb | 215 + jcapiv2/lib/jcapiv2/models/auth_info.rb | 88 +- jcapiv2/lib/jcapiv2/models/auth_input.rb | 82 +- .../lib/jcapiv2/models/auth_input_object.rb | 78 +- jcapiv2/lib/jcapiv2/models/authinput_basic.rb | 82 +- jcapiv2/lib/jcapiv2/models/authinput_oauth.rb | 78 +- jcapiv2/lib/jcapiv2/models/authn_policy.rb | 271 + .../lib/jcapiv2/models/authn_policy_effect.rb | 254 + .../models/authn_policy_obligations.rb | 224 + ..._obligations_external_identity_provider.rb | 206 + .../models/authn_policy_obligations_mfa.rb | 206 + ...hn_policy_obligations_user_verification.rb | 240 + .../models/authn_policy_resource_target.rb | 255 + .../jcapiv2/models/authn_policy_targets.rb | 235 + .../lib/jcapiv2/models/authn_policy_type.rb | 29 + .../authn_policy_user_attribute_filter.rb | 259 + .../authn_policy_user_attribute_target.rb | 220 + .../models/authn_policy_user_group_target.rb | 219 + .../models/authn_policy_user_target.rb | 208 + .../lib/jcapiv2/models/autotask_company.rb | 228 + .../jcapiv2/models/autotask_company_resp.rb | 228 + .../models/autotask_company_type_resp.rb | 228 + .../lib/jcapiv2/models/autotask_contract.rb | 243 + .../jcapiv2/models/autotask_contract_field.rb | 229 + .../models/autotask_contract_field_values.rb | 215 + .../jcapiv2/models/autotask_integration.rb | 238 + .../models/autotask_integration_patch_req.rb | 218 + .../models/autotask_integration_req.rb | 228 + .../models/autotask_mapping_request.rb | 209 + .../autotask_mapping_request_company.rb | 225 + .../autotask_mapping_request_contract.rb | 197 + .../models/autotask_mapping_request_data.rb | 252 + .../autotask_mapping_request_organization.rb | 225 + .../autotask_mapping_request_service.rb | 197 + .../models/autotask_mapping_response.rb | 252 + .../autotask_mapping_response_company.rb | 215 + .../autotask_mapping_response_contract.rb | 215 + .../autotask_mapping_response_organization.rb | 215 + .../autotask_mapping_response_service.rb | 224 + .../lib/jcapiv2/models/autotask_service.rb | 243 + .../lib/jcapiv2/models/autotask_settings.rb | 220 + .../models/autotask_settings_patch_req.rb | 220 + .../autotask_ticketing_alert_configuration.rb | 340 + ...task_ticketing_alert_configuration_list.rb | 213 + ...sk_ticketing_alert_configuration_option.rb | 217 + ...eting_alert_configuration_option_values.rb | 215 + ...k_ticketing_alert_configuration_options.rb | 219 + ..._ticketing_alert_configuration_priority.rb | 215 + ...k_ticketing_alert_configuration_request.rb | 329 + ..._ticketing_alert_configuration_resource.rb | 224 + .../billing_integration_company_type.rb | 228 + jcapiv2/lib/jcapiv2/models/body.rb | 205 - jcapiv2/lib/jcapiv2/models/body_1.rb | 210 - jcapiv2/lib/jcapiv2/models/body_2.rb | 210 - jcapiv2/lib/jcapiv2/models/body_3.rb | 206 - .../bulk_scheduled_statechange_create.rb | 299 + .../lib/jcapiv2/models/bulk_user_create.rb | 95 +- .../lib/jcapiv2/models/bulk_user_expire.rb | 229 + .../lib/jcapiv2/models/bulk_user_unlock.rb | 229 + .../lib/jcapiv2/models/bulk_user_update.rb | 113 +- jcapiv2/lib/jcapiv2/models/cases_response.rb | 218 + .../lib/jcapiv2/models/command_result_list.rb | 219 + .../models/command_result_list_results.rb | 247 + .../commands_graph_object_with_paths.rb | 333 + .../models/configured_policy_template.rb | 235 + .../configured_policy_template_value.rb | 226 + .../models/connect_wise_mapping_request.rb | 209 + .../connect_wise_mapping_request_company.rb | 225 + .../connect_wise_mapping_request_data.rb | 252 + ...nnect_wise_mapping_request_organization.rb | 225 + .../models/connect_wise_mapping_response.rb | 252 + .../connect_wise_mapping_response_addition.rb | 215 + .../jcapiv2/models/connect_wise_settings.rb | 220 + .../models/connect_wise_settings_patch_req.rb | 220 + ...nect_wise_ticketing_alert_configuration.rb | 274 + ...wise_ticketing_alert_configuration_list.rb | 213 + ...se_ticketing_alert_configuration_option.rb | 217 + ...e_ticketing_alert_configuration_options.rb | 213 + ...e_ticketing_alert_configuration_request.rb | 238 + .../jcapiv2/models/connectwise_addition.rb | 228 + .../jcapiv2/models/connectwise_agreement.rb | 243 + .../lib/jcapiv2/models/connectwise_company.rb | 228 + .../models/connectwise_company_resp.rb | 228 + .../models/connectwise_company_type_resp.rb | 228 + .../jcapiv2/models/connectwise_integration.rb | 253 + .../connectwise_integration_patch_req.rb | 238 + .../models/connectwise_integration_req.rb | 258 + .../lib/jcapiv2/models/create_organization.rb | 216 + jcapiv2/lib/jcapiv2/models/custom_email.rb | 280 + .../jcapiv2/models/custom_email_template.rb | 235 + .../models/custom_email_template_field.rb | 233 + .../lib/jcapiv2/models/custom_email_type.rb | 34 + jcapiv2/lib/jcapiv2/models/default_domain.rb | 215 + jcapiv2/lib/jcapiv2/models/dep.rb | 227 + .../models/dep_setup_assistant_option.rb | 206 + .../lib/jcapiv2/models/dep_welcome_screen.rb | 227 + .../jcapiv2/models/device_id_erase_body.rb | 207 + .../lib/jcapiv2/models/device_id_lock_body.rb | 207 + .../models/device_id_resetpassword_body.rb | 218 + .../jcapiv2/models/device_id_restart_body.rb | 209 + .../models/device_package_v1_device.rb | 269 + ...device_package_v1_list_devices_response.rb | 217 + ...gn_in_with_jump_cloud_settings_response.rb | 217 + ...ign_in_with_jump_cloud_settings_request.rb | 217 + ...devices_sign_in_with_jump_cloud_setting.rb | 224 + ...gn_in_with_jump_cloud_setting_os_family.rb | 29 + ...n_in_with_jump_cloud_setting_permission.rb | 28 + jcapiv2/lib/jcapiv2/models/directory.rb | 118 +- .../models/directory_default_domain.rb | 216 + jcapiv2/lib/jcapiv2/models/duo_account.rb | 84 +- jcapiv2/lib/jcapiv2/models/duo_application.rb | 102 +- .../lib/jcapiv2/models/duo_application_req.rb | 104 +- .../models/duo_application_update_req.rb | 111 +- .../models/duo_registration_application.rb | 224 - .../duo_registration_application_req.rb | 193 - jcapiv2/lib/jcapiv2/models/emailrequest.rb | 221 - .../lib/jcapiv2/models/enrollment_profile.rb | 197 - .../models/enterprises_enterprise_id_body.rb | 215 + jcapiv2/lib/jcapiv2/models/error.rb | 105 +- jcapiv2/lib/jcapiv2/models/error_details.rb | 243 + jcapiv2/lib/jcapiv2/models/errorresponse.rb | 188 - jcapiv2/lib/jcapiv2/models/feature.rb | 242 + .../lib/jcapiv2/models/feature_trial_data.rb | 216 + jcapiv2/lib/jcapiv2/models/filter.rb | 277 + jcapiv2/lib/jcapiv2/models/filter_query.rb | 261 + .../models/g_suite_builtin_translation.rb | 43 +- .../models/g_suite_direction_translation.rb | 28 + .../models/g_suite_translation_rule.rb | 95 +- .../g_suite_translation_rule_request.rb | 91 +- .../lib/jcapiv2/models/google_protobuf_any.rb | 202 + .../lib/jcapiv2/models/google_rpc_status.rb | 226 + .../models/graph_attribute_ldap_groups.rb | 209 + .../models/graph_attribute_posix_groups.rb | 209 + ...aph_attribute_posix_groups_posix_groups.rb | 225 + .../jcapiv2/models/graph_attribute_radius.rb | 207 + .../models/graph_attribute_radius_radius.rb | 208 + .../graph_attribute_radius_radius_reply.rb | 225 + .../models/graph_attribute_samba_enabled.rb | 207 + .../jcapiv2/models/graph_attribute_sudo.rb | 207 + .../models/graph_attribute_sudo_sudo.rb | 227 + .../lib/jcapiv2/models/graph_attributes.rb | 202 + .../lib/jcapiv2/models/graph_connection.rb | 94 +- .../jcapiv2/models/graph_management_req.rb | 256 - jcapiv2/lib/jcapiv2/models/graph_object.rb | 97 +- .../jcapiv2/models/graph_object_with_paths.rb | 103 +- jcapiv2/lib/jcapiv2/models/graph_operation.rb | 261 + .../graph_operation_active_directory.rb | 301 + .../models/graph_operation_application.rb | 301 + .../jcapiv2/models/graph_operation_command.rb | 301 + .../jcapiv2/models/graph_operation_g_suite.rb | 301 + .../models/graph_operation_ldap_server.rb | 301 + .../models/graph_operation_office365.rb | 301 + .../jcapiv2/models/graph_operation_policy.rb | 301 + .../models/graph_operation_policy_group.rb | 301 + .../graph_operation_policy_group_member.rb | 301 + .../models/graph_operation_radius_server.rb | 301 + .../models/graph_operation_software_app.rb | 301 + .../jcapiv2/models/graph_operation_system.rb | 301 + .../models/graph_operation_system_group.rb | 301 + .../graph_operation_system_group_member.rb | 301 + .../jcapiv2/models/graph_operation_user.rb | 301 + .../models/graph_operation_user_group.rb | 301 + .../graph_operation_user_group_member.rb | 301 + jcapiv2/lib/jcapiv2/models/graph_type.rb | 38 +- jcapiv2/lib/jcapiv2/models/group.rb | 117 +- .../models/group_attributes_user_group.rb | 251 + .../models/group_id_suggestions_body.rb | 208 + .../models/group_id_suggestions_body_1.rb | 208 + .../models/group_membership_method_type.rb | 30 + jcapiv2/lib/jcapiv2/models/group_pwm.rb | 280 + jcapiv2/lib/jcapiv2/models/group_type.rb | 18 +- jcapiv2/lib/jcapiv2/models/groups.rb | 201 + jcapiv2/lib/jcapiv2/models/groups_inner.rb | 225 + jcapiv2/lib/jcapiv2/models/gsuite.rb | 297 + jcapiv2/lib/jcapiv2/models/gsuite_output.rb | 251 - .../lib/jcapiv2/models/gsuite_patch_input.rb | 242 - .../lib/jcapiv2/models/import_operation.rb | 28 + jcapiv2/lib/jcapiv2/models/import_user.rb | 363 + .../lib/jcapiv2/models/import_user_address.rb | 251 + .../models/import_user_phone_number.rb | 215 + .../jcapiv2/models/import_users_request.rb | 233 + .../jcapiv2/models/import_users_response.rb | 217 + .../lib/jcapiv2/models/inline_response_200.rb | 119 +- .../jcapiv2/models/inline_response_200_1.rb | 104 +- .../jcapiv2/models/inline_response_200_10.rb | 217 + .../jcapiv2/models/inline_response_200_11.rb | 233 + .../jcapiv2/models/inline_response_200_12.rb | 226 + .../models/inline_response_200_12_users.rb | 233 + .../jcapiv2/models/inline_response_200_13.rb | 217 + .../jcapiv2/models/inline_response_200_14.rb | 215 + .../jcapiv2/models/inline_response_200_15.rb | 217 + .../jcapiv2/models/inline_response_200_2.rb | 217 + .../models/inline_response_200_2_users.rb | 242 + .../jcapiv2/models/inline_response_200_3.rb | 217 + .../jcapiv2/models/inline_response_200_4.rb | 217 + .../jcapiv2/models/inline_response_200_5.rb | 217 + .../jcapiv2/models/inline_response_200_6.rb | 217 + .../jcapiv2/models/inline_response_200_7.rb | 217 + .../jcapiv2/models/inline_response_200_8.rb | 217 + .../jcapiv2/models/inline_response_200_9.rb | 217 + .../lib/jcapiv2/models/inline_response_201.rb | 103 +- .../lib/jcapiv2/models/inline_response_400.rb | 78 +- .../lib/jcapiv2/models/install_action_type.rb | 30 + jcapiv2/lib/jcapiv2/models/integration.rb | 217 + .../jcapiv2/models/integration_sync_error.rb | 254 + .../models/integration_sync_error_resp.rb | 228 + .../lib/jcapiv2/models/integration_type.rb | 29 + .../jcapiv2/models/integrations_response.rb | 218 + jcapiv2/lib/jcapiv2/models/ip_list.rb | 235 + jcapiv2/lib/jcapiv2/models/ip_list_request.rb | 226 + .../jcapiv2/models/jc_enrollment_profile.rb | 228 - jcapiv2/lib/jcapiv2/models/job_details.rb | 253 - jcapiv2/lib/jcapiv2/models/job_id.rb | 80 +- jcapiv2/lib/jcapiv2/models/job_workresult.rb | 134 +- .../jcapiv2/models/jumpcloud_gapps_domain.rb | 237 + .../jumpcloud_gapps_domain_list_response.rb | 217 + .../models/jumpcloud_gapps_domain_response.rb | 206 + ...mpcloud_google_emm_allow_personal_usage.rb | 29 + .../jumpcloud_google_emm_command_response.rb | 197 + ...ud_google_emm_common_criteria_mode_info.rb | 206 + .../jumpcloud_google_emm_connection_status.rb | 224 + ...gle_emm_create_enrollment_token_request.rb | 242 + ...le_emm_create_enrollment_token_response.rb | 251 + ...ud_google_emm_create_enterprise_request.rb | 215 + ...oud_google_emm_create_web_token_request.rb | 224 + .../models/jumpcloud_google_emm_device.rb | 224 + ...pcloud_google_emm_device_android_policy.rb | 206 + .../jumpcloud_google_emm_device_data.rb | 215 + ...jumpcloud_google_emm_device_information.rb | 251 + .../jumpcloud_google_emm_device_settings.rb | 260 + .../jumpcloud_google_emm_device_state_info.rb | 278 + ...umpcloud_google_emm_emm_enrollment_info.rb | 260 + .../models/jumpcloud_google_emm_enterprise.rb | 270 + .../models/jumpcloud_google_emm_feature.rb | 28 + .../jumpcloud_google_emm_hardware_info.rb | 251 + ...pcloud_google_emm_list_devices_response.rb | 217 + ...ud_google_emm_list_enterprises_response.rb | 217 + .../jumpcloud_google_emm_memory_info.rb | 215 + .../jumpcloud_google_emm_network_info.rb | 238 + .../jumpcloud_google_emm_security_posture.rb | 206 + .../models/jumpcloud_google_emm_signup_url.rb | 215 + .../jumpcloud_google_emm_software_info.rb | 287 + ...jumpcloud_google_emm_system_update_info.rb | 215 + .../jumpcloud_google_emm_telephony_info.rb | 217 + .../models/jumpcloud_google_emm_web_token.rb | 215 + .../jumpcloud_msp_get_details_response.rb | 235 + .../jcapiv2/models/jumpcloud_msp_product.rb | 235 + ...package_validator_apple_package_details.rb | 280 + ...ate_application_install_package_request.rb | 206 + ...te_application_install_package_response.rb | 206 + jcapiv2/lib/jcapiv2/models/ldap_group.rb | 207 + jcapiv2/lib/jcapiv2/models/ldap_server.rb | 283 + .../lib/jcapiv2/models/ldap_server_action.rb | 17 +- .../lib/jcapiv2/models/ldap_server_input.rb | 254 - .../lib/jcapiv2/models/ldap_server_output.rb | 269 - .../lib/jcapiv2/models/ldapservers_id_body.rb | 224 + .../lib/jcapiv2/models/member_suggestion.rb | 250 + .../models/member_suggestions_post_result.rb | 219 + jcapiv2/lib/jcapiv2/models/mfa.rb | 206 - jcapiv2/lib/jcapiv2/models/mobileconfig.rb | 74 +- jcapiv2/lib/jcapiv2/models/model_case.rb | 279 + jcapiv2/lib/jcapiv2/models/o365_domain.rb | 234 + .../jcapiv2/models/o365_domain_response.rb | 206 + .../models/o365_domains_list_response.rb | 217 + .../lib/jcapiv2/models/oauth_code_input.rb | 188 - .../lib/jcapiv2/models/object_storage_item.rb | 218 + .../jcapiv2/models/object_storage_version.rb | 261 + jcapiv2/lib/jcapiv2/models/office365.rb | 297 + .../models/office365_builtin_translation.rb | 36 +- .../models/office365_direction_translation.rb | 27 + .../models/office365_id_domains_body.rb | 206 + .../models/office365_translation_rule.rb | 95 +- .../office365_translation_rule_request.rb | 91 +- .../lib/jcapiv2/models/org_crypto_settings.rb | 188 - jcapiv2/lib/jcapiv2/models/organization.rb | 225 + .../models/orgcryptosettings_ssh_keys.rb | 206 - jcapiv2/lib/jcapiv2/models/os_restriction.rb | 271 + .../os_restriction_apple_restrictions.rb | 242 + .../lib/jcapiv2/models/passwords_security.rb | 233 + jcapiv2/lib/jcapiv2/models/phone_number.rb | 224 + jcapiv2/lib/jcapiv2/models/policy.rb | 85 +- jcapiv2/lib/jcapiv2/models/policy_group.rb | 290 + .../lib/jcapiv2/models/policy_group_data.rb | 212 + .../jcapiv2/models/policy_group_template.rb | 235 + .../models/policy_group_template_member.rb | 224 + .../models/policy_group_template_members.rb | 217 + .../jcapiv2/models/policy_group_templates.rb | 217 + jcapiv2/lib/jcapiv2/models/policy_request.rb | 99 +- .../jcapiv2/models/policy_request_template.rb | 78 +- jcapiv2/lib/jcapiv2/models/policy_result.rb | 132 +- jcapiv2/lib/jcapiv2/models/policy_template.rb | 161 +- .../models/policy_template_config_field.rb | 163 +- .../policy_template_config_field_tooltip.rb | 82 +- ...template_config_field_tooltip_variables.rb | 82 +- .../models/policy_template_with_details.rb | 131 +- jcapiv2/lib/jcapiv2/models/policy_value.rb | 102 +- .../lib/jcapiv2/models/policy_with_details.rb | 107 +- jcapiv2/lib/jcapiv2/models/provider.rb | 100 +- .../lib/jcapiv2/models/provider_admin_req.rb | 125 +- .../lib/jcapiv2/models/provider_contact.rb | 197 - .../lib/jcapiv2/models/provider_invoice.rb | 261 + .../models/provider_invoice_response.rb | 218 + .../jcapiv2/models/push_endpoint_response.rb | 252 + .../models/push_endpoint_response_device.rb | 251 + .../pushendpoints_push_endpoint_id_body.rb | 249 + jcapiv2/lib/jcapiv2/models/pwm_all_users.rb | 227 + .../models/pwm_cloud_backup_restores.rb | 215 + .../lib/jcapiv2/models/pwm_item_history.rb | 233 + .../jcapiv2/models/pwm_items_count_by_type.rb | 215 + .../lib/jcapiv2/models/pwm_items_metadata.rb | 238 + .../models/pwm_overview_app_versions.rb | 227 + .../pwm_overview_app_versions_results.rb | 215 + .../lib/jcapiv2/models/pwm_overview_main.rb | 309 + .../models/pwm_overview_main_devices.rb | 224 + jcapiv2/lib/jcapiv2/models/pwm_user.rb | 343 + jcapiv2/lib/jcapiv2/models/pwm_user_by_id.rb | 383 + jcapiv2/lib/jcapiv2/models/pwm_user_item.rb | 299 + jcapiv2/lib/jcapiv2/models/pwm_user_items.rb | 238 + .../jcapiv2/models/pwm_user_shared_folders.rb | 227 + .../models/pwm_user_shared_folders_results.rb | 303 + jcapiv2/lib/jcapiv2/models/query.rb | 251 + .../lib/jcapiv2/models/queued_command_list.rb | 219 + .../models/queued_command_list_results.rb | 237 + .../salesforce_knowledge_list_output.rb | 179 - .../salesforceknowledgelistoutput_inner.rb | 188 - jcapiv2/lib/jcapiv2/models/samba_domain.rb | 237 + .../lib/jcapiv2/models/samba_domain_input.rb | 209 - .../lib/jcapiv2/models/samba_domain_output.rb | 224 - .../lib/jcapiv2/models/schedule_os_update.rb | 234 + .../models/scheduled_userstate_result.rb | 237 + .../jcapiv2/models/setup_assistant_option.rb | 57 + jcapiv2/lib/jcapiv2/models/shared_folder.rb | 294 + .../models/shared_folder_access_levels.rb | 213 + .../shared_folder_access_levels_results.rb | 234 + .../jcapiv2/models/shared_folder_details.rb | 334 + .../jcapiv2/models/shared_folder_groups.rb | 227 + .../lib/jcapiv2/models/shared_folder_users.rb | 227 + .../models/shared_folder_users_results.rb | 317 + .../lib/jcapiv2/models/shared_folders_list.rb | 227 + jcapiv2/lib/jcapiv2/models/software_app.rb | 226 + .../jcapiv2/models/software_app_apple_vpp.rb | 289 + .../lib/jcapiv2/models/software_app_create.rb | 235 + .../models/software_app_google_android.rb | 479 + .../models/software_app_permission_grants.rb | 251 + .../models/software_app_reclaim_licenses.rb | 233 + .../jcapiv2/models/software_app_settings.rb | 397 + .../lib/jcapiv2/models/software_app_status.rb | 269 + .../models/software_app_with_status.rb | 215 + ...oftware_apps_retry_installation_request.rb | 209 + jcapiv2/lib/jcapiv2/models/sshkeylist.rb | 219 - jcapiv2/lib/jcapiv2/models/subscription.rb | 274 + .../lib/jcapiv2/models/suggestion_counts.rb | 224 + ...ro_billing_mapping_configuration_option.rb | 220 + ...ling_mapping_configuration_option_value.rb | 227 + ...mapping_configuration_option_value_line.rb | 216 + ...ling_mapping_configuration_options_resp.rb | 214 + jcapiv2/lib/jcapiv2/models/syncro_company.rb | 228 + .../lib/jcapiv2/models/syncro_company_resp.rb | 228 + .../lib/jcapiv2/models/syncro_integration.rb | 238 + .../models/syncro_integration_patch_req.rb | 218 + .../jcapiv2/models/syncro_integration_req.rb | 228 + .../jcapiv2/models/syncro_mapping_request.rb | 209 + ..._mapping_request_billing_configurations.rb | 207 + ...g_request_billing_configurations_fields.rb | 233 + ...ling_configurations_fields_line_item_id.rb | 215 + ...ng_configurations_fields_line_item_name.rb | 215 + .../models/syncro_mapping_request_data.rb | 243 + .../jcapiv2/models/syncro_mapping_response.rb | 216 + jcapiv2/lib/jcapiv2/models/syncro_settings.rb | 208 + .../models/syncro_settings_patch_req.rb | 208 + .../syncro_ticketing_alert_configuration.rb | 297 + ...ncro_ticketing_alert_configuration_list.rb | 213 + ...ro_ticketing_alert_configuration_option.rb | 217 + ...o_ticketing_alert_configuration_options.rb | 213 + ...o_ticketing_alert_configuration_request.rb | 271 + .../models/system_graph_management_req.rb | 277 - .../system_graph_management_req_attributes.rb | 188 - ...em_graph_management_req_attributes_sudo.rb | 197 - jcapiv2/lib/jcapiv2/models/system_group.rb | 162 +- .../lib/jcapiv2/models/system_group_data.rb | 194 - .../system_group_graph_management_req.rb | 268 - .../models/system_group_members_req.rb | 269 - .../lib/jcapiv2/models/system_group_post.rb | 281 + .../lib/jcapiv2/models/system_group_put.rb | 281 + .../lib/jcapiv2/models/system_insights_alf.rb | 278 + .../models/system_insights_alf_exceptions.rb | 233 + .../system_insights_alf_explicit_auths.rb | 224 + .../models/system_insights_appcompat_shims.rb | 269 + .../jcapiv2/models/system_insights_apps.rb | 158 +- .../models/system_insights_authorized_keys.rb | 251 + ...system_insights_azure_instance_metadata.rb | 359 + .../system_insights_azure_instance_tags.rb | 242 + .../jcapiv2/models/system_insights_battery.rb | 164 +- .../models/system_insights_bitlocker_info.rb | 106 +- .../models/system_insights_browser_plugins.rb | 122 +- .../models/system_insights_certificates.rb | 395 + .../models/system_insights_chassis_info.rb | 332 + .../system_insights_chrome_extensions.rb | 126 +- .../models/system_insights_connectivity.rb | 296 + .../jcapiv2/models/system_insights_crashes.rb | 158 +- .../system_insights_cups_destinations.rb | 233 + .../models/system_insights_disk_encryption.rb | 110 +- .../models/system_insights_disk_info.rb | 126 +- .../models/system_insights_dns_resolvers.rb | 260 + .../models/system_insights_etc_hosts.rb | 90 +- .../models/system_insights_firefox_addons.rb | 138 +- .../jcapiv2/models/system_insights_groups.rb | 102 +- .../models/system_insights_ie_extensions.rb | 98 +- .../system_insights_interface_addresses.rb | 110 +- .../system_insights_interface_details.rb | 521 + .../models/system_insights_kernel_info.rb | 98 +- .../jcapiv2/models/system_insights_launchd.rb | 166 +- .../models/system_insights_linux_packages.rb | 305 + .../models/system_insights_logged_in_users.rb | 106 +- .../models/system_insights_logical_drives.rb | 269 + .../models/system_insights_logical_drvies.rb | 251 - .../system_insights_managed_policies.rb | 269 + .../jcapiv2/models/system_insights_mounts.rb | 126 +- .../models/system_insights_os_version.rb | 122 +- .../jcapiv2/models/system_insights_patches.rb | 114 +- .../models/system_insights_programs.rb | 118 +- .../models/system_insights_python_packages.rb | 269 + .../system_insights_safari_extensions.rb | 122 +- .../models/system_insights_scheduled_tasks.rb | 296 + .../models/system_insights_secureboot.rb | 233 + .../models/system_insights_services.rb | 314 + .../jcapiv2/models/system_insights_shadow.rb | 305 + .../models/system_insights_shared_folders.rb | 233 + .../system_insights_shared_resources.rb | 287 + .../system_insights_sharing_preferences.rb | 305 + .../models/system_insights_sip_config.rb | 242 + .../models/system_insights_startup_items.rb | 269 + .../models/system_insights_system_controls.rb | 110 +- .../models/system_insights_system_info.rb | 142 +- .../models/system_insights_tpm_info.rb | 296 + .../jcapiv2/models/system_insights_uptime.rb | 102 +- .../models/system_insights_usb_devices.rb | 132 +- .../models/system_insights_user_groups.rb | 90 +- .../models/system_insights_user_ssh_keys.rb | 242 + .../models/system_insights_userassist.rb | 251 + .../jcapiv2/models/system_insights_users.rb | 184 +- .../models/system_insights_wifi_networks.rb | 323 + .../models/system_insights_wifi_status.rb | 332 + .../models/system_insights_windows_crashes.rb | 368 - ...system_insights_windows_security_center.rb | 278 + ...stem_insights_windows_security_products.rb | 269 + jcapiv2/lib/jcapiv2/models/systemfdekey.rb | 80 +- jcapiv2/lib/jcapiv2/models/systemuser.rb | 827 - .../lib/jcapiv2/models/systemuserputpost.rb | 625 - .../models/systemuserputpost_addresses.rb | 251 - .../models/systemuserputpost_phone_numbers.rb | 197 - .../models/ticketing_integration_alert.rb | 233 + .../ticketing_integration_alerts_resp.rb | 213 + jcapiv2/lib/jcapiv2/models/user.rb | 319 + .../models/user_graph_management_req.rb | 277 - jcapiv2/lib/jcapiv2/models/user_group.rb | 166 +- .../jcapiv2/models/user_group_attributes.rb | 199 - .../user_group_attributes_posix_groups.rb | 197 - .../models/user_group_graph_management_req.rb | 269 - .../jcapiv2/models/user_group_members_req.rb | 269 - jcapiv2/lib/jcapiv2/models/user_group_post.rb | 146 +- jcapiv2/lib/jcapiv2/models/user_group_put.rb | 146 +- jcapiv2/lib/jcapiv2/models/workday_fields.rb | 84 +- jcapiv2/lib/jcapiv2/models/workday_input.rb | 88 +- jcapiv2/lib/jcapiv2/models/workday_output.rb | 98 +- jcapiv2/lib/jcapiv2/models/workday_request.rb | 197 - jcapiv2/lib/jcapiv2/models/workday_worker.rb | 96 +- .../lib/jcapiv2/models/workdayoutput_auth.rb | 82 +- jcapiv2/lib/jcapiv2/version.rb | 11 +- jcapiv2/spec/api/active_directory_api_spec.rb | 139 +- jcapiv2/spec/api/administrators_api_spec.rb | 88 + jcapiv2/spec/api/apple_mdm_api_spec.rb | 288 +- jcapiv2/spec/api/applications_api_spec.rb | 122 +- .../api/authentication_policies_api_spec.rb | 104 + .../spec/api/bulk_job_requests_api_spec.rb | 148 +- jcapiv2/spec/api/command_results_api_spec.rb | 49 + jcapiv2/spec/api/commands_api_spec.rb | 79 +- jcapiv2/spec/api/custom_emails_api_spec.rb | 98 + jcapiv2/spec/api/default_api_spec.rb | 98 - jcapiv2/spec/api/directories_api_spec.rb | 17 +- jcapiv2/spec/api/duo_api_spec.rb | 83 +- jcapiv2/spec/api/fde_api_spec.rb | 13 +- jcapiv2/spec/api/feature_trials_api_spec.rb | 46 + jcapiv2/spec/api/g_suite_api_spec.rb | 170 +- jcapiv2/spec/api/g_suite_import_api_spec.rb | 69 + jcapiv2/spec/api/google_emm_api_spec.rb | 222 + jcapiv2/spec/api/graph_api_spec.rb | 1028 +- jcapiv2/spec/api/groups_api_spec.rb | 20 +- jcapiv2/spec/api/image_api_spec.rb | 47 + jcapiv2/spec/api/ip_lists_api_spec.rb | 118 + jcapiv2/spec/api/knowledge_api_spec.rb | 51 - jcapiv2/spec/api/ldap_servers_api_spec.rb | 84 +- jcapiv2/spec/api/logos_api_spec.rb | 46 + .../api/managed_service_provider_api_spec.rb | 310 + jcapiv2/spec/api/office365_api_spec.rb | 161 +- jcapiv2/spec/api/office365_import_api_spec.rb | 53 + jcapiv2/spec/api/organizations_api_spec.rb | 85 +- jcapiv2/spec/api/password_manager_api_spec.rb | 60 + jcapiv2/spec/api/policies_api_spec.rb | 184 +- .../api/policy_group_associations_api_spec.rb | 96 + ...olicy_group_members_membership_api_spec.rb | 80 + .../api/policy_group_templates_api_spec.rb | 123 + jcapiv2/spec/api/policy_groups_api_spec.rb | 212 + jcapiv2/spec/api/policytemplates_api_spec.rb | 27 +- jcapiv2/spec/api/providers_api_spec.rb | 897 +- jcapiv2/spec/api/radius_servers_api_spec.rb | 49 +- jcapiv2/spec/api/samba_domains_api_spec.rb | 62 +- jcapiv2/spec/api/scim_import_api_spec.rb | 53 + jcapiv2/spec/api/software_apps_api_spec.rb | 219 + jcapiv2/spec/api/subscriptions_api_spec.rb | 45 + .../api/system_group_associations_api_spec.rb | 88 +- ...ystem_group_members_membership_api_spec.rb | 58 +- jcapiv2/spec/api/system_groups_api_spec.rb | 217 +- jcapiv2/spec/api/system_insights_api_spec.rb | 1072 +- jcapiv2/spec/api/systems_api_spec.rb | 121 +- .../systems_organization_settings_api_spec.rb | 58 + .../api/user_group_associations_api_spec.rb | 119 +- .../user_group_members_membership_api_spec.rb | 58 +- jcapiv2/spec/api/user_groups_api_spec.rb | 257 +- jcapiv2/spec/api/users_api_spec.rb | 197 +- jcapiv2/spec/api/workday_import_api_spec.rb | 115 +- jcapiv2/spec/api_client_spec.rb | 77 +- jcapiv2/spec/base_object_spec.rb | 109 + jcapiv2/spec/configuration_spec.rb | 25 +- .../active_directory_agent_get_output_spec.rb | 48 - .../models/active_directory_agent_get_spec.rb | 80 + .../active_directory_agent_input_spec.rb | 36 - ...active_directory_agent_list_output_spec.rb | 52 - .../active_directory_agent_list_spec.rb | 74 + .../models/active_directory_agent_spec.rb | 34 + .../models/active_directory_input_spec.rb | 42 - .../models/active_directory_output_spec.rb | 48 - jcapiv2/spec/models/active_directory_spec.rb | 46 + jcapiv2/spec/models/address_spec.rb | 88 + jcapiv2/spec/models/ade_spec.rb | 64 + jcapiv2/spec/models/ades_spec.rb | 46 + ...dministrator_organization_link_req_spec.rb | 40 + .../administrator_organization_link_spec.rb | 46 + jcapiv2/spec/models/administrator_spec.rb | 46 +- ...t_configuration_list_records_items_spec.rb | 110 + ...t_configuration_list_records_items_spec.rb | 82 + ...all_of_pwm_all_users_results_items_spec.rb | 142 + ...f_pwm_items_metadata_results_items_spec.rb | 106 + ...t_configuration_list_records_items_spec.rb | 100 + jcapiv2/spec/models/any_value_spec.rb | 34 + .../spec/models/apple_mdm_device_info_spec.rb | 112 + .../apple_mdm_device_security_info_spec.rb | 64 + jcapiv2/spec/models/apple_mdm_device_spec.rb | 94 + .../spec/models/apple_mdm_patch_input_spec.rb | 48 - jcapiv2/spec/models/apple_mdm_patch_spec.rb | 88 + .../models/apple_mdm_public_key_cert_spec.rb | 34 + .../models/apple_mdm_signed_csr_plist_spec.rb | 34 + jcapiv2/spec/models/apple_mdm_spec.rb | 86 +- .../models/application_id_logo_body_spec.rb | 40 + jcapiv2/spec/models/apps_inner_spec.rb | 46 + jcapiv2/spec/models/apps_spec.rb | 34 + jcapiv2/spec/models/auth_info_spec.rb | 16 +- jcapiv2/spec/models/auth_input_object_spec.rb | 12 +- jcapiv2/spec/models/auth_input_spec.rb | 14 +- jcapiv2/spec/models/authinput_basic_spec.rb | 14 +- jcapiv2/spec/models/authinput_oauth_spec.rb | 12 +- .../spec/models/authn_policy_effect_spec.rb | 50 + ...gations_external_identity_provider_spec.rb | 40 + .../authn_policy_obligations_mfa_spec.rb | 40 + .../models/authn_policy_obligations_spec.rb | 52 + ...licy_obligations_user_verification_spec.rb | 44 + .../authn_policy_resource_target_spec.rb | 50 + jcapiv2/spec/models/authn_policy_spec.rb | 82 + .../spec/models/authn_policy_targets_spec.rb | 58 + jcapiv2/spec/models/authn_policy_type_spec.rb | 34 + ...authn_policy_user_attribute_filter_spec.rb | 56 + ...authn_policy_user_attribute_target_spec.rb | 46 + .../authn_policy_user_group_target_spec.rb | 46 + .../models/authn_policy_user_target_spec.rb | 40 + .../spec/models/autotask_company_resp_spec.rb | 46 + jcapiv2/spec/models/autotask_company_spec.rb | 46 + .../models/autotask_company_type_resp_spec.rb | 46 + .../models/autotask_contract_field_spec.rb | 46 + .../autotask_contract_field_values_spec.rb | 46 + jcapiv2/spec/models/autotask_contract_spec.rb | 52 + .../autotask_integration_patch_req_spec.rb | 46 + .../models/autotask_integration_req_spec.rb | 46 + .../spec/models/autotask_integration_spec.rb | 52 + .../autotask_mapping_request_company_spec.rb | 46 + .../autotask_mapping_request_contract_spec.rb | 34 + .../autotask_mapping_request_data_spec.rb | 64 + ...otask_mapping_request_organization_spec.rb | 46 + .../autotask_mapping_request_service_spec.rb | 34 + .../models/autotask_mapping_request_spec.rb | 40 + .../autotask_mapping_response_company_spec.rb | 46 + ...autotask_mapping_response_contract_spec.rb | 46 + ...task_mapping_response_organization_spec.rb | 46 + .../autotask_mapping_response_service_spec.rb | 52 + .../models/autotask_mapping_response_spec.rb | 70 + jcapiv2/spec/models/autotask_service_spec.rb | 52 + .../autotask_settings_patch_req_spec.rb | 46 + jcapiv2/spec/models/autotask_settings_spec.rb | 46 + ...ticketing_alert_configuration_list_spec.rb | 40 + ...cketing_alert_configuration_option_spec.rb | 46 + ..._alert_configuration_option_values_spec.rb | 46 + ...keting_alert_configuration_options_spec.rb | 46 + ...eting_alert_configuration_priority_spec.rb | 46 + ...keting_alert_configuration_request_spec.rb | 86 + ...eting_alert_configuration_resource_spec.rb | 52 + ...task_ticketing_alert_configuration_spec.rb | 110 + .../billing_integration_company_type_spec.rb | 46 + jcapiv2/spec/models/body_1_spec.rb | 54 - jcapiv2/spec/models/body_2_spec.rb | 54 - jcapiv2/spec/models/body_3_spec.rb | 54 - jcapiv2/spec/models/body_spec.rb | 42 - .../bulk_scheduled_statechange_create_spec.rb | 68 + jcapiv2/spec/models/bulk_user_create_spec.rb | 20 +- jcapiv2/spec/models/bulk_user_expire_spec.rb | 52 + jcapiv2/spec/models/bulk_user_unlock_spec.rb | 52 + jcapiv2/spec/models/bulk_user_update_spec.rb | 28 +- jcapiv2/spec/models/cases_response_spec.rb | 46 + .../command_result_list_results_spec.rb | 64 + .../spec/models/command_result_list_spec.rb | 46 + .../commands_graph_object_with_paths_spec.rb | 112 + .../models/configured_policy_template_spec.rb | 58 + .../configured_policy_template_value_spec.rb | 52 + ...nnect_wise_mapping_request_company_spec.rb | 46 + .../connect_wise_mapping_request_data_spec.rb | 64 + ..._wise_mapping_request_organization_spec.rb | 46 + .../connect_wise_mapping_request_spec.rb | 40 + ...ect_wise_mapping_response_addition_spec.rb | 46 + .../connect_wise_mapping_response_spec.rb | 70 + .../connect_wise_settings_patch_req_spec.rb | 46 + .../spec/models/connect_wise_settings_spec.rb | 46 + ...ticketing_alert_configuration_list_spec.rb | 40 + ...cketing_alert_configuration_option_spec.rb | 46 + ...keting_alert_configuration_options_spec.rb | 40 + ...keting_alert_configuration_request_spec.rb | 58 + ...wise_ticketing_alert_configuration_spec.rb | 82 + .../spec/models/connectwise_addition_spec.rb | 46 + .../spec/models/connectwise_agreement_spec.rb | 52 + .../models/connectwise_company_resp_spec.rb | 46 + .../spec/models/connectwise_company_spec.rb | 46 + .../connectwise_company_type_resp_spec.rb | 46 + .../connectwise_integration_patch_req_spec.rb | 58 + .../connectwise_integration_req_spec.rb | 58 + .../models/connectwise_integration_spec.rb | 58 + .../spec/models/create_organization_spec.rb | 46 + jcapiv2/spec/models/custom_email_spec.rb | 82 + .../custom_email_template_field_spec.rb | 58 + .../spec/models/custom_email_template_spec.rb | 58 + jcapiv2/spec/models/custom_email_type_spec.rb | 34 + jcapiv2/spec/models/default_domain_spec.rb | 46 + .../models/dep_setup_assistant_option_spec.rb | 40 + jcapiv2/spec/models/dep_spec.rb | 52 + .../spec/models/dep_welcome_screen_spec.rb | 52 + .../spec/models/device_id_erase_body_spec.rb | 40 + .../spec/models/device_id_lock_body_spec.rb | 40 + .../device_id_resetpassword_body_spec.rb | 46 + .../models/device_id_restart_body_spec.rb | 40 + .../models/device_package_v1_device_spec.rb | 82 + ...e_package_v1_list_devices_response_spec.rb | 46 + ..._with_jump_cloud_settings_response_spec.rb | 46 + ...n_with_jump_cloud_settings_request_spec.rb | 46 + ..._with_jump_cloud_setting_os_family_spec.rb | 34 + ...with_jump_cloud_setting_permission_spec.rb | 34 + ...es_sign_in_with_jump_cloud_setting_spec.rb | 52 + .../models/directory_default_domain_spec.rb | 46 + jcapiv2/spec/models/directory_spec.rb | 36 +- jcapiv2/spec/models/duo_account_spec.rb | 14 +- .../spec/models/duo_application_req_spec.rb | 18 +- jcapiv2/spec/models/duo_application_spec.rb | 18 +- .../models/duo_application_update_req_spec.rb | 18 +- .../duo_registration_application_req_spec.rb | 42 - .../duo_registration_application_spec.rb | 54 - jcapiv2/spec/models/emailrequest_spec.rb | 46 - .../spec/models/enrollment_profile_spec.rb | 48 - .../enterprises_enterprise_id_body_spec.rb | 46 + jcapiv2/spec/models/error_details_spec.rb | 58 + jcapiv2/spec/models/error_spec.rb | 20 +- jcapiv2/spec/models/errorresponse_spec.rb | 42 - jcapiv2/spec/models/feature_spec.rb | 44 + .../spec/models/feature_trial_data_spec.rb | 46 + jcapiv2/spec/models/filter_query_spec.rb | 50 + jcapiv2/spec/models/filter_spec.rb | 56 + .../g_suite_builtin_translation_spec.rb | 10 +- .../g_suite_direction_translation_spec.rb | 34 + .../g_suite_translation_rule_request_spec.rb | 18 +- .../models/g_suite_translation_rule_spec.rb | 20 +- .../spec/models/google_protobuf_any_spec.rb | 34 + jcapiv2/spec/models/google_rpc_status_spec.rb | 52 + .../graph_attribute_ldap_groups_spec.rb | 40 + ...ttribute_posix_groups_posix_groups_spec.rb | 46 + .../graph_attribute_posix_groups_spec.rb | 40 + ...raph_attribute_radius_radius_reply_spec.rb | 46 + .../graph_attribute_radius_radius_spec.rb | 40 + .../models/graph_attribute_radius_spec.rb | 40 + .../graph_attribute_samba_enabled_spec.rb | 40 + .../spec/models/graph_attribute_sudo_spec.rb | 40 + .../models/graph_attribute_sudo_sudo_spec.rb | 46 + jcapiv2/spec/models/graph_attributes_spec.rb | 34 + jcapiv2/spec/models/graph_connection_spec.rb | 20 +- .../spec/models/graph_management_req_spec.rb | 58 - jcapiv2/spec/models/graph_object_spec.rb | 20 +- .../models/graph_object_with_paths_spec.rb | 22 +- .../graph_operation_active_directory_spec.rb | 66 + .../graph_operation_application_spec.rb | 66 + .../models/graph_operation_command_spec.rb | 66 + .../models/graph_operation_g_suite_spec.rb | 66 + .../graph_operation_ldap_server_spec.rb | 66 + .../models/graph_operation_office365_spec.rb | 66 + ...raph_operation_policy_group_member_spec.rb | 66 + .../graph_operation_policy_group_spec.rb | 66 + .../models/graph_operation_policy_spec.rb | 66 + .../graph_operation_radius_server_spec.rb | 66 + .../graph_operation_software_app_spec.rb | 66 + jcapiv2/spec/models/graph_operation_spec.rb | 50 + ...raph_operation_system_group_member_spec.rb | 66 + .../graph_operation_system_group_spec.rb | 66 + .../models/graph_operation_system_spec.rb | 66 + .../graph_operation_user_group_member_spec.rb | 66 + .../models/graph_operation_user_group_spec.rb | 66 + .../spec/models/graph_operation_user_spec.rb | 66 + jcapiv2/spec/models/graph_type_spec.rb | 10 +- .../group_attributes_user_group_spec.rb | 64 + .../group_id_suggestions_body_1_spec.rb | 40 + .../models/group_id_suggestions_body_spec.rb | 40 + .../group_membership_method_type_spec.rb | 34 + jcapiv2/spec/models/group_pwm_spec.rb | 76 + jcapiv2/spec/models/group_spec.rb | 34 +- jcapiv2/spec/models/group_type_spec.rb | 10 +- jcapiv2/spec/models/groups_inner_spec.rb | 46 + jcapiv2/spec/models/groups_spec.rb | 34 + jcapiv2/spec/models/gsuite_output_spec.rb | 62 - .../spec/models/gsuite_patch_input_spec.rb | 56 - jcapiv2/spec/models/gsuite_spec.rb | 78 + jcapiv2/spec/models/import_operation_spec.rb | 34 + .../spec/models/import_user_address_spec.rb | 70 + .../models/import_user_phone_number_spec.rb | 46 + jcapiv2/spec/models/import_user_spec.rb | 142 + .../spec/models/import_users_request_spec.rb | 52 + .../spec/models/import_users_response_spec.rb | 46 + .../models/inline_response_200_10_spec.rb | 46 + .../models/inline_response_200_11_spec.rb | 58 + .../models/inline_response_200_12_spec.rb | 52 + .../inline_response_200_12_users_spec.rb | 58 + .../models/inline_response_200_13_spec.rb | 46 + .../models/inline_response_200_14_spec.rb | 46 + .../models/inline_response_200_15_spec.rb | 46 + .../spec/models/inline_response_200_1_spec.rb | 18 +- .../spec/models/inline_response_200_2_spec.rb | 46 + .../inline_response_200_2_users_spec.rb | 64 + .../spec/models/inline_response_200_3_spec.rb | 46 + .../spec/models/inline_response_200_4_spec.rb | 46 + .../spec/models/inline_response_200_5_spec.rb | 46 + .../spec/models/inline_response_200_6_spec.rb | 46 + .../spec/models/inline_response_200_7_spec.rb | 46 + .../spec/models/inline_response_200_8_spec.rb | 46 + .../spec/models/inline_response_200_9_spec.rb | 46 + .../spec/models/inline_response_200_spec.rb | 30 +- .../spec/models/inline_response_201_spec.rb | 20 +- .../spec/models/inline_response_400_spec.rb | 12 +- .../spec/models/install_action_type_spec.rb | 34 + jcapiv2/spec/models/integration_spec.rb | 46 + .../integration_sync_error_resp_spec.rb | 46 + .../models/integration_sync_error_spec.rb | 58 + jcapiv2/spec/models/integration_type_spec.rb | 34 + .../spec/models/integrations_response_spec.rb | 46 + jcapiv2/spec/models/ip_list_request_spec.rb | 52 + jcapiv2/spec/models/ip_list_spec.rb | 58 + .../spec/models/jc_enrollment_profile_spec.rb | 66 - jcapiv2/spec/models/job_details_spec.rb | 84 - jcapiv2/spec/models/job_id_spec.rb | 12 +- jcapiv2/spec/models/job_workresult_spec.rb | 48 +- ...mpcloud_gapps_domain_list_response_spec.rb | 46 + .../jumpcloud_gapps_domain_response_spec.rb | 40 + .../models/jumpcloud_gapps_domain_spec.rb | 58 + ...ud_google_emm_allow_personal_usage_spec.rb | 34 + ...pcloud_google_emm_command_response_spec.rb | 34 + ...ogle_emm_common_criteria_mode_info_spec.rb | 40 + ...cloud_google_emm_connection_status_spec.rb | 52 + ...mm_create_enrollment_token_request_spec.rb | 64 + ...m_create_enrollment_token_response_spec.rb | 70 + ...ogle_emm_create_enterprise_request_spec.rb | 46 + ...oogle_emm_create_web_token_request_spec.rb | 52 + ...d_google_emm_device_android_policy_spec.rb | 40 + .../jumpcloud_google_emm_device_data_spec.rb | 46 + ...loud_google_emm_device_information_spec.rb | 70 + ...mpcloud_google_emm_device_settings_spec.rb | 76 + .../jumpcloud_google_emm_device_spec.rb | 52 + ...cloud_google_emm_device_state_info_spec.rb | 88 + ...oud_google_emm_emm_enrollment_info_spec.rb | 76 + .../jumpcloud_google_emm_enterprise_spec.rb | 82 + .../jumpcloud_google_emm_feature_spec.rb | 34 + ...jumpcloud_google_emm_hardware_info_spec.rb | 70 + ...d_google_emm_list_devices_response_spec.rb | 46 + ...ogle_emm_list_enterprises_response_spec.rb | 46 + .../jumpcloud_google_emm_memory_info_spec.rb | 46 + .../jumpcloud_google_emm_network_info_spec.rb | 58 + ...pcloud_google_emm_security_posture_spec.rb | 40 + .../jumpcloud_google_emm_signup_url_spec.rb | 46 + ...jumpcloud_google_emm_software_info_spec.rb | 94 + ...loud_google_emm_system_update_info_spec.rb | 46 + ...umpcloud_google_emm_telephony_info_spec.rb | 46 + .../jumpcloud_google_emm_web_token_spec.rb | 46 + ...jumpcloud_msp_get_details_response_spec.rb | 58 + .../spec/models/jumpcloud_msp_product_spec.rb | 58 + ...ge_validator_apple_package_details_spec.rb | 88 + ...pplication_install_package_request_spec.rb | 40 + ...plication_install_package_response_spec.rb | 40 + jcapiv2/spec/models/ldap_group_spec.rb | 40 + .../spec/models/ldap_server_action_spec.rb | 10 +- jcapiv2/spec/models/ldap_server_input_spec.rb | 62 - .../spec/models/ldap_server_output_spec.rb | 68 - jcapiv2/spec/models/ldap_server_spec.rb | 66 + .../spec/models/ldapservers_id_body_spec.rb | 52 + jcapiv2/spec/models/member_suggestion_spec.rb | 50 + .../member_suggestions_post_result_spec.rb | 46 + jcapiv2/spec/models/mfa_spec.rb | 54 - jcapiv2/spec/models/mobileconfig_spec.rb | 10 +- jcapiv2/spec/models/model_case_spec.rb | 88 + .../spec/models/o365_domain_response_spec.rb | 40 + jcapiv2/spec/models/o365_domain_spec.rb | 58 + .../models/o365_domains_list_response_spec.rb | 46 + jcapiv2/spec/models/oauth_code_input_spec.rb | 42 - .../spec/models/object_storage_item_spec.rb | 46 + .../models/object_storage_version_spec.rb | 76 + .../office365_builtin_translation_spec.rb | 10 +- .../office365_direction_translation_spec.rb | 34 + .../models/office365_id_domains_body_spec.rb | 40 + jcapiv2/spec/models/office365_spec.rb | 78 + ...office365_translation_rule_request_spec.rb | 18 +- .../models/office365_translation_rule_spec.rb | 20 +- .../spec/models/org_crypto_settings_spec.rb | 42 - jcapiv2/spec/models/organization_spec.rb | 52 + .../models/orgcryptosettings_ssh_keys_spec.rb | 54 - .../os_restriction_apple_restrictions_spec.rb | 50 + jcapiv2/spec/models/os_restriction_spec.rb | 68 + .../spec/models/passwords_security_spec.rb | 58 + jcapiv2/spec/models/phone_number_spec.rb | 52 + jcapiv2/spec/models/policy_group_data_spec.rb | 40 + jcapiv2/spec/models/policy_group_spec.rb | 74 + .../policy_group_template_member_spec.rb | 52 + .../policy_group_template_members_spec.rb | 46 + .../spec/models/policy_group_template_spec.rb | 58 + .../models/policy_group_templates_spec.rb | 46 + jcapiv2/spec/models/policy_request_spec.rb | 22 +- .../models/policy_request_template_spec.rb | 12 +- jcapiv2/spec/models/policy_result_spec.rb | 32 +- jcapiv2/spec/models/policy_spec.rb | 16 +- .../policy_template_config_field_spec.rb | 58 +- ...licy_template_config_field_tooltip_spec.rb | 14 +- ...ate_config_field_tooltip_variables_spec.rb | 14 +- jcapiv2/spec/models/policy_template_spec.rb | 62 +- .../policy_template_with_details_spec.rb | 40 +- jcapiv2/spec/models/policy_value_spec.rb | 24 +- .../spec/models/policy_with_details_spec.rb | 26 +- .../spec/models/provider_admin_req_spec.rb | 36 +- jcapiv2/spec/models/provider_contact_spec.rb | 48 - .../models/provider_invoice_response_spec.rb | 46 + jcapiv2/spec/models/provider_invoice_spec.rb | 76 + jcapiv2/spec/models/provider_spec.rb | 18 +- .../push_endpoint_response_device_spec.rb | 70 + .../models/push_endpoint_response_spec.rb | 70 + ...ushendpoints_push_endpoint_id_body_spec.rb | 50 + jcapiv2/spec/models/pwm_all_users_spec.rb | 46 + .../models/pwm_cloud_backup_restores_spec.rb | 46 + jcapiv2/spec/models/pwm_item_history_spec.rb | 58 + .../models/pwm_items_count_by_type_spec.rb | 46 + .../spec/models/pwm_items_metadata_spec.rb | 52 + .../pwm_overview_app_versions_results_spec.rb | 46 + .../models/pwm_overview_app_versions_spec.rb | 46 + .../models/pwm_overview_main_devices_spec.rb | 52 + jcapiv2/spec/models/pwm_overview_main_spec.rb | 94 + jcapiv2/spec/models/pwm_user_by_id_spec.rb | 142 + jcapiv2/spec/models/pwm_user_item_spec.rb | 82 + jcapiv2/spec/models/pwm_user_items_spec.rb | 52 + .../pwm_user_shared_folders_results_spec.rb | 88 + .../models/pwm_user_shared_folders_spec.rb | 46 + jcapiv2/spec/models/pwm_user_spec.rb | 118 + jcapiv2/spec/models/query_spec.rb | 44 + .../queued_command_list_results_spec.rb | 58 + .../spec/models/queued_command_list_spec.rb | 46 + .../salesforce_knowledge_list_output_spec.rb | 36 - ...alesforceknowledgelistoutput_inner_spec.rb | 42 - .../spec/models/samba_domain_input_spec.rb | 48 - .../spec/models/samba_domain_output_spec.rb | 54 - jcapiv2/spec/models/samba_domain_spec.rb | 52 + .../spec/models/schedule_os_update_spec.rb | 52 + .../models/scheduled_userstate_result_spec.rb | 58 + .../models/setup_assistant_option_spec.rb | 34 + ...hared_folder_access_levels_results_spec.rb | 52 + .../shared_folder_access_levels_spec.rb | 40 + .../spec/models/shared_folder_details_spec.rb | 106 + .../spec/models/shared_folder_groups_spec.rb | 46 + jcapiv2/spec/models/shared_folder_spec.rb | 82 + .../shared_folder_users_results_spec.rb | 94 + .../spec/models/shared_folder_users_spec.rb | 46 + .../spec/models/shared_folders_list_spec.rb | 46 + .../models/software_app_apple_vpp_spec.rb | 80 + .../spec/models/software_app_create_spec.rb | 58 + .../software_app_google_android_spec.rb | 176 + .../software_app_permission_grants_spec.rb | 50 + .../software_app_reclaim_licenses_spec.rb | 58 + .../spec/models/software_app_settings_spec.rb | 154 + jcapiv2/spec/models/software_app_spec.rb | 52 + .../spec/models/software_app_status_spec.rb | 82 + .../models/software_app_with_status_spec.rb | 46 + ...re_apps_retry_installation_request_spec.rb | 40 + jcapiv2/spec/models/sshkeylist_spec.rb | 60 - jcapiv2/spec/models/subscription_spec.rb | 64 + jcapiv2/spec/models/suggestion_counts_spec.rb | 52 + ...lling_mapping_configuration_option_spec.rb | 46 + ...ng_configuration_option_value_line_spec.rb | 46 + ...mapping_configuration_option_value_spec.rb | 52 + ...mapping_configuration_options_resp_spec.rb | 40 + .../spec/models/syncro_company_resp_spec.rb | 46 + jcapiv2/spec/models/syncro_company_spec.rb | 46 + .../syncro_integration_patch_req_spec.rb | 46 + .../models/syncro_integration_req_spec.rb | 46 + .../spec/models/syncro_integration_spec.rb | 52 + ...configurations_fields_line_item_id_spec.rb | 46 + ...nfigurations_fields_line_item_name_spec.rb | 46 + ...uest_billing_configurations_fields_spec.rb | 58 + ...ing_request_billing_configurations_spec.rb | 40 + .../syncro_mapping_request_data_spec.rb | 58 + .../models/syncro_mapping_request_spec.rb | 40 + .../models/syncro_mapping_response_spec.rb | 46 + .../models/syncro_settings_patch_req_spec.rb | 40 + jcapiv2/spec/models/syncro_settings_spec.rb | 40 + ...ticketing_alert_configuration_list_spec.rb | 40 + ...cketing_alert_configuration_option_spec.rb | 46 + ...keting_alert_configuration_options_spec.rb | 40 + ...keting_alert_configuration_request_spec.rb | 76 + ...ncro_ticketing_alert_configuration_spec.rb | 100 + ...em_graph_management_req_attributes_spec.rb | 42 - ...aph_management_req_attributes_sudo_spec.rb | 48 - .../system_graph_management_req_spec.rb | 68 - jcapiv2/spec/models/system_group_data_spec.rb | 42 - .../system_group_graph_management_req_spec.rb | 62 - .../models/system_group_members_req_spec.rb | 62 - jcapiv2/spec/models/system_group_post_spec.rb | 82 + jcapiv2/spec/models/system_group_put_spec.rb | 82 + jcapiv2/spec/models/system_group_spec.rb | 66 +- .../system_insights_alf_exceptions_spec.rb | 58 + ...system_insights_alf_explicit_auths_spec.rb | 52 + .../spec/models/system_insights_alf_spec.rb | 88 + .../system_insights_appcompat_shims_spec.rb | 82 + .../spec/models/system_insights_apps_spec.rb | 52 +- .../system_insights_authorized_keys_spec.rb | 70 + ...m_insights_azure_instance_metadata_spec.rb | 142 + ...ystem_insights_azure_instance_tags_spec.rb | 64 + .../models/system_insights_battery_spec.rb | 52 +- .../system_insights_bitlocker_info_spec.rb | 26 +- .../system_insights_browser_plugins_spec.rb | 34 +- .../system_insights_certificates_spec.rb | 166 + .../system_insights_chassis_info_spec.rb | 124 + .../system_insights_chrome_extensions_spec.rb | 36 +- .../system_insights_connectivity_spec.rb | 100 + .../models/system_insights_crashes_spec.rb | 54 +- .../system_insights_cups_destinations_spec.rb | 58 + .../system_insights_disk_encryption_spec.rb | 28 +- .../models/system_insights_disk_info_spec.rb | 36 +- .../system_insights_dns_resolvers_spec.rb | 76 + .../models/system_insights_etc_hosts_spec.rb | 18 +- .../system_insights_firefox_addons_spec.rb | 42 +- .../models/system_insights_groups_spec.rb | 24 +- .../system_insights_ie_extensions_spec.rb | 22 +- ...ystem_insights_interface_addresses_spec.rb | 28 +- .../system_insights_interface_details_spec.rb | 250 + .../system_insights_kernel_info_spec.rb | 22 +- .../models/system_insights_launchd_spec.rb | 56 +- .../system_insights_linux_packages_spec.rb | 106 + .../system_insights_logged_in_users_spec.rb | 26 +- .../system_insights_logical_drives_spec.rb | 82 + .../system_insights_logical_drvies_spec.rb | 84 - .../system_insights_managed_policies_spec.rb | 82 + .../models/system_insights_mounts_spec.rb | 36 +- .../models/system_insights_os_version_spec.rb | 34 +- .../models/system_insights_patches_spec.rb | 30 +- .../models/system_insights_programs_spec.rb | 32 +- .../system_insights_python_packages_spec.rb | 82 + .../system_insights_safari_extensions_spec.rb | 34 +- .../system_insights_scheduled_tasks_spec.rb | 100 + .../models/system_insights_secureboot_spec.rb | 58 + .../models/system_insights_services_spec.rb | 112 + .../models/system_insights_shadow_spec.rb | 106 + .../system_insights_shared_folders_spec.rb | 58 + .../system_insights_shared_resources_spec.rb | 94 + ...ystem_insights_sharing_preferences_spec.rb | 106 + .../models/system_insights_sip_config_spec.rb | 64 + .../system_insights_startup_items_spec.rb | 82 + .../system_insights_system_controls_spec.rb | 28 +- .../system_insights_system_info_spec.rb | 44 +- .../models/system_insights_tpm_info_spec.rb | 100 + .../models/system_insights_uptime_spec.rb | 24 +- .../system_insights_usb_devices_spec.rb | 38 +- .../system_insights_user_groups_spec.rb | 18 +- .../system_insights_user_ssh_keys_spec.rb | 64 + .../models/system_insights_userassist_spec.rb | 70 + .../spec/models/system_insights_users_spec.rb | 70 +- .../system_insights_wifi_networks_spec.rb | 118 + .../system_insights_wifi_status_spec.rb | 124 + .../system_insights_windows_crashes_spec.rb | 162 - ...m_insights_windows_security_center_spec.rb | 88 + ...insights_windows_security_products_spec.rb | 82 + jcapiv2/spec/models/systemfdekey_spec.rb | 12 +- jcapiv2/spec/models/systemuser_spec.rb | 282 - .../systemuserputpost_addresses_spec.rb | 84 - .../systemuserputpost_phone_numbers_spec.rb | 48 - jcapiv2/spec/models/systemuserputpost_spec.rb | 264 - .../ticketing_integration_alert_spec.rb | 58 + .../ticketing_integration_alerts_resp_spec.rb | 40 + .../models/user_graph_management_req_spec.rb | 68 - ...user_group_attributes_posix_groups_spec.rb | 48 - .../spec/models/user_group_attributes_spec.rb | 48 - .../user_group_graph_management_req_spec.rb | 62 - .../models/user_group_members_req_spec.rb | 62 - jcapiv2/spec/models/user_group_post_spec.rb | 50 +- jcapiv2/spec/models/user_group_put_spec.rb | 50 +- jcapiv2/spec/models/user_group_spec.rb | 68 +- jcapiv2/spec/models/user_spec.rb | 112 + jcapiv2/spec/models/workday_fields_spec.rb | 14 +- jcapiv2/spec/models/workday_input_spec.rb | 16 +- jcapiv2/spec/models/workday_output_spec.rb | 20 +- jcapiv2/spec/models/workday_request_spec.rb | 48 - jcapiv2/spec/models/workday_worker_spec.rb | 20 +- .../spec/models/workdayoutput_auth_spec.rb | 14 +- jcapiv2/spec/spec_helper.rb | 9 +- 2041 files changed, 209332 insertions(+), 55382 deletions(-) create mode 100644 .DS_Store create mode 100644 jcapiv1/.rubocop.yml create mode 100644 jcapiv1/docs/ApplicationConfigSignAssertion.md create mode 100644 jcapiv1/docs/ApplicationLogo.md create mode 100644 jcapiv1/docs/ApplicationtemplateLogo.md create mode 100644 jcapiv1/docs/ApplicationtemplateOidc.md create mode 100644 jcapiv1/docs/ApplicationtemplateProvision.md delete mode 100644 jcapiv1/docs/Body1.md create mode 100644 jcapiv1/docs/CommandresultslistResults.md create mode 100644 jcapiv1/docs/Error.md create mode 100644 jcapiv1/docs/ErrorDetails.md rename jcapiv2/docs/Mfa.md => jcapiv1/docs/IdResetmfaBody.md (68%) create mode 100644 jcapiv1/docs/InlineResponse200.md create mode 100644 jcapiv1/docs/InlineResponse412.md create mode 100644 jcapiv1/docs/ManagedServiceProviderApi.md create mode 100644 jcapiv1/docs/MfaEnrollment.md rename jcapiv2/docs/ActiveDirectoryAgentInput.md => jcapiv1/docs/MfaEnrollmentStatus.md (74%) create mode 100644 jcapiv1/docs/Organization.md create mode 100644 jcapiv1/docs/Organizationentitlement.md create mode 100644 jcapiv1/docs/OrganizationentitlementEntitlementProducts.md create mode 100644 jcapiv1/docs/OrganizationsIdBody.md create mode 100644 jcapiv1/docs/Organizationsettings.md create mode 100644 jcapiv1/docs/OrganizationsettingsFeatures.md rename jcapiv2/docs/SystemGraphManagementReqAttributesSudo.md => jcapiv1/docs/OrganizationsettingsFeaturesDirectoryInsights.md (59%) create mode 100644 jcapiv1/docs/OrganizationsettingsFeaturesDirectoryInsightsPremium.md create mode 100644 jcapiv1/docs/OrganizationsettingsFeaturesSystemInsights.md create mode 100644 jcapiv1/docs/OrganizationsettingsNewSystemUserStateDefaults.md create mode 100644 jcapiv1/docs/OrganizationsettingsPasswordPolicy.md create mode 100644 jcapiv1/docs/OrganizationsettingsUserPortal.md create mode 100644 jcapiv1/docs/OrganizationsettingsWindowsMDM.md create mode 100644 jcapiv1/docs/Organizationsettingsput.md create mode 100644 jcapiv1/docs/OrganizationsettingsputNewSystemUserStateDefaults.md create mode 100644 jcapiv1/docs/OrganizationsettingsputPasswordPolicy.md rename jcapiv1/docs/{Body.md => RadiusserversIdBody.md} (58%) create mode 100644 jcapiv1/docs/RunCommandBody.md create mode 100644 jcapiv1/docs/Sso.md rename jcapiv1/docs/{Errorresponse.md => StateActivateBody.md} (61%) create mode 100644 jcapiv1/docs/SystemBuiltInCommands.md create mode 100644 jcapiv1/docs/SystemDomainInfo.md create mode 100644 jcapiv1/docs/SystemMdm.md create mode 100644 jcapiv1/docs/SystemMdmInternal.md rename jcapiv2/docs/OauthCodeInput.md => jcapiv1/docs/SystemMdmWindows.md (62%) create mode 100644 jcapiv1/docs/SystemOsVersionDetail.md create mode 100644 jcapiv1/docs/SystemProvisionMetadata.md create mode 100644 jcapiv1/docs/SystemProvisionMetadataProvisioner.md create mode 100644 jcapiv1/docs/SystemSecureLogin.md create mode 100644 jcapiv1/docs/SystemServiceAccountState.md create mode 100644 jcapiv1/docs/SystemUserMetrics.md delete mode 100644 jcapiv1/docs/Systemuser.md delete mode 100644 jcapiv1/docs/Systemuserbindingsput.md rename jcapiv2/docs/Body2.md => jcapiv1/docs/SystemuserputAttributes.md (54%) create mode 100644 jcapiv1/docs/SystemuserputRelationships.md create mode 100644 jcapiv1/docs/SystemuserputpostRecoveryEmail.md create mode 100644 jcapiv1/docs/SystemuserreturnRecoveryEmail.md delete mode 100644 jcapiv1/docs/Tag.md delete mode 100644 jcapiv1/docs/Tagpost.md delete mode 100644 jcapiv1/docs/Tagput.md delete mode 100644 jcapiv1/docs/TagsApi.md delete mode 100644 jcapiv1/docs/Tagslist.md create mode 100644 jcapiv1/docs/Totpenrollmentinfo.md create mode 100644 jcapiv1/docs/Triggerreturn.md create mode 100644 jcapiv1/docs/TrustedappConfigGet.md create mode 100644 jcapiv1/docs/TrustedappConfigGetTrustedApps.md create mode 100644 jcapiv1/docs/TrustedappConfigPut.md create mode 100644 jcapiv1/docs/Userput.md create mode 100644 jcapiv1/docs/Userreturn.md create mode 100644 jcapiv1/docs/UserreturnGrowthData.md create mode 100644 jcapiv1/docs/UsersApi.md delete mode 100644 jcapiv1/docs/Usersystembindingsput.md create mode 100644 jcapiv1/lib/jcapiv1/api/managed_service_provider_api.rb delete mode 100644 jcapiv1/lib/jcapiv1/api/tags_api.rb create mode 100644 jcapiv1/lib/jcapiv1/api/users_api.rb create mode 100644 jcapiv1/lib/jcapiv1/models/application_config_sign_assertion.rb create mode 100644 jcapiv1/lib/jcapiv1/models/application_logo.rb create mode 100644 jcapiv1/lib/jcapiv1/models/applicationtemplate_logo.rb create mode 100644 jcapiv1/lib/jcapiv1/models/applicationtemplate_oidc.rb create mode 100644 jcapiv1/lib/jcapiv1/models/applicationtemplate_provision.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/body.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/body_1.rb create mode 100644 jcapiv1/lib/jcapiv1/models/commandresultslist_results.rb create mode 100644 jcapiv1/lib/jcapiv1/models/error.rb create mode 100644 jcapiv1/lib/jcapiv1/models/error_details.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/errorresponse.rb create mode 100644 jcapiv1/lib/jcapiv1/models/id_resetmfa_body.rb create mode 100644 jcapiv1/lib/jcapiv1/models/inline_response_200.rb create mode 100644 jcapiv1/lib/jcapiv1/models/inline_response_412.rb create mode 100644 jcapiv1/lib/jcapiv1/models/mfa_enrollment.rb create mode 100644 jcapiv1/lib/jcapiv1/models/mfa_enrollment_status.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organization.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationentitlement.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationentitlement_entitlement_products.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizations_id_body.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettings.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettings_features.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettings_features_directory_insights.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettings_features_directory_insights_premium.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettings_features_system_insights.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettings_new_system_user_state_defaults.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettings_password_policy.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettings_user_portal.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettings_windows_mdm.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettingsput.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettingsput_new_system_user_state_defaults.rb create mode 100644 jcapiv1/lib/jcapiv1/models/organizationsettingsput_password_policy.rb create mode 100644 jcapiv1/lib/jcapiv1/models/radiusservers_id_body.rb create mode 100644 jcapiv1/lib/jcapiv1/models/run_command_body.rb create mode 100644 jcapiv1/lib/jcapiv1/models/sso.rb create mode 100644 jcapiv1/lib/jcapiv1/models/state_activate_body.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_built_in_commands.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_domain_info.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_mdm.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_mdm_internal.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_mdm_windows.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_os_version_detail.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_provision_metadata.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_provision_metadata_provisioner.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_secure_login.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_service_account_state.rb create mode 100644 jcapiv1/lib/jcapiv1/models/system_user_metrics.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/systemuser.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/systemuserbinding.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/systemuserbindingsput.rb create mode 100644 jcapiv1/lib/jcapiv1/models/systemuserput_attributes.rb create mode 100644 jcapiv1/lib/jcapiv1/models/systemuserput_relationships.rb create mode 100644 jcapiv1/lib/jcapiv1/models/systemuserputpost_recovery_email.rb create mode 100644 jcapiv1/lib/jcapiv1/models/systemuserreturn_recovery_email.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/tag.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/tagpost.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/tagput.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/tagslist.rb create mode 100644 jcapiv1/lib/jcapiv1/models/totpenrollmentinfo.rb create mode 100644 jcapiv1/lib/jcapiv1/models/triggerreturn.rb create mode 100644 jcapiv1/lib/jcapiv1/models/trustedapp_config_get.rb create mode 100644 jcapiv1/lib/jcapiv1/models/trustedapp_config_get_trusted_apps.rb create mode 100644 jcapiv1/lib/jcapiv1/models/trustedapp_config_put.rb create mode 100644 jcapiv1/lib/jcapiv1/models/userput.rb create mode 100644 jcapiv1/lib/jcapiv1/models/userreturn.rb create mode 100644 jcapiv1/lib/jcapiv1/models/userreturn_growth_data.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/usersystembinding.rb delete mode 100644 jcapiv1/lib/jcapiv1/models/usersystembindingsput.rb create mode 100644 jcapiv1/spec/api/managed_service_provider_api_spec.rb delete mode 100644 jcapiv1/spec/api/tags_api_spec.rb create mode 100644 jcapiv1/spec/api/users_api_spec.rb create mode 100644 jcapiv1/spec/base_object_spec.rb create mode 100644 jcapiv1/spec/models/application_config_sign_assertion_spec.rb create mode 100644 jcapiv1/spec/models/application_logo_spec.rb create mode 100644 jcapiv1/spec/models/applicationtemplate_logo_spec.rb create mode 100644 jcapiv1/spec/models/applicationtemplate_oidc_spec.rb create mode 100644 jcapiv1/spec/models/applicationtemplate_provision_spec.rb delete mode 100644 jcapiv1/spec/models/body_1_spec.rb delete mode 100644 jcapiv1/spec/models/body_spec.rb create mode 100644 jcapiv1/spec/models/commandresultslist_results_spec.rb create mode 100644 jcapiv1/spec/models/error_details_spec.rb create mode 100644 jcapiv1/spec/models/error_spec.rb delete mode 100644 jcapiv1/spec/models/errorresponse_spec.rb create mode 100644 jcapiv1/spec/models/id_resetmfa_body_spec.rb create mode 100644 jcapiv1/spec/models/inline_response_200_spec.rb create mode 100644 jcapiv1/spec/models/inline_response_412_spec.rb create mode 100644 jcapiv1/spec/models/mfa_enrollment_spec.rb create mode 100644 jcapiv1/spec/models/mfa_enrollment_status_spec.rb create mode 100644 jcapiv1/spec/models/organization_spec.rb create mode 100644 jcapiv1/spec/models/organizationentitlement_entitlement_products_spec.rb create mode 100644 jcapiv1/spec/models/organizationentitlement_spec.rb create mode 100644 jcapiv1/spec/models/organizations_id_body_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettings_features_directory_insights_premium_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettings_features_directory_insights_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettings_features_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettings_features_system_insights_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettings_new_system_user_state_defaults_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettings_password_policy_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettings_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettings_user_portal_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettings_windows_mdm_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettingsput_new_system_user_state_defaults_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettingsput_password_policy_spec.rb create mode 100644 jcapiv1/spec/models/organizationsettingsput_spec.rb create mode 100644 jcapiv1/spec/models/radiusservers_id_body_spec.rb create mode 100644 jcapiv1/spec/models/run_command_body_spec.rb create mode 100644 jcapiv1/spec/models/sso_spec.rb create mode 100644 jcapiv1/spec/models/state_activate_body_spec.rb create mode 100644 jcapiv1/spec/models/system_built_in_commands_spec.rb create mode 100644 jcapiv1/spec/models/system_domain_info_spec.rb create mode 100644 jcapiv1/spec/models/system_mdm_internal_spec.rb create mode 100644 jcapiv1/spec/models/system_mdm_spec.rb create mode 100644 jcapiv1/spec/models/system_mdm_windows_spec.rb create mode 100644 jcapiv1/spec/models/system_os_version_detail_spec.rb create mode 100644 jcapiv1/spec/models/system_provision_metadata_provisioner_spec.rb create mode 100644 jcapiv1/spec/models/system_provision_metadata_spec.rb create mode 100644 jcapiv1/spec/models/system_secure_login_spec.rb create mode 100644 jcapiv1/spec/models/system_service_account_state_spec.rb create mode 100644 jcapiv1/spec/models/system_user_metrics_spec.rb delete mode 100644 jcapiv1/spec/models/systemuser_spec.rb delete mode 100644 jcapiv1/spec/models/systemuserbinding_spec.rb delete mode 100644 jcapiv1/spec/models/systemuserbindingsput_spec.rb create mode 100644 jcapiv1/spec/models/systemuserput_attributes_spec.rb create mode 100644 jcapiv1/spec/models/systemuserput_relationships_spec.rb create mode 100644 jcapiv1/spec/models/systemuserputpost_recovery_email_spec.rb create mode 100644 jcapiv1/spec/models/systemuserreturn_recovery_email_spec.rb delete mode 100644 jcapiv1/spec/models/tag_spec.rb delete mode 100644 jcapiv1/spec/models/tagpost_spec.rb delete mode 100644 jcapiv1/spec/models/tagput_spec.rb delete mode 100644 jcapiv1/spec/models/tagslist_spec.rb create mode 100644 jcapiv1/spec/models/totpenrollmentinfo_spec.rb create mode 100644 jcapiv1/spec/models/triggerreturn_spec.rb create mode 100644 jcapiv1/spec/models/trustedapp_config_get_spec.rb create mode 100644 jcapiv1/spec/models/trustedapp_config_get_trusted_apps_spec.rb create mode 100644 jcapiv1/spec/models/trustedapp_config_put_spec.rb create mode 100644 jcapiv1/spec/models/userput_spec.rb create mode 100644 jcapiv1/spec/models/userreturn_growth_data_spec.rb create mode 100644 jcapiv1/spec/models/userreturn_spec.rb delete mode 100644 jcapiv1/spec/models/usersystembinding_spec.rb delete mode 100644 jcapiv1/spec/models/usersystembindingsput_spec.rb create mode 100644 jcapiv2/.rubocop.yml create mode 100644 jcapiv2/docs/ADE.md create mode 100644 jcapiv2/docs/ADES.md rename jcapiv2/docs/{ActiveDirectoryOutput.md => ActiveDirectory.md} (85%) rename jcapiv2/docs/{SalesforceKnowledgeListOutput.md => ActiveDirectoryAgent.md} (72%) rename jcapiv2/docs/{ActiveDirectoryAgentGetOutput.md => ActiveDirectoryAgentGet.md} (54%) create mode 100644 jcapiv2/docs/ActiveDirectoryAgentList.md delete mode 100644 jcapiv2/docs/ActiveDirectoryInput.md rename jcapiv2/docs/{SystemuserputpostAddresses.md => Address.md} (89%) create mode 100644 jcapiv2/docs/AdministratorOrganizationLink.md create mode 100644 jcapiv2/docs/AdministratorOrganizationLinkReq.md create mode 100644 jcapiv2/docs/AdministratorsApi.md create mode 100644 jcapiv2/docs/AllOfAutotaskTicketingAlertConfigurationListRecordsItems.md create mode 100644 jcapiv2/docs/AllOfConnectWiseTicketingAlertConfigurationListRecordsItems.md create mode 100644 jcapiv2/docs/AllOfPwmAllUsersResultsItems.md create mode 100644 jcapiv2/docs/AllOfPwmItemsMetadataResultsItems.md create mode 100644 jcapiv2/docs/AllOfSyncroTicketingAlertConfigurationListRecordsItems.md rename jcapiv1/docs/Systemuserbinding.md => jcapiv2/docs/AnyValue.md (78%) create mode 100644 jcapiv2/docs/AppleMdmDevice.md create mode 100644 jcapiv2/docs/AppleMdmDeviceInfo.md create mode 100644 jcapiv2/docs/AppleMdmDeviceSecurityInfo.md create mode 100644 jcapiv2/docs/AppleMdmPatch.md delete mode 100644 jcapiv2/docs/AppleMdmPatchInput.md create mode 100644 jcapiv2/docs/AppleMdmPublicKeyCert.md create mode 100644 jcapiv2/docs/AppleMdmSignedCsrPlist.md create mode 100644 jcapiv2/docs/ApplicationIdLogoBody.md rename jcapiv1/docs/Usersystembinding.md => jcapiv2/docs/Apps.md (78%) create mode 100644 jcapiv2/docs/AppsInner.md create mode 100644 jcapiv2/docs/AuthenticationPoliciesApi.md create mode 100644 jcapiv2/docs/AuthnPolicy.md create mode 100644 jcapiv2/docs/AuthnPolicyEffect.md create mode 100644 jcapiv2/docs/AuthnPolicyObligations.md rename jcapiv2/docs/{WorkdayRequest.md => AuthnPolicyObligationsExternalIdentityProvider.md} (70%) create mode 100644 jcapiv2/docs/AuthnPolicyObligationsMfa.md create mode 100644 jcapiv2/docs/AuthnPolicyObligationsUserVerification.md create mode 100644 jcapiv2/docs/AuthnPolicyResourceTarget.md create mode 100644 jcapiv2/docs/AuthnPolicyTargets.md create mode 100644 jcapiv2/docs/AuthnPolicyType.md create mode 100644 jcapiv2/docs/AuthnPolicyUserAttributeFilter.md create mode 100644 jcapiv2/docs/AuthnPolicyUserAttributeTarget.md create mode 100644 jcapiv2/docs/AuthnPolicyUserGroupTarget.md create mode 100644 jcapiv2/docs/AuthnPolicyUserTarget.md create mode 100644 jcapiv2/docs/AutotaskCompany.md create mode 100644 jcapiv2/docs/AutotaskCompanyResp.md create mode 100644 jcapiv2/docs/AutotaskCompanyTypeResp.md create mode 100644 jcapiv2/docs/AutotaskContract.md create mode 100644 jcapiv2/docs/AutotaskContractField.md create mode 100644 jcapiv2/docs/AutotaskContractFieldValues.md create mode 100644 jcapiv2/docs/AutotaskIntegration.md create mode 100644 jcapiv2/docs/AutotaskIntegrationPatchReq.md create mode 100644 jcapiv2/docs/AutotaskIntegrationReq.md create mode 100644 jcapiv2/docs/AutotaskMappingRequest.md create mode 100644 jcapiv2/docs/AutotaskMappingRequestCompany.md create mode 100644 jcapiv2/docs/AutotaskMappingRequestContract.md create mode 100644 jcapiv2/docs/AutotaskMappingRequestData.md create mode 100644 jcapiv2/docs/AutotaskMappingRequestOrganization.md create mode 100644 jcapiv2/docs/AutotaskMappingRequestService.md create mode 100644 jcapiv2/docs/AutotaskMappingResponse.md create mode 100644 jcapiv2/docs/AutotaskMappingResponseCompany.md create mode 100644 jcapiv2/docs/AutotaskMappingResponseContract.md create mode 100644 jcapiv2/docs/AutotaskMappingResponseOrganization.md create mode 100644 jcapiv2/docs/AutotaskMappingResponseService.md create mode 100644 jcapiv2/docs/AutotaskService.md create mode 100644 jcapiv2/docs/AutotaskSettings.md create mode 100644 jcapiv2/docs/AutotaskSettingsPatchReq.md create mode 100644 jcapiv2/docs/AutotaskTicketingAlertConfiguration.md create mode 100644 jcapiv2/docs/AutotaskTicketingAlertConfigurationList.md create mode 100644 jcapiv2/docs/AutotaskTicketingAlertConfigurationOption.md create mode 100644 jcapiv2/docs/AutotaskTicketingAlertConfigurationOptionValues.md create mode 100644 jcapiv2/docs/AutotaskTicketingAlertConfigurationOptions.md rename jcapiv2/docs/{UserGroupAttributesPosixGroups.md => AutotaskTicketingAlertConfigurationPriority.md} (77%) create mode 100644 jcapiv2/docs/AutotaskTicketingAlertConfigurationRequest.md create mode 100644 jcapiv2/docs/AutotaskTicketingAlertConfigurationResource.md create mode 100644 jcapiv2/docs/BillingIntegrationCompanyType.md delete mode 100644 jcapiv2/docs/Body.md create mode 100644 jcapiv2/docs/BulkScheduledStatechangeCreate.md create mode 100644 jcapiv2/docs/BulkUserExpire.md create mode 100644 jcapiv2/docs/BulkUserUnlock.md create mode 100644 jcapiv2/docs/CasesResponse.md create mode 100644 jcapiv2/docs/CommandResultList.md create mode 100644 jcapiv2/docs/CommandResultListResults.md create mode 100644 jcapiv2/docs/CommandResultsApi.md create mode 100644 jcapiv2/docs/CommandsGraphObjectWithPaths.md create mode 100644 jcapiv2/docs/ConfiguredPolicyTemplate.md create mode 100644 jcapiv2/docs/ConfiguredPolicyTemplateValue.md create mode 100644 jcapiv2/docs/ConnectWiseMappingRequest.md create mode 100644 jcapiv2/docs/ConnectWiseMappingRequestCompany.md create mode 100644 jcapiv2/docs/ConnectWiseMappingRequestData.md create mode 100644 jcapiv2/docs/ConnectWiseMappingRequestOrganization.md create mode 100644 jcapiv2/docs/ConnectWiseMappingResponse.md create mode 100644 jcapiv2/docs/ConnectWiseMappingResponseAddition.md create mode 100644 jcapiv2/docs/ConnectWiseSettings.md create mode 100644 jcapiv2/docs/ConnectWiseSettingsPatchReq.md create mode 100644 jcapiv2/docs/ConnectWiseTicketingAlertConfiguration.md create mode 100644 jcapiv2/docs/ConnectWiseTicketingAlertConfigurationList.md create mode 100644 jcapiv2/docs/ConnectWiseTicketingAlertConfigurationOption.md create mode 100644 jcapiv2/docs/ConnectWiseTicketingAlertConfigurationOptions.md create mode 100644 jcapiv2/docs/ConnectWiseTicketingAlertConfigurationRequest.md create mode 100644 jcapiv2/docs/ConnectwiseAddition.md create mode 100644 jcapiv2/docs/ConnectwiseAgreement.md create mode 100644 jcapiv2/docs/ConnectwiseCompany.md create mode 100644 jcapiv2/docs/ConnectwiseCompanyResp.md create mode 100644 jcapiv2/docs/ConnectwiseCompanyTypeResp.md create mode 100644 jcapiv2/docs/ConnectwiseIntegration.md create mode 100644 jcapiv2/docs/ConnectwiseIntegrationPatchReq.md create mode 100644 jcapiv2/docs/ConnectwiseIntegrationReq.md create mode 100644 jcapiv2/docs/CreateOrganization.md create mode 100644 jcapiv2/docs/CustomEmail.md create mode 100644 jcapiv2/docs/CustomEmailTemplate.md create mode 100644 jcapiv2/docs/CustomEmailTemplateField.md create mode 100644 jcapiv2/docs/CustomEmailType.md create mode 100644 jcapiv2/docs/CustomEmailsApi.md create mode 100644 jcapiv2/docs/DEP.md create mode 100644 jcapiv2/docs/DEPSetupAssistantOption.md create mode 100644 jcapiv2/docs/DEPWelcomeScreen.md delete mode 100644 jcapiv2/docs/DefaultApi.md rename jcapiv2/docs/{SalesforceknowledgelistoutputInner.md => DefaultDomain.md} (69%) create mode 100644 jcapiv2/docs/DeviceIdEraseBody.md create mode 100644 jcapiv2/docs/DeviceIdLockBody.md create mode 100644 jcapiv2/docs/DeviceIdResetpasswordBody.md create mode 100644 jcapiv2/docs/DeviceIdRestartBody.md create mode 100644 jcapiv2/docs/DevicePackageV1Device.md create mode 100644 jcapiv2/docs/DevicePackageV1ListDevicesResponse.md create mode 100644 jcapiv2/docs/DevicesGetSignInWithJumpCloudSettingsResponse.md create mode 100644 jcapiv2/docs/DevicesSetSignInWithJumpCloudSettingsRequest.md create mode 100644 jcapiv2/docs/DevicesSignInWithJumpCloudSetting.md create mode 100644 jcapiv2/docs/DevicesSignInWithJumpCloudSettingOSFamily.md create mode 100644 jcapiv2/docs/DevicesSignInWithJumpCloudSettingPermission.md rename jcapiv2/docs/{EnrollmentProfile.md => DirectoryDefaultDomain.md} (65%) delete mode 100644 jcapiv2/docs/DuoRegistrationApplication.md delete mode 100644 jcapiv2/docs/DuoRegistrationApplicationReq.md delete mode 100644 jcapiv2/docs/Emailrequest.md create mode 100644 jcapiv2/docs/EnterprisesEnterpriseIdBody.md create mode 100644 jcapiv2/docs/ErrorDetails.md delete mode 100644 jcapiv2/docs/Errorresponse.md create mode 100644 jcapiv2/docs/Feature.md create mode 100644 jcapiv2/docs/FeatureTrialData.md create mode 100644 jcapiv2/docs/FeatureTrialsApi.md create mode 100644 jcapiv2/docs/Filter.md create mode 100644 jcapiv2/docs/FilterQuery.md create mode 100644 jcapiv2/docs/GSuiteDirectionTranslation.md create mode 100644 jcapiv2/docs/GSuiteImportApi.md create mode 100644 jcapiv2/docs/GoogleEMMApi.md create mode 100644 jcapiv2/docs/GoogleProtobufAny.md create mode 100644 jcapiv2/docs/GoogleRpcStatus.md create mode 100644 jcapiv2/docs/GraphAttributeLdapGroups.md create mode 100644 jcapiv2/docs/GraphAttributePosixGroups.md create mode 100644 jcapiv2/docs/GraphAttributePosixGroupsPosixGroups.md create mode 100644 jcapiv2/docs/GraphAttributeRadius.md create mode 100644 jcapiv2/docs/GraphAttributeRadiusRadius.md create mode 100644 jcapiv2/docs/GraphAttributeRadiusRadiusReply.md create mode 100644 jcapiv2/docs/GraphAttributeSambaEnabled.md create mode 100644 jcapiv2/docs/GraphAttributeSudo.md create mode 100644 jcapiv2/docs/GraphAttributeSudoSudo.md create mode 100644 jcapiv2/docs/GraphAttributes.md rename jcapiv2/docs/{SystemGroupGraphManagementReq.md => GraphOperation.md} (79%) create mode 100644 jcapiv2/docs/GraphOperationActiveDirectory.md create mode 100644 jcapiv2/docs/GraphOperationApplication.md create mode 100644 jcapiv2/docs/GraphOperationCommand.md create mode 100644 jcapiv2/docs/GraphOperationGSuite.md create mode 100644 jcapiv2/docs/GraphOperationLdapServer.md create mode 100644 jcapiv2/docs/GraphOperationOffice365.md rename jcapiv2/docs/{SystemGraphManagementReq.md => GraphOperationPolicy.md} (58%) create mode 100644 jcapiv2/docs/GraphOperationPolicyGroup.md rename jcapiv2/docs/{UserGraphManagementReq.md => GraphOperationPolicyGroupMember.md} (60%) create mode 100644 jcapiv2/docs/GraphOperationRadiusServer.md create mode 100644 jcapiv2/docs/GraphOperationSoftwareApp.md create mode 100644 jcapiv2/docs/GraphOperationSystem.md create mode 100644 jcapiv2/docs/GraphOperationSystemGroup.md create mode 100644 jcapiv2/docs/GraphOperationSystemGroupMember.md rename jcapiv2/docs/{GraphManagementReq.md => GraphOperationUser.md} (62%) create mode 100644 jcapiv2/docs/GraphOperationUserGroup.md rename jcapiv2/docs/{UserGroupGraphManagementReq.md => GraphOperationUserGroupMember.md} (62%) create mode 100644 jcapiv2/docs/GroupAttributesUserGroup.md create mode 100644 jcapiv2/docs/GroupIdSuggestionsBody.md create mode 100644 jcapiv2/docs/GroupIdSuggestionsBody1.md create mode 100644 jcapiv2/docs/GroupMembershipMethodType.md create mode 100644 jcapiv2/docs/GroupPwm.md create mode 100644 jcapiv2/docs/Groups.md create mode 100644 jcapiv2/docs/GroupsInner.md rename jcapiv2/docs/{GsuiteOutput.md => Gsuite.md} (59%) rename jcapiv2/docs/{JcEnrollmentProfile.md => IPList.md} (50%) create mode 100644 jcapiv2/docs/IPListRequest.md create mode 100644 jcapiv2/docs/IPListsApi.md create mode 100644 jcapiv2/docs/ImageApi.md create mode 100644 jcapiv2/docs/ImportOperation.md create mode 100644 jcapiv2/docs/ImportUser.md create mode 100644 jcapiv2/docs/ImportUserAddress.md create mode 100644 jcapiv2/docs/ImportUserPhoneNumber.md create mode 100644 jcapiv2/docs/ImportUsersRequest.md create mode 100644 jcapiv2/docs/ImportUsersResponse.md create mode 100644 jcapiv2/docs/InlineResponse20010.md create mode 100644 jcapiv2/docs/InlineResponse20011.md create mode 100644 jcapiv2/docs/InlineResponse20012.md create mode 100644 jcapiv2/docs/InlineResponse20012Users.md create mode 100644 jcapiv2/docs/InlineResponse20013.md create mode 100644 jcapiv2/docs/InlineResponse20014.md create mode 100644 jcapiv2/docs/InlineResponse20015.md create mode 100644 jcapiv2/docs/InlineResponse2002.md create mode 100644 jcapiv2/docs/InlineResponse2002Users.md create mode 100644 jcapiv2/docs/InlineResponse2003.md create mode 100644 jcapiv2/docs/InlineResponse2004.md create mode 100644 jcapiv2/docs/InlineResponse2005.md create mode 100644 jcapiv2/docs/InlineResponse2006.md create mode 100644 jcapiv2/docs/InlineResponse2007.md create mode 100644 jcapiv2/docs/InlineResponse2008.md create mode 100644 jcapiv2/docs/InlineResponse2009.md create mode 100644 jcapiv2/docs/InstallActionType.md create mode 100644 jcapiv2/docs/Integration.md create mode 100644 jcapiv2/docs/IntegrationSyncError.md create mode 100644 jcapiv2/docs/IntegrationSyncErrorResp.md create mode 100644 jcapiv2/docs/IntegrationType.md create mode 100644 jcapiv2/docs/IntegrationsResponse.md delete mode 100644 jcapiv2/docs/JobDetails.md create mode 100644 jcapiv2/docs/JumpcloudGappsDomain.md create mode 100644 jcapiv2/docs/JumpcloudGappsDomainListResponse.md create mode 100644 jcapiv2/docs/JumpcloudGappsDomainResponse.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmAllowPersonalUsage.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmCommandResponse.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmCommonCriteriaModeInfo.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmConnectionStatus.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmCreateEnrollmentTokenRequest.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmCreateEnrollmentTokenResponse.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmCreateEnterpriseRequest.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmCreateWebTokenRequest.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmDevice.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmDeviceAndroidPolicy.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmDeviceData.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmDeviceInformation.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmDeviceSettings.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmDeviceStateInfo.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmEMMEnrollmentInfo.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmEnterprise.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmFeature.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmHardwareInfo.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmListDevicesResponse.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmListEnterprisesResponse.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmMemoryInfo.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmNetworkInfo.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmSecurityPosture.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmSignupURL.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmSoftwareInfo.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmSystemUpdateInfo.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmTelephonyInfo.md create mode 100644 jcapiv2/docs/JumpcloudGoogleEmmWebToken.md create mode 100644 jcapiv2/docs/JumpcloudMspGetDetailsResponse.md create mode 100644 jcapiv2/docs/JumpcloudMspProduct.md create mode 100644 jcapiv2/docs/JumpcloudPackageValidatorApplePackageDetails.md create mode 100644 jcapiv2/docs/JumpcloudPackageValidatorValidateApplicationInstallPackageRequest.md create mode 100644 jcapiv2/docs/JumpcloudPackageValidatorValidateApplicationInstallPackageResponse.md delete mode 100644 jcapiv2/docs/KnowledgeApi.md rename jcapiv2/docs/{ProviderContact.md => LdapGroup.md} (68%) rename jcapiv2/docs/{LdapServerOutput.md => LdapServer.md} (58%) delete mode 100644 jcapiv2/docs/LdapServerInput.md rename jcapiv2/docs/{Body3.md => LdapserversIdBody.md} (92%) create mode 100644 jcapiv2/docs/LogosApi.md create mode 100644 jcapiv2/docs/ManagedServiceProviderApi.md create mode 100644 jcapiv2/docs/MemberSuggestion.md create mode 100644 jcapiv2/docs/MemberSuggestionsPostResult.md create mode 100644 jcapiv2/docs/ModelCase.md create mode 100644 jcapiv2/docs/O365Domain.md create mode 100644 jcapiv2/docs/O365DomainResponse.md create mode 100644 jcapiv2/docs/O365DomainsListResponse.md create mode 100644 jcapiv2/docs/OSRestriction.md create mode 100644 jcapiv2/docs/OSRestrictionAppleRestrictions.md create mode 100644 jcapiv2/docs/ObjectStorageItem.md create mode 100644 jcapiv2/docs/ObjectStorageVersion.md rename jcapiv2/docs/{GsuitePatchInput.md => Office365.md} (50%) create mode 100644 jcapiv2/docs/Office365DirectionTranslation.md create mode 100644 jcapiv2/docs/Office365IdDomainsBody.md create mode 100644 jcapiv2/docs/Office365ImportApi.md delete mode 100644 jcapiv2/docs/OrgCryptoSettings.md create mode 100644 jcapiv2/docs/Organization.md delete mode 100644 jcapiv2/docs/OrgcryptosettingsSshKeys.md create mode 100644 jcapiv2/docs/PasswordManagerApi.md create mode 100644 jcapiv2/docs/PasswordsSecurity.md rename jcapiv2/docs/{SystemuserputpostPhoneNumbers.md => PhoneNumber.md} (76%) create mode 100644 jcapiv2/docs/PolicyGroup.md create mode 100644 jcapiv2/docs/PolicyGroupAssociationsApi.md create mode 100644 jcapiv2/docs/PolicyGroupData.md create mode 100644 jcapiv2/docs/PolicyGroupMembersMembershipApi.md create mode 100644 jcapiv2/docs/PolicyGroupTemplate.md rename jcapiv2/docs/{Body1.md => PolicyGroupTemplateMember.md} (54%) create mode 100644 jcapiv2/docs/PolicyGroupTemplateMembers.md create mode 100644 jcapiv2/docs/PolicyGroupTemplates.md create mode 100644 jcapiv2/docs/PolicyGroupTemplatesApi.md create mode 100644 jcapiv2/docs/PolicyGroupsApi.md create mode 100644 jcapiv2/docs/ProviderInvoice.md create mode 100644 jcapiv2/docs/ProviderInvoiceResponse.md create mode 100644 jcapiv2/docs/PushEndpointResponse.md create mode 100644 jcapiv2/docs/PushEndpointResponseDevice.md rename jcapiv2/docs/{ActiveDirectoryAgentListOutput.md => PushendpointsPushEndpointIdBody.md} (55%) create mode 100644 jcapiv2/docs/PwmAllUsers.md create mode 100644 jcapiv2/docs/PwmCloudBackupRestores.md create mode 100644 jcapiv2/docs/PwmItemHistory.md create mode 100644 jcapiv2/docs/PwmItemsCountByType.md create mode 100644 jcapiv2/docs/PwmItemsMetadata.md create mode 100644 jcapiv2/docs/PwmOverviewAppVersions.md create mode 100644 jcapiv2/docs/PwmOverviewAppVersionsResults.md create mode 100644 jcapiv2/docs/PwmOverviewMain.md create mode 100644 jcapiv2/docs/PwmOverviewMainDevices.md create mode 100644 jcapiv2/docs/PwmUser.md create mode 100644 jcapiv2/docs/PwmUserById.md create mode 100644 jcapiv2/docs/PwmUserItem.md create mode 100644 jcapiv2/docs/PwmUserItems.md create mode 100644 jcapiv2/docs/PwmUserSharedFolders.md create mode 100644 jcapiv2/docs/PwmUserSharedFoldersResults.md create mode 100644 jcapiv2/docs/Query.md create mode 100644 jcapiv2/docs/QueuedCommandList.md create mode 100644 jcapiv2/docs/QueuedCommandListResults.md create mode 100644 jcapiv2/docs/SCIMImportApi.md rename jcapiv2/docs/{SambaDomainInput.md => SambaDomain.md} (52%) delete mode 100644 jcapiv2/docs/SambaDomainOutput.md create mode 100644 jcapiv2/docs/ScheduleOSUpdate.md create mode 100644 jcapiv2/docs/ScheduledUserstateResult.md create mode 100644 jcapiv2/docs/SetupAssistantOption.md create mode 100644 jcapiv2/docs/SharedFolder.md create mode 100644 jcapiv2/docs/SharedFolderAccessLevels.md create mode 100644 jcapiv2/docs/SharedFolderAccessLevelsResults.md create mode 100644 jcapiv2/docs/SharedFolderDetails.md create mode 100644 jcapiv2/docs/SharedFolderGroups.md create mode 100644 jcapiv2/docs/SharedFolderUsers.md create mode 100644 jcapiv2/docs/SharedFolderUsersResults.md create mode 100644 jcapiv2/docs/SharedFoldersList.md create mode 100644 jcapiv2/docs/SoftwareApp.md create mode 100644 jcapiv2/docs/SoftwareAppAppleVpp.md create mode 100644 jcapiv2/docs/SoftwareAppCreate.md create mode 100644 jcapiv2/docs/SoftwareAppGoogleAndroid.md create mode 100644 jcapiv2/docs/SoftwareAppPermissionGrants.md create mode 100644 jcapiv2/docs/SoftwareAppReclaimLicenses.md create mode 100644 jcapiv2/docs/SoftwareAppSettings.md create mode 100644 jcapiv2/docs/SoftwareAppStatus.md create mode 100644 jcapiv2/docs/SoftwareAppWithStatus.md create mode 100644 jcapiv2/docs/SoftwareAppsApi.md create mode 100644 jcapiv2/docs/SoftwareAppsRetryInstallationRequest.md delete mode 100644 jcapiv2/docs/Sshkeylist.md create mode 100644 jcapiv2/docs/Subscription.md create mode 100644 jcapiv2/docs/SubscriptionsApi.md create mode 100644 jcapiv2/docs/SuggestionCounts.md create mode 100644 jcapiv2/docs/SyncroBillingMappingConfigurationOption.md create mode 100644 jcapiv2/docs/SyncroBillingMappingConfigurationOptionValue.md create mode 100644 jcapiv2/docs/SyncroBillingMappingConfigurationOptionValueLine.md create mode 100644 jcapiv2/docs/SyncroBillingMappingConfigurationOptionsResp.md create mode 100644 jcapiv2/docs/SyncroCompany.md create mode 100644 jcapiv2/docs/SyncroCompanyResp.md create mode 100644 jcapiv2/docs/SyncroIntegration.md create mode 100644 jcapiv2/docs/SyncroIntegrationPatchReq.md create mode 100644 jcapiv2/docs/SyncroIntegrationReq.md create mode 100644 jcapiv2/docs/SyncroMappingRequest.md create mode 100644 jcapiv2/docs/SyncroMappingRequestBillingConfigurations.md create mode 100644 jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFields.md create mode 100644 jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFieldsLineItemId.md create mode 100644 jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFieldsLineItemName.md create mode 100644 jcapiv2/docs/SyncroMappingRequestData.md create mode 100644 jcapiv2/docs/SyncroMappingResponse.md create mode 100644 jcapiv2/docs/SyncroSettings.md create mode 100644 jcapiv2/docs/SyncroSettingsPatchReq.md create mode 100644 jcapiv2/docs/SyncroTicketingAlertConfiguration.md create mode 100644 jcapiv2/docs/SyncroTicketingAlertConfigurationList.md create mode 100644 jcapiv2/docs/SyncroTicketingAlertConfigurationOption.md create mode 100644 jcapiv2/docs/SyncroTicketingAlertConfigurationOptions.md create mode 100644 jcapiv2/docs/SyncroTicketingAlertConfigurationRequest.md delete mode 100644 jcapiv2/docs/SystemGraphManagementReqAttributes.md delete mode 100644 jcapiv2/docs/SystemGroupData.md delete mode 100644 jcapiv2/docs/SystemGroupMembersReq.md create mode 100644 jcapiv2/docs/SystemGroupPost.md create mode 100644 jcapiv2/docs/SystemGroupPut.md create mode 100644 jcapiv2/docs/SystemInsightsAlf.md create mode 100644 jcapiv2/docs/SystemInsightsAlfExceptions.md create mode 100644 jcapiv2/docs/SystemInsightsAlfExplicitAuths.md create mode 100644 jcapiv2/docs/SystemInsightsAppcompatShims.md create mode 100644 jcapiv2/docs/SystemInsightsAuthorizedKeys.md create mode 100644 jcapiv2/docs/SystemInsightsAzureInstanceMetadata.md create mode 100644 jcapiv2/docs/SystemInsightsAzureInstanceTags.md create mode 100644 jcapiv2/docs/SystemInsightsCertificates.md create mode 100644 jcapiv2/docs/SystemInsightsChassisInfo.md create mode 100644 jcapiv2/docs/SystemInsightsConnectivity.md create mode 100644 jcapiv2/docs/SystemInsightsCupsDestinations.md create mode 100644 jcapiv2/docs/SystemInsightsDnsResolvers.md create mode 100644 jcapiv2/docs/SystemInsightsInterfaceDetails.md create mode 100644 jcapiv2/docs/SystemInsightsLinuxPackages.md rename jcapiv2/docs/{SystemInsightsLogicalDrvies.md => SystemInsightsLogicalDrives.md} (92%) create mode 100644 jcapiv2/docs/SystemInsightsManagedPolicies.md create mode 100644 jcapiv2/docs/SystemInsightsPythonPackages.md create mode 100644 jcapiv2/docs/SystemInsightsScheduledTasks.md create mode 100644 jcapiv2/docs/SystemInsightsSecureboot.md create mode 100644 jcapiv2/docs/SystemInsightsServices.md create mode 100644 jcapiv2/docs/SystemInsightsShadow.md create mode 100644 jcapiv2/docs/SystemInsightsSharedFolders.md create mode 100644 jcapiv2/docs/SystemInsightsSharedResources.md create mode 100644 jcapiv2/docs/SystemInsightsSharingPreferences.md create mode 100644 jcapiv2/docs/SystemInsightsSipConfig.md create mode 100644 jcapiv2/docs/SystemInsightsStartupItems.md create mode 100644 jcapiv2/docs/SystemInsightsTpmInfo.md create mode 100644 jcapiv2/docs/SystemInsightsUserSshKeys.md create mode 100644 jcapiv2/docs/SystemInsightsUserassist.md create mode 100644 jcapiv2/docs/SystemInsightsWifiNetworks.md create mode 100644 jcapiv2/docs/SystemInsightsWifiStatus.md delete mode 100644 jcapiv2/docs/SystemInsightsWindowsCrashes.md create mode 100644 jcapiv2/docs/SystemInsightsWindowsSecurityCenter.md create mode 100644 jcapiv2/docs/SystemInsightsWindowsSecurityProducts.md create mode 100644 jcapiv2/docs/SystemsOrganizationSettingsApi.md delete mode 100644 jcapiv2/docs/Systemuser.md delete mode 100644 jcapiv2/docs/Systemuserputpost.md create mode 100644 jcapiv2/docs/TicketingIntegrationAlert.md create mode 100644 jcapiv2/docs/TicketingIntegrationAlertsResp.md create mode 100644 jcapiv2/docs/User.md delete mode 100644 jcapiv2/docs/UserGroupAttributes.md delete mode 100644 jcapiv2/docs/UserGroupMembersReq.md create mode 100644 jcapiv2/lib/jcapiv2/api/administrators_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/authentication_policies_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/command_results_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/custom_emails_api.rb delete mode 100644 jcapiv2/lib/jcapiv2/api/default_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/feature_trials_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/g_suite_import_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/google_emm_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/image_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/ip_lists_api.rb delete mode 100644 jcapiv2/lib/jcapiv2/api/knowledge_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/logos_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/managed_service_provider_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/office365_import_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/password_manager_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/policy_group_associations_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/policy_group_members_membership_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/policy_group_templates_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/policy_groups_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/scim_import_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/software_apps_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/subscriptions_api.rb create mode 100644 jcapiv2/lib/jcapiv2/api/systems_organization_settings_api.rb create mode 100644 jcapiv2/lib/jcapiv2/models/active_directory.rb create mode 100644 jcapiv2/lib/jcapiv2/models/active_directory_agent.rb create mode 100644 jcapiv2/lib/jcapiv2/models/active_directory_agent_get.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/active_directory_agent_get_output.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/active_directory_agent_input.rb create mode 100644 jcapiv2/lib/jcapiv2/models/active_directory_agent_list.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/active_directory_agent_list_output.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/active_directory_input.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/active_directory_output.rb create mode 100644 jcapiv2/lib/jcapiv2/models/address.rb create mode 100644 jcapiv2/lib/jcapiv2/models/ade.rb create mode 100644 jcapiv2/lib/jcapiv2/models/ades.rb create mode 100644 jcapiv2/lib/jcapiv2/models/administrator_organization_link.rb create mode 100644 jcapiv2/lib/jcapiv2/models/administrator_organization_link_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/all_of_autotask_ticketing_alert_configuration_list_records_items.rb create mode 100644 jcapiv2/lib/jcapiv2/models/all_of_connect_wise_ticketing_alert_configuration_list_records_items.rb create mode 100644 jcapiv2/lib/jcapiv2/models/all_of_pwm_all_users_results_items.rb create mode 100644 jcapiv2/lib/jcapiv2/models/all_of_pwm_items_metadata_results_items.rb create mode 100644 jcapiv2/lib/jcapiv2/models/all_of_syncro_ticketing_alert_configuration_list_records_items.rb create mode 100644 jcapiv2/lib/jcapiv2/models/any_value.rb create mode 100644 jcapiv2/lib/jcapiv2/models/apple_mdm_device.rb create mode 100644 jcapiv2/lib/jcapiv2/models/apple_mdm_device_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/apple_mdm_device_security_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/apple_mdm_patch.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/apple_mdm_patch_input.rb create mode 100644 jcapiv2/lib/jcapiv2/models/apple_mdm_public_key_cert.rb create mode 100644 jcapiv2/lib/jcapiv2/models/apple_mdm_signed_csr_plist.rb create mode 100644 jcapiv2/lib/jcapiv2/models/application_id_logo_body.rb create mode 100644 jcapiv2/lib/jcapiv2/models/apps.rb create mode 100644 jcapiv2/lib/jcapiv2/models/apps_inner.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_effect.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_obligations.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_obligations_external_identity_provider.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_obligations_mfa.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_obligations_user_verification.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_resource_target.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_targets.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_type.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_user_attribute_filter.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_user_attribute_target.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_user_group_target.rb create mode 100644 jcapiv2/lib/jcapiv2/models/authn_policy_user_target.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_company.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_company_resp.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_company_type_resp.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_contract.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_contract_field.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_contract_field_values.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_integration.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_integration_patch_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_integration_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_request_company.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_request_contract.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_request_data.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_request_organization.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_request_service.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_response_company.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_response_contract.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_response_organization.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_mapping_response_service.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_service.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_settings.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_settings_patch_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_list.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_option.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_option_values.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_options.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_priority.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_resource.rb create mode 100644 jcapiv2/lib/jcapiv2/models/billing_integration_company_type.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/body.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/body_1.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/body_2.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/body_3.rb create mode 100644 jcapiv2/lib/jcapiv2/models/bulk_scheduled_statechange_create.rb create mode 100644 jcapiv2/lib/jcapiv2/models/bulk_user_expire.rb create mode 100644 jcapiv2/lib/jcapiv2/models/bulk_user_unlock.rb create mode 100644 jcapiv2/lib/jcapiv2/models/cases_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/command_result_list.rb create mode 100644 jcapiv2/lib/jcapiv2/models/command_result_list_results.rb create mode 100644 jcapiv2/lib/jcapiv2/models/commands_graph_object_with_paths.rb create mode 100644 jcapiv2/lib/jcapiv2/models/configured_policy_template.rb create mode 100644 jcapiv2/lib/jcapiv2/models/configured_policy_template_value.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_company.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_data.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_organization.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_mapping_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_mapping_response_addition.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_settings.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_settings_patch_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_list.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_option.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_options.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connectwise_addition.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connectwise_agreement.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connectwise_company.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connectwise_company_resp.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connectwise_company_type_resp.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connectwise_integration.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connectwise_integration_patch_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/connectwise_integration_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/create_organization.rb create mode 100644 jcapiv2/lib/jcapiv2/models/custom_email.rb create mode 100644 jcapiv2/lib/jcapiv2/models/custom_email_template.rb create mode 100644 jcapiv2/lib/jcapiv2/models/custom_email_template_field.rb create mode 100644 jcapiv2/lib/jcapiv2/models/custom_email_type.rb create mode 100644 jcapiv2/lib/jcapiv2/models/default_domain.rb create mode 100644 jcapiv2/lib/jcapiv2/models/dep.rb create mode 100644 jcapiv2/lib/jcapiv2/models/dep_setup_assistant_option.rb create mode 100644 jcapiv2/lib/jcapiv2/models/dep_welcome_screen.rb create mode 100644 jcapiv2/lib/jcapiv2/models/device_id_erase_body.rb create mode 100644 jcapiv2/lib/jcapiv2/models/device_id_lock_body.rb create mode 100644 jcapiv2/lib/jcapiv2/models/device_id_resetpassword_body.rb create mode 100644 jcapiv2/lib/jcapiv2/models/device_id_restart_body.rb create mode 100644 jcapiv2/lib/jcapiv2/models/device_package_v1_device.rb create mode 100644 jcapiv2/lib/jcapiv2/models/device_package_v1_list_devices_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/devices_get_sign_in_with_jump_cloud_settings_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/devices_set_sign_in_with_jump_cloud_settings_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting.rb create mode 100644 jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting_os_family.rb create mode 100644 jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting_permission.rb create mode 100644 jcapiv2/lib/jcapiv2/models/directory_default_domain.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/duo_registration_application.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/duo_registration_application_req.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/emailrequest.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/enrollment_profile.rb create mode 100644 jcapiv2/lib/jcapiv2/models/enterprises_enterprise_id_body.rb create mode 100644 jcapiv2/lib/jcapiv2/models/error_details.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/errorresponse.rb create mode 100644 jcapiv2/lib/jcapiv2/models/feature.rb create mode 100644 jcapiv2/lib/jcapiv2/models/feature_trial_data.rb create mode 100644 jcapiv2/lib/jcapiv2/models/filter.rb create mode 100644 jcapiv2/lib/jcapiv2/models/filter_query.rb create mode 100644 jcapiv2/lib/jcapiv2/models/g_suite_direction_translation.rb create mode 100644 jcapiv2/lib/jcapiv2/models/google_protobuf_any.rb create mode 100644 jcapiv2/lib/jcapiv2/models/google_rpc_status.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_attribute_ldap_groups.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_attribute_posix_groups.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_attribute_posix_groups_posix_groups.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_attribute_radius.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_attribute_radius_radius.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_attribute_radius_radius_reply.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_attribute_samba_enabled.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_attribute_sudo.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_attribute_sudo_sudo.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_attributes.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/graph_management_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_active_directory.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_application.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_command.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_g_suite.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_ldap_server.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_office365.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_policy.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_policy_group.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_policy_group_member.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_radius_server.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_software_app.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_system.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_system_group.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_system_group_member.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_user.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_user_group.rb create mode 100644 jcapiv2/lib/jcapiv2/models/graph_operation_user_group_member.rb create mode 100644 jcapiv2/lib/jcapiv2/models/group_attributes_user_group.rb create mode 100644 jcapiv2/lib/jcapiv2/models/group_id_suggestions_body.rb create mode 100644 jcapiv2/lib/jcapiv2/models/group_id_suggestions_body_1.rb create mode 100644 jcapiv2/lib/jcapiv2/models/group_membership_method_type.rb create mode 100644 jcapiv2/lib/jcapiv2/models/group_pwm.rb create mode 100644 jcapiv2/lib/jcapiv2/models/groups.rb create mode 100644 jcapiv2/lib/jcapiv2/models/groups_inner.rb create mode 100644 jcapiv2/lib/jcapiv2/models/gsuite.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/gsuite_output.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/gsuite_patch_input.rb create mode 100644 jcapiv2/lib/jcapiv2/models/import_operation.rb create mode 100644 jcapiv2/lib/jcapiv2/models/import_user.rb create mode 100644 jcapiv2/lib/jcapiv2/models/import_user_address.rb create mode 100644 jcapiv2/lib/jcapiv2/models/import_user_phone_number.rb create mode 100644 jcapiv2/lib/jcapiv2/models/import_users_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/import_users_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_10.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_11.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_12.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_12_users.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_13.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_14.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_15.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_2.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_2_users.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_3.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_4.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_5.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_6.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_7.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_8.rb create mode 100644 jcapiv2/lib/jcapiv2/models/inline_response_200_9.rb create mode 100644 jcapiv2/lib/jcapiv2/models/install_action_type.rb create mode 100644 jcapiv2/lib/jcapiv2/models/integration.rb create mode 100644 jcapiv2/lib/jcapiv2/models/integration_sync_error.rb create mode 100644 jcapiv2/lib/jcapiv2/models/integration_sync_error_resp.rb create mode 100644 jcapiv2/lib/jcapiv2/models/integration_type.rb create mode 100644 jcapiv2/lib/jcapiv2/models/integrations_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/ip_list.rb create mode 100644 jcapiv2/lib/jcapiv2/models/ip_list_request.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/jc_enrollment_profile.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/job_details.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain_list_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_allow_personal_usage.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_command_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_common_criteria_mode_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_connection_status.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enrollment_token_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enrollment_token_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enterprise_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_web_token_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_android_policy.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_data.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_information.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_settings.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_state_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_emm_enrollment_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_enterprise.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_feature.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_hardware_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_list_devices_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_list_enterprises_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_memory_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_network_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_security_posture.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_signup_url.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_software_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_system_update_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_telephony_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_web_token.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_msp_get_details_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_msp_product.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_apple_package_details.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_validate_application_install_package_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_validate_application_install_package_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/ldap_group.rb create mode 100644 jcapiv2/lib/jcapiv2/models/ldap_server.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/ldap_server_input.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/ldap_server_output.rb create mode 100644 jcapiv2/lib/jcapiv2/models/ldapservers_id_body.rb create mode 100644 jcapiv2/lib/jcapiv2/models/member_suggestion.rb create mode 100644 jcapiv2/lib/jcapiv2/models/member_suggestions_post_result.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/mfa.rb create mode 100644 jcapiv2/lib/jcapiv2/models/model_case.rb create mode 100644 jcapiv2/lib/jcapiv2/models/o365_domain.rb create mode 100644 jcapiv2/lib/jcapiv2/models/o365_domain_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/o365_domains_list_response.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/oauth_code_input.rb create mode 100644 jcapiv2/lib/jcapiv2/models/object_storage_item.rb create mode 100644 jcapiv2/lib/jcapiv2/models/object_storage_version.rb create mode 100644 jcapiv2/lib/jcapiv2/models/office365.rb create mode 100644 jcapiv2/lib/jcapiv2/models/office365_direction_translation.rb create mode 100644 jcapiv2/lib/jcapiv2/models/office365_id_domains_body.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/org_crypto_settings.rb create mode 100644 jcapiv2/lib/jcapiv2/models/organization.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/orgcryptosettings_ssh_keys.rb create mode 100644 jcapiv2/lib/jcapiv2/models/os_restriction.rb create mode 100644 jcapiv2/lib/jcapiv2/models/os_restriction_apple_restrictions.rb create mode 100644 jcapiv2/lib/jcapiv2/models/passwords_security.rb create mode 100644 jcapiv2/lib/jcapiv2/models/phone_number.rb create mode 100644 jcapiv2/lib/jcapiv2/models/policy_group.rb create mode 100644 jcapiv2/lib/jcapiv2/models/policy_group_data.rb create mode 100644 jcapiv2/lib/jcapiv2/models/policy_group_template.rb create mode 100644 jcapiv2/lib/jcapiv2/models/policy_group_template_member.rb create mode 100644 jcapiv2/lib/jcapiv2/models/policy_group_template_members.rb create mode 100644 jcapiv2/lib/jcapiv2/models/policy_group_templates.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/provider_contact.rb create mode 100644 jcapiv2/lib/jcapiv2/models/provider_invoice.rb create mode 100644 jcapiv2/lib/jcapiv2/models/provider_invoice_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/push_endpoint_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/push_endpoint_response_device.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pushendpoints_push_endpoint_id_body.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_all_users.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_cloud_backup_restores.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_item_history.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_items_count_by_type.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_items_metadata.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_overview_app_versions.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_overview_app_versions_results.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_overview_main.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_overview_main_devices.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_user.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_user_by_id.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_user_item.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_user_items.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_user_shared_folders.rb create mode 100644 jcapiv2/lib/jcapiv2/models/pwm_user_shared_folders_results.rb create mode 100644 jcapiv2/lib/jcapiv2/models/query.rb create mode 100644 jcapiv2/lib/jcapiv2/models/queued_command_list.rb create mode 100644 jcapiv2/lib/jcapiv2/models/queued_command_list_results.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/salesforce_knowledge_list_output.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/salesforceknowledgelistoutput_inner.rb create mode 100644 jcapiv2/lib/jcapiv2/models/samba_domain.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/samba_domain_input.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/samba_domain_output.rb create mode 100644 jcapiv2/lib/jcapiv2/models/schedule_os_update.rb create mode 100644 jcapiv2/lib/jcapiv2/models/scheduled_userstate_result.rb create mode 100644 jcapiv2/lib/jcapiv2/models/setup_assistant_option.rb create mode 100644 jcapiv2/lib/jcapiv2/models/shared_folder.rb create mode 100644 jcapiv2/lib/jcapiv2/models/shared_folder_access_levels.rb create mode 100644 jcapiv2/lib/jcapiv2/models/shared_folder_access_levels_results.rb create mode 100644 jcapiv2/lib/jcapiv2/models/shared_folder_details.rb create mode 100644 jcapiv2/lib/jcapiv2/models/shared_folder_groups.rb create mode 100644 jcapiv2/lib/jcapiv2/models/shared_folder_users.rb create mode 100644 jcapiv2/lib/jcapiv2/models/shared_folder_users_results.rb create mode 100644 jcapiv2/lib/jcapiv2/models/shared_folders_list.rb create mode 100644 jcapiv2/lib/jcapiv2/models/software_app.rb create mode 100644 jcapiv2/lib/jcapiv2/models/software_app_apple_vpp.rb create mode 100644 jcapiv2/lib/jcapiv2/models/software_app_create.rb create mode 100644 jcapiv2/lib/jcapiv2/models/software_app_google_android.rb create mode 100644 jcapiv2/lib/jcapiv2/models/software_app_permission_grants.rb create mode 100644 jcapiv2/lib/jcapiv2/models/software_app_reclaim_licenses.rb create mode 100644 jcapiv2/lib/jcapiv2/models/software_app_settings.rb create mode 100644 jcapiv2/lib/jcapiv2/models/software_app_status.rb create mode 100644 jcapiv2/lib/jcapiv2/models/software_app_with_status.rb create mode 100644 jcapiv2/lib/jcapiv2/models/software_apps_retry_installation_request.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/sshkeylist.rb create mode 100644 jcapiv2/lib/jcapiv2/models/subscription.rb create mode 100644 jcapiv2/lib/jcapiv2/models/suggestion_counts.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option_value.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option_value_line.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_options_resp.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_company.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_company_resp.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_integration.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_integration_patch_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_integration_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_mapping_request.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields_line_item_id.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields_line_item_name.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_mapping_request_data.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_mapping_response.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_settings.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_settings_patch_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_list.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_option.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_options.rb create mode 100644 jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_request.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/system_graph_management_req.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/system_graph_management_req_attributes.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/system_graph_management_req_attributes_sudo.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/system_group_data.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/system_group_graph_management_req.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/system_group_members_req.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_group_post.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_group_put.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_alf.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_alf_exceptions.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_alf_explicit_auths.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_appcompat_shims.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_authorized_keys.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_azure_instance_metadata.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_azure_instance_tags.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_certificates.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_chassis_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_connectivity.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_cups_destinations.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_dns_resolvers.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_interface_details.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_linux_packages.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_logical_drives.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_logical_drvies.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_managed_policies.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_python_packages.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_scheduled_tasks.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_secureboot.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_services.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_shadow.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_shared_folders.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_shared_resources.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_sharing_preferences.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_sip_config.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_startup_items.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_tpm_info.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_user_ssh_keys.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_userassist.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_wifi_networks.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_wifi_status.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_windows_crashes.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_windows_security_center.rb create mode 100644 jcapiv2/lib/jcapiv2/models/system_insights_windows_security_products.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/systemuser.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/systemuserputpost.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/systemuserputpost_addresses.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/systemuserputpost_phone_numbers.rb create mode 100644 jcapiv2/lib/jcapiv2/models/ticketing_integration_alert.rb create mode 100644 jcapiv2/lib/jcapiv2/models/ticketing_integration_alerts_resp.rb create mode 100644 jcapiv2/lib/jcapiv2/models/user.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/user_graph_management_req.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/user_group_attributes.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/user_group_attributes_posix_groups.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/user_group_graph_management_req.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/user_group_members_req.rb delete mode 100644 jcapiv2/lib/jcapiv2/models/workday_request.rb create mode 100644 jcapiv2/spec/api/administrators_api_spec.rb create mode 100644 jcapiv2/spec/api/authentication_policies_api_spec.rb create mode 100644 jcapiv2/spec/api/command_results_api_spec.rb create mode 100644 jcapiv2/spec/api/custom_emails_api_spec.rb delete mode 100644 jcapiv2/spec/api/default_api_spec.rb create mode 100644 jcapiv2/spec/api/feature_trials_api_spec.rb create mode 100644 jcapiv2/spec/api/g_suite_import_api_spec.rb create mode 100644 jcapiv2/spec/api/google_emm_api_spec.rb create mode 100644 jcapiv2/spec/api/image_api_spec.rb create mode 100644 jcapiv2/spec/api/ip_lists_api_spec.rb delete mode 100644 jcapiv2/spec/api/knowledge_api_spec.rb create mode 100644 jcapiv2/spec/api/logos_api_spec.rb create mode 100644 jcapiv2/spec/api/managed_service_provider_api_spec.rb create mode 100644 jcapiv2/spec/api/office365_import_api_spec.rb create mode 100644 jcapiv2/spec/api/password_manager_api_spec.rb create mode 100644 jcapiv2/spec/api/policy_group_associations_api_spec.rb create mode 100644 jcapiv2/spec/api/policy_group_members_membership_api_spec.rb create mode 100644 jcapiv2/spec/api/policy_group_templates_api_spec.rb create mode 100644 jcapiv2/spec/api/policy_groups_api_spec.rb create mode 100644 jcapiv2/spec/api/scim_import_api_spec.rb create mode 100644 jcapiv2/spec/api/software_apps_api_spec.rb create mode 100644 jcapiv2/spec/api/subscriptions_api_spec.rb create mode 100644 jcapiv2/spec/api/systems_organization_settings_api_spec.rb create mode 100644 jcapiv2/spec/base_object_spec.rb delete mode 100644 jcapiv2/spec/models/active_directory_agent_get_output_spec.rb create mode 100644 jcapiv2/spec/models/active_directory_agent_get_spec.rb delete mode 100644 jcapiv2/spec/models/active_directory_agent_input_spec.rb delete mode 100644 jcapiv2/spec/models/active_directory_agent_list_output_spec.rb create mode 100644 jcapiv2/spec/models/active_directory_agent_list_spec.rb create mode 100644 jcapiv2/spec/models/active_directory_agent_spec.rb delete mode 100644 jcapiv2/spec/models/active_directory_input_spec.rb delete mode 100644 jcapiv2/spec/models/active_directory_output_spec.rb create mode 100644 jcapiv2/spec/models/active_directory_spec.rb create mode 100644 jcapiv2/spec/models/address_spec.rb create mode 100644 jcapiv2/spec/models/ade_spec.rb create mode 100644 jcapiv2/spec/models/ades_spec.rb create mode 100644 jcapiv2/spec/models/administrator_organization_link_req_spec.rb create mode 100644 jcapiv2/spec/models/administrator_organization_link_spec.rb create mode 100644 jcapiv2/spec/models/all_of_autotask_ticketing_alert_configuration_list_records_items_spec.rb create mode 100644 jcapiv2/spec/models/all_of_connect_wise_ticketing_alert_configuration_list_records_items_spec.rb create mode 100644 jcapiv2/spec/models/all_of_pwm_all_users_results_items_spec.rb create mode 100644 jcapiv2/spec/models/all_of_pwm_items_metadata_results_items_spec.rb create mode 100644 jcapiv2/spec/models/all_of_syncro_ticketing_alert_configuration_list_records_items_spec.rb create mode 100644 jcapiv2/spec/models/any_value_spec.rb create mode 100644 jcapiv2/spec/models/apple_mdm_device_info_spec.rb create mode 100644 jcapiv2/spec/models/apple_mdm_device_security_info_spec.rb create mode 100644 jcapiv2/spec/models/apple_mdm_device_spec.rb delete mode 100644 jcapiv2/spec/models/apple_mdm_patch_input_spec.rb create mode 100644 jcapiv2/spec/models/apple_mdm_patch_spec.rb create mode 100644 jcapiv2/spec/models/apple_mdm_public_key_cert_spec.rb create mode 100644 jcapiv2/spec/models/apple_mdm_signed_csr_plist_spec.rb create mode 100644 jcapiv2/spec/models/application_id_logo_body_spec.rb create mode 100644 jcapiv2/spec/models/apps_inner_spec.rb create mode 100644 jcapiv2/spec/models/apps_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_effect_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_obligations_external_identity_provider_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_obligations_mfa_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_obligations_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_obligations_user_verification_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_resource_target_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_targets_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_type_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_user_attribute_filter_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_user_attribute_target_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_user_group_target_spec.rb create mode 100644 jcapiv2/spec/models/authn_policy_user_target_spec.rb create mode 100644 jcapiv2/spec/models/autotask_company_resp_spec.rb create mode 100644 jcapiv2/spec/models/autotask_company_spec.rb create mode 100644 jcapiv2/spec/models/autotask_company_type_resp_spec.rb create mode 100644 jcapiv2/spec/models/autotask_contract_field_spec.rb create mode 100644 jcapiv2/spec/models/autotask_contract_field_values_spec.rb create mode 100644 jcapiv2/spec/models/autotask_contract_spec.rb create mode 100644 jcapiv2/spec/models/autotask_integration_patch_req_spec.rb create mode 100644 jcapiv2/spec/models/autotask_integration_req_spec.rb create mode 100644 jcapiv2/spec/models/autotask_integration_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_request_company_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_request_contract_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_request_data_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_request_organization_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_request_service_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_request_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_response_company_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_response_contract_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_response_organization_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_response_service_spec.rb create mode 100644 jcapiv2/spec/models/autotask_mapping_response_spec.rb create mode 100644 jcapiv2/spec/models/autotask_service_spec.rb create mode 100644 jcapiv2/spec/models/autotask_settings_patch_req_spec.rb create mode 100644 jcapiv2/spec/models/autotask_settings_spec.rb create mode 100644 jcapiv2/spec/models/autotask_ticketing_alert_configuration_list_spec.rb create mode 100644 jcapiv2/spec/models/autotask_ticketing_alert_configuration_option_spec.rb create mode 100644 jcapiv2/spec/models/autotask_ticketing_alert_configuration_option_values_spec.rb create mode 100644 jcapiv2/spec/models/autotask_ticketing_alert_configuration_options_spec.rb create mode 100644 jcapiv2/spec/models/autotask_ticketing_alert_configuration_priority_spec.rb create mode 100644 jcapiv2/spec/models/autotask_ticketing_alert_configuration_request_spec.rb create mode 100644 jcapiv2/spec/models/autotask_ticketing_alert_configuration_resource_spec.rb create mode 100644 jcapiv2/spec/models/autotask_ticketing_alert_configuration_spec.rb create mode 100644 jcapiv2/spec/models/billing_integration_company_type_spec.rb delete mode 100644 jcapiv2/spec/models/body_1_spec.rb delete mode 100644 jcapiv2/spec/models/body_2_spec.rb delete mode 100644 jcapiv2/spec/models/body_3_spec.rb delete mode 100644 jcapiv2/spec/models/body_spec.rb create mode 100644 jcapiv2/spec/models/bulk_scheduled_statechange_create_spec.rb create mode 100644 jcapiv2/spec/models/bulk_user_expire_spec.rb create mode 100644 jcapiv2/spec/models/bulk_user_unlock_spec.rb create mode 100644 jcapiv2/spec/models/cases_response_spec.rb create mode 100644 jcapiv2/spec/models/command_result_list_results_spec.rb create mode 100644 jcapiv2/spec/models/command_result_list_spec.rb create mode 100644 jcapiv2/spec/models/commands_graph_object_with_paths_spec.rb create mode 100644 jcapiv2/spec/models/configured_policy_template_spec.rb create mode 100644 jcapiv2/spec/models/configured_policy_template_value_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_mapping_request_company_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_mapping_request_data_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_mapping_request_organization_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_mapping_request_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_mapping_response_addition_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_mapping_response_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_settings_patch_req_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_settings_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_list_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_option_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_options_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_request_spec.rb create mode 100644 jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_spec.rb create mode 100644 jcapiv2/spec/models/connectwise_addition_spec.rb create mode 100644 jcapiv2/spec/models/connectwise_agreement_spec.rb create mode 100644 jcapiv2/spec/models/connectwise_company_resp_spec.rb create mode 100644 jcapiv2/spec/models/connectwise_company_spec.rb create mode 100644 jcapiv2/spec/models/connectwise_company_type_resp_spec.rb create mode 100644 jcapiv2/spec/models/connectwise_integration_patch_req_spec.rb create mode 100644 jcapiv2/spec/models/connectwise_integration_req_spec.rb create mode 100644 jcapiv2/spec/models/connectwise_integration_spec.rb create mode 100644 jcapiv2/spec/models/create_organization_spec.rb create mode 100644 jcapiv2/spec/models/custom_email_spec.rb create mode 100644 jcapiv2/spec/models/custom_email_template_field_spec.rb create mode 100644 jcapiv2/spec/models/custom_email_template_spec.rb create mode 100644 jcapiv2/spec/models/custom_email_type_spec.rb create mode 100644 jcapiv2/spec/models/default_domain_spec.rb create mode 100644 jcapiv2/spec/models/dep_setup_assistant_option_spec.rb create mode 100644 jcapiv2/spec/models/dep_spec.rb create mode 100644 jcapiv2/spec/models/dep_welcome_screen_spec.rb create mode 100644 jcapiv2/spec/models/device_id_erase_body_spec.rb create mode 100644 jcapiv2/spec/models/device_id_lock_body_spec.rb create mode 100644 jcapiv2/spec/models/device_id_resetpassword_body_spec.rb create mode 100644 jcapiv2/spec/models/device_id_restart_body_spec.rb create mode 100644 jcapiv2/spec/models/device_package_v1_device_spec.rb create mode 100644 jcapiv2/spec/models/device_package_v1_list_devices_response_spec.rb create mode 100644 jcapiv2/spec/models/devices_get_sign_in_with_jump_cloud_settings_response_spec.rb create mode 100644 jcapiv2/spec/models/devices_set_sign_in_with_jump_cloud_settings_request_spec.rb create mode 100644 jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_os_family_spec.rb create mode 100644 jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_permission_spec.rb create mode 100644 jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_spec.rb create mode 100644 jcapiv2/spec/models/directory_default_domain_spec.rb delete mode 100644 jcapiv2/spec/models/duo_registration_application_req_spec.rb delete mode 100644 jcapiv2/spec/models/duo_registration_application_spec.rb delete mode 100644 jcapiv2/spec/models/emailrequest_spec.rb delete mode 100644 jcapiv2/spec/models/enrollment_profile_spec.rb create mode 100644 jcapiv2/spec/models/enterprises_enterprise_id_body_spec.rb create mode 100644 jcapiv2/spec/models/error_details_spec.rb delete mode 100644 jcapiv2/spec/models/errorresponse_spec.rb create mode 100644 jcapiv2/spec/models/feature_spec.rb create mode 100644 jcapiv2/spec/models/feature_trial_data_spec.rb create mode 100644 jcapiv2/spec/models/filter_query_spec.rb create mode 100644 jcapiv2/spec/models/filter_spec.rb create mode 100644 jcapiv2/spec/models/g_suite_direction_translation_spec.rb create mode 100644 jcapiv2/spec/models/google_protobuf_any_spec.rb create mode 100644 jcapiv2/spec/models/google_rpc_status_spec.rb create mode 100644 jcapiv2/spec/models/graph_attribute_ldap_groups_spec.rb create mode 100644 jcapiv2/spec/models/graph_attribute_posix_groups_posix_groups_spec.rb create mode 100644 jcapiv2/spec/models/graph_attribute_posix_groups_spec.rb create mode 100644 jcapiv2/spec/models/graph_attribute_radius_radius_reply_spec.rb create mode 100644 jcapiv2/spec/models/graph_attribute_radius_radius_spec.rb create mode 100644 jcapiv2/spec/models/graph_attribute_radius_spec.rb create mode 100644 jcapiv2/spec/models/graph_attribute_samba_enabled_spec.rb create mode 100644 jcapiv2/spec/models/graph_attribute_sudo_spec.rb create mode 100644 jcapiv2/spec/models/graph_attribute_sudo_sudo_spec.rb create mode 100644 jcapiv2/spec/models/graph_attributes_spec.rb delete mode 100644 jcapiv2/spec/models/graph_management_req_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_active_directory_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_application_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_command_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_g_suite_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_ldap_server_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_office365_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_policy_group_member_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_policy_group_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_policy_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_radius_server_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_software_app_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_system_group_member_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_system_group_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_system_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_user_group_member_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_user_group_spec.rb create mode 100644 jcapiv2/spec/models/graph_operation_user_spec.rb create mode 100644 jcapiv2/spec/models/group_attributes_user_group_spec.rb create mode 100644 jcapiv2/spec/models/group_id_suggestions_body_1_spec.rb create mode 100644 jcapiv2/spec/models/group_id_suggestions_body_spec.rb create mode 100644 jcapiv2/spec/models/group_membership_method_type_spec.rb create mode 100644 jcapiv2/spec/models/group_pwm_spec.rb create mode 100644 jcapiv2/spec/models/groups_inner_spec.rb create mode 100644 jcapiv2/spec/models/groups_spec.rb delete mode 100644 jcapiv2/spec/models/gsuite_output_spec.rb delete mode 100644 jcapiv2/spec/models/gsuite_patch_input_spec.rb create mode 100644 jcapiv2/spec/models/gsuite_spec.rb create mode 100644 jcapiv2/spec/models/import_operation_spec.rb create mode 100644 jcapiv2/spec/models/import_user_address_spec.rb create mode 100644 jcapiv2/spec/models/import_user_phone_number_spec.rb create mode 100644 jcapiv2/spec/models/import_user_spec.rb create mode 100644 jcapiv2/spec/models/import_users_request_spec.rb create mode 100644 jcapiv2/spec/models/import_users_response_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_10_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_11_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_12_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_12_users_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_13_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_14_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_15_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_2_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_2_users_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_3_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_4_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_5_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_6_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_7_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_8_spec.rb create mode 100644 jcapiv2/spec/models/inline_response_200_9_spec.rb create mode 100644 jcapiv2/spec/models/install_action_type_spec.rb create mode 100644 jcapiv2/spec/models/integration_spec.rb create mode 100644 jcapiv2/spec/models/integration_sync_error_resp_spec.rb create mode 100644 jcapiv2/spec/models/integration_sync_error_spec.rb create mode 100644 jcapiv2/spec/models/integration_type_spec.rb create mode 100644 jcapiv2/spec/models/integrations_response_spec.rb create mode 100644 jcapiv2/spec/models/ip_list_request_spec.rb create mode 100644 jcapiv2/spec/models/ip_list_spec.rb delete mode 100644 jcapiv2/spec/models/jc_enrollment_profile_spec.rb delete mode 100644 jcapiv2/spec/models/job_details_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_gapps_domain_list_response_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_gapps_domain_response_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_gapps_domain_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_allow_personal_usage_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_command_response_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_common_criteria_mode_info_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_connection_status_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_create_enrollment_token_request_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_create_enrollment_token_response_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_create_enterprise_request_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_create_web_token_request_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_device_android_policy_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_device_data_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_device_information_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_device_settings_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_device_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_device_state_info_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_emm_enrollment_info_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_enterprise_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_feature_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_hardware_info_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_list_devices_response_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_list_enterprises_response_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_memory_info_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_network_info_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_security_posture_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_signup_url_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_software_info_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_system_update_info_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_telephony_info_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_google_emm_web_token_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_msp_get_details_response_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_msp_product_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_package_validator_apple_package_details_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_package_validator_validate_application_install_package_request_spec.rb create mode 100644 jcapiv2/spec/models/jumpcloud_package_validator_validate_application_install_package_response_spec.rb create mode 100644 jcapiv2/spec/models/ldap_group_spec.rb delete mode 100644 jcapiv2/spec/models/ldap_server_input_spec.rb delete mode 100644 jcapiv2/spec/models/ldap_server_output_spec.rb create mode 100644 jcapiv2/spec/models/ldap_server_spec.rb create mode 100644 jcapiv2/spec/models/ldapservers_id_body_spec.rb create mode 100644 jcapiv2/spec/models/member_suggestion_spec.rb create mode 100644 jcapiv2/spec/models/member_suggestions_post_result_spec.rb delete mode 100644 jcapiv2/spec/models/mfa_spec.rb create mode 100644 jcapiv2/spec/models/model_case_spec.rb create mode 100644 jcapiv2/spec/models/o365_domain_response_spec.rb create mode 100644 jcapiv2/spec/models/o365_domain_spec.rb create mode 100644 jcapiv2/spec/models/o365_domains_list_response_spec.rb delete mode 100644 jcapiv2/spec/models/oauth_code_input_spec.rb create mode 100644 jcapiv2/spec/models/object_storage_item_spec.rb create mode 100644 jcapiv2/spec/models/object_storage_version_spec.rb create mode 100644 jcapiv2/spec/models/office365_direction_translation_spec.rb create mode 100644 jcapiv2/spec/models/office365_id_domains_body_spec.rb create mode 100644 jcapiv2/spec/models/office365_spec.rb delete mode 100644 jcapiv2/spec/models/org_crypto_settings_spec.rb create mode 100644 jcapiv2/spec/models/organization_spec.rb delete mode 100644 jcapiv2/spec/models/orgcryptosettings_ssh_keys_spec.rb create mode 100644 jcapiv2/spec/models/os_restriction_apple_restrictions_spec.rb create mode 100644 jcapiv2/spec/models/os_restriction_spec.rb create mode 100644 jcapiv2/spec/models/passwords_security_spec.rb create mode 100644 jcapiv2/spec/models/phone_number_spec.rb create mode 100644 jcapiv2/spec/models/policy_group_data_spec.rb create mode 100644 jcapiv2/spec/models/policy_group_spec.rb create mode 100644 jcapiv2/spec/models/policy_group_template_member_spec.rb create mode 100644 jcapiv2/spec/models/policy_group_template_members_spec.rb create mode 100644 jcapiv2/spec/models/policy_group_template_spec.rb create mode 100644 jcapiv2/spec/models/policy_group_templates_spec.rb delete mode 100644 jcapiv2/spec/models/provider_contact_spec.rb create mode 100644 jcapiv2/spec/models/provider_invoice_response_spec.rb create mode 100644 jcapiv2/spec/models/provider_invoice_spec.rb create mode 100644 jcapiv2/spec/models/push_endpoint_response_device_spec.rb create mode 100644 jcapiv2/spec/models/push_endpoint_response_spec.rb create mode 100644 jcapiv2/spec/models/pushendpoints_push_endpoint_id_body_spec.rb create mode 100644 jcapiv2/spec/models/pwm_all_users_spec.rb create mode 100644 jcapiv2/spec/models/pwm_cloud_backup_restores_spec.rb create mode 100644 jcapiv2/spec/models/pwm_item_history_spec.rb create mode 100644 jcapiv2/spec/models/pwm_items_count_by_type_spec.rb create mode 100644 jcapiv2/spec/models/pwm_items_metadata_spec.rb create mode 100644 jcapiv2/spec/models/pwm_overview_app_versions_results_spec.rb create mode 100644 jcapiv2/spec/models/pwm_overview_app_versions_spec.rb create mode 100644 jcapiv2/spec/models/pwm_overview_main_devices_spec.rb create mode 100644 jcapiv2/spec/models/pwm_overview_main_spec.rb create mode 100644 jcapiv2/spec/models/pwm_user_by_id_spec.rb create mode 100644 jcapiv2/spec/models/pwm_user_item_spec.rb create mode 100644 jcapiv2/spec/models/pwm_user_items_spec.rb create mode 100644 jcapiv2/spec/models/pwm_user_shared_folders_results_spec.rb create mode 100644 jcapiv2/spec/models/pwm_user_shared_folders_spec.rb create mode 100644 jcapiv2/spec/models/pwm_user_spec.rb create mode 100644 jcapiv2/spec/models/query_spec.rb create mode 100644 jcapiv2/spec/models/queued_command_list_results_spec.rb create mode 100644 jcapiv2/spec/models/queued_command_list_spec.rb delete mode 100644 jcapiv2/spec/models/salesforce_knowledge_list_output_spec.rb delete mode 100644 jcapiv2/spec/models/salesforceknowledgelistoutput_inner_spec.rb delete mode 100644 jcapiv2/spec/models/samba_domain_input_spec.rb delete mode 100644 jcapiv2/spec/models/samba_domain_output_spec.rb create mode 100644 jcapiv2/spec/models/samba_domain_spec.rb create mode 100644 jcapiv2/spec/models/schedule_os_update_spec.rb create mode 100644 jcapiv2/spec/models/scheduled_userstate_result_spec.rb create mode 100644 jcapiv2/spec/models/setup_assistant_option_spec.rb create mode 100644 jcapiv2/spec/models/shared_folder_access_levels_results_spec.rb create mode 100644 jcapiv2/spec/models/shared_folder_access_levels_spec.rb create mode 100644 jcapiv2/spec/models/shared_folder_details_spec.rb create mode 100644 jcapiv2/spec/models/shared_folder_groups_spec.rb create mode 100644 jcapiv2/spec/models/shared_folder_spec.rb create mode 100644 jcapiv2/spec/models/shared_folder_users_results_spec.rb create mode 100644 jcapiv2/spec/models/shared_folder_users_spec.rb create mode 100644 jcapiv2/spec/models/shared_folders_list_spec.rb create mode 100644 jcapiv2/spec/models/software_app_apple_vpp_spec.rb create mode 100644 jcapiv2/spec/models/software_app_create_spec.rb create mode 100644 jcapiv2/spec/models/software_app_google_android_spec.rb create mode 100644 jcapiv2/spec/models/software_app_permission_grants_spec.rb create mode 100644 jcapiv2/spec/models/software_app_reclaim_licenses_spec.rb create mode 100644 jcapiv2/spec/models/software_app_settings_spec.rb create mode 100644 jcapiv2/spec/models/software_app_spec.rb create mode 100644 jcapiv2/spec/models/software_app_status_spec.rb create mode 100644 jcapiv2/spec/models/software_app_with_status_spec.rb create mode 100644 jcapiv2/spec/models/software_apps_retry_installation_request_spec.rb delete mode 100644 jcapiv2/spec/models/sshkeylist_spec.rb create mode 100644 jcapiv2/spec/models/subscription_spec.rb create mode 100644 jcapiv2/spec/models/suggestion_counts_spec.rb create mode 100644 jcapiv2/spec/models/syncro_billing_mapping_configuration_option_spec.rb create mode 100644 jcapiv2/spec/models/syncro_billing_mapping_configuration_option_value_line_spec.rb create mode 100644 jcapiv2/spec/models/syncro_billing_mapping_configuration_option_value_spec.rb create mode 100644 jcapiv2/spec/models/syncro_billing_mapping_configuration_options_resp_spec.rb create mode 100644 jcapiv2/spec/models/syncro_company_resp_spec.rb create mode 100644 jcapiv2/spec/models/syncro_company_spec.rb create mode 100644 jcapiv2/spec/models/syncro_integration_patch_req_spec.rb create mode 100644 jcapiv2/spec/models/syncro_integration_req_spec.rb create mode 100644 jcapiv2/spec/models/syncro_integration_spec.rb create mode 100644 jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_line_item_id_spec.rb create mode 100644 jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_line_item_name_spec.rb create mode 100644 jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_spec.rb create mode 100644 jcapiv2/spec/models/syncro_mapping_request_billing_configurations_spec.rb create mode 100644 jcapiv2/spec/models/syncro_mapping_request_data_spec.rb create mode 100644 jcapiv2/spec/models/syncro_mapping_request_spec.rb create mode 100644 jcapiv2/spec/models/syncro_mapping_response_spec.rb create mode 100644 jcapiv2/spec/models/syncro_settings_patch_req_spec.rb create mode 100644 jcapiv2/spec/models/syncro_settings_spec.rb create mode 100644 jcapiv2/spec/models/syncro_ticketing_alert_configuration_list_spec.rb create mode 100644 jcapiv2/spec/models/syncro_ticketing_alert_configuration_option_spec.rb create mode 100644 jcapiv2/spec/models/syncro_ticketing_alert_configuration_options_spec.rb create mode 100644 jcapiv2/spec/models/syncro_ticketing_alert_configuration_request_spec.rb create mode 100644 jcapiv2/spec/models/syncro_ticketing_alert_configuration_spec.rb delete mode 100644 jcapiv2/spec/models/system_graph_management_req_attributes_spec.rb delete mode 100644 jcapiv2/spec/models/system_graph_management_req_attributes_sudo_spec.rb delete mode 100644 jcapiv2/spec/models/system_graph_management_req_spec.rb delete mode 100644 jcapiv2/spec/models/system_group_data_spec.rb delete mode 100644 jcapiv2/spec/models/system_group_graph_management_req_spec.rb delete mode 100644 jcapiv2/spec/models/system_group_members_req_spec.rb create mode 100644 jcapiv2/spec/models/system_group_post_spec.rb create mode 100644 jcapiv2/spec/models/system_group_put_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_alf_exceptions_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_alf_explicit_auths_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_alf_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_appcompat_shims_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_authorized_keys_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_azure_instance_metadata_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_azure_instance_tags_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_certificates_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_chassis_info_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_connectivity_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_cups_destinations_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_dns_resolvers_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_interface_details_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_linux_packages_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_logical_drives_spec.rb delete mode 100644 jcapiv2/spec/models/system_insights_logical_drvies_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_managed_policies_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_python_packages_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_scheduled_tasks_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_secureboot_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_services_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_shadow_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_shared_folders_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_shared_resources_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_sharing_preferences_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_sip_config_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_startup_items_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_tpm_info_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_user_ssh_keys_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_userassist_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_wifi_networks_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_wifi_status_spec.rb delete mode 100644 jcapiv2/spec/models/system_insights_windows_crashes_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_windows_security_center_spec.rb create mode 100644 jcapiv2/spec/models/system_insights_windows_security_products_spec.rb delete mode 100644 jcapiv2/spec/models/systemuser_spec.rb delete mode 100644 jcapiv2/spec/models/systemuserputpost_addresses_spec.rb delete mode 100644 jcapiv2/spec/models/systemuserputpost_phone_numbers_spec.rb delete mode 100644 jcapiv2/spec/models/systemuserputpost_spec.rb create mode 100644 jcapiv2/spec/models/ticketing_integration_alert_spec.rb create mode 100644 jcapiv2/spec/models/ticketing_integration_alerts_resp_spec.rb delete mode 100644 jcapiv2/spec/models/user_graph_management_req_spec.rb delete mode 100644 jcapiv2/spec/models/user_group_attributes_posix_groups_spec.rb delete mode 100644 jcapiv2/spec/models/user_group_attributes_spec.rb delete mode 100644 jcapiv2/spec/models/user_group_graph_management_req_spec.rb delete mode 100644 jcapiv2/spec/models/user_group_members_req_spec.rb create mode 100644 jcapiv2/spec/models/user_spec.rb delete mode 100644 jcapiv2/spec/models/workday_request_spec.rb diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..35ca6a9c28814ef606d2d77d1a588fca715059d6 GIT binary patch literal 8196 zcmeHMYitx%6h3EK=*&Q2iaa`t(4`xMz#_Zl)$)+-1LRR`?Snojtg|~K9hlCPo!MQa zY0?-Ui9q}%KKZGM(eT5B2qs43FHL+zLl89akNz;qFB9dDq@Fu>7U@F$p$Wd`CUeid z_nfnL&YADbnR6EauqCf20crt2q>E8y7Ik-MjL)vynh>loCXzmYmnpiV8OzDsCL1n< z9tb@UdLZ;b=z-7!{|paM&Sp)VChv1@*oPhnJ@CKu0DC_~>0&e$&i63R+L{kBs;FPNaa&^F9XACM7^miw{ zs4otf;xz0-4}>1L-2*IaW`GGcj6!}&{eCesYMHK=NL)stqH@N}DzQqOB_8Y^c8cAe z=H=ZMEq8#;dK|~fl*U?SziAZH%KTQx_B7Kra=wD88zeH+XWF_`Y;p3o?)tjjoFPi0 zlvdQSv4-TPhIq6wxnVpW9cyYx#G~uiZ5$t$#09anTe{Lmtr6Qf$*sWPO#szpR-Kw^ zlI0d!`H@7$!jef>N+wD2EOmdMJkW1u9lP5+VWgG0F4?r3rky#XK(_Q{9VHM$IvGYdu=Nt5b4_Ddb3p6S@`ek11+ zjinO&#-($!7c8m2Z*^kB=Iw2}+B+{*&zY;#%#-Coa*pkpkD5lVw`l6#@POuK4O=(u z!+izQH8YmcV{0Qu4Gv4vrG<-XtJR2lZ;4f|A}TSlKc6v=&ehh7P7w_?}_?i9HD!1bSV8R8gp)W~9a$#k*QONcj)iww3(6_<|6 z^&%l&nZc*a@G(L48~7H!hwB7S5$9knE+vREfG)@TaV;jX z0oUU;d;n9}Oki!teb|AW*o6lOtcNg-8Xm!;XrYZoJWhZe!*PP^)A$UY#M5{NpT`&R zr2x2Z;F}zDH=($v1VT>n-KkJ4bmwf#u@BQK18)@^fh=g0sZ1!qx?9eg-zfq0uH~x8 z*jRE?Q!*Y+CK{XmAX%|wL~Yt+b()xEcIl>-4bIS`Oqba{IeFtt8a+gBk+T4ccTW1v z=ay@`St~;sneob4W$uIuUmt2&{l8=S^M5WC_Mrzt5Bw)RfR%0CZR{(c^o3AvC9Acg zbUi{BYfNr}Q(uKTzZ@s(m*Yfl{$WVtD2XziR6r*= 1.9 syntax for hashes. Prefer { a: :b } over { :a => :b }. +Style/HashSyntax: + Enabled: false + +# Method definitions after `private` or `protected` isolated calls need one +# extra level of indentation. +Layout/IndentationConsistency: + Enabled: true + EnforcedStyle: rails + +# Two spaces, no tabs (for indentation). +Layout/IndentationWidth: + Enabled: true + +Layout/LeadingCommentSpace: + Enabled: true + +Layout/SpaceAfterColon: + Enabled: true + +Layout/SpaceAfterComma: + Enabled: true + +Layout/SpaceAroundEqualsInParameterDefault: + Enabled: true + +Layout/SpaceAroundKeyword: + Enabled: true + +Layout/SpaceAroundOperators: + Enabled: true + +Layout/SpaceBeforeComma: + Enabled: true + +Layout/SpaceBeforeFirstArg: + Enabled: true + +Style/DefWithParentheses: + Enabled: true + +# Defining a method with parameters needs parentheses. +Style/MethodDefParentheses: + Enabled: true + +Style/FrozenStringLiteralComment: + Enabled: false + EnforcedStyle: always + +# Use `foo {}` not `foo{}`. +Layout/SpaceBeforeBlockBraces: + Enabled: true + +# Use `foo { bar }` not `foo {bar}`. +Layout/SpaceInsideBlockBraces: + Enabled: true + +# Use `{ a: 1 }` not `{a:1}`. +Layout/SpaceInsideHashLiteralBraces: + Enabled: true + +Layout/SpaceInsideParens: + Enabled: true + +# Check quotes usage according to lint rule below. +#Style/StringLiterals: +# Enabled: true +# EnforcedStyle: single_quotes + +# Detect hard tabs, no hard tabs. +Layout/Tab: + Enabled: true + +# Blank lines should not have any spaces. +Layout/TrailingBlankLines: + Enabled: true + +# No trailing whitespace. +Layout/TrailingWhitespace: + Enabled: false + +# Use quotes for string literals when they are enough. +Style/UnneededPercentQ: + Enabled: true + +# Align `end` with the matching keyword or starting expression except for +# assignments, where it should be aligned with the LHS. +Lint/EndAlignment: + Enabled: true + EnforcedStyleAlignWith: variable + AutoCorrect: true + +# Use my_method(my_arg) not my_method( my_arg ) or my_method my_arg. +Lint/RequireParentheses: + Enabled: true + +Style/RedundantReturn: + Enabled: true + AllowMultipleReturnValues: true + +Style/Semicolon: + Enabled: true + AllowAsExpressionSeparator: true diff --git a/jcapiv1/.swagger-codegen/VERSION b/jcapiv1/.swagger-codegen/VERSION index a625450..0cc68a7 100644 --- a/jcapiv1/.swagger-codegen/VERSION +++ b/jcapiv1/.swagger-codegen/VERSION @@ -1 +1 @@ -2.3.1 \ No newline at end of file +3.0.47 \ No newline at end of file diff --git a/jcapiv1/Gemfile b/jcapiv1/Gemfile index d255a3a..c2e3127 100644 --- a/jcapiv1/Gemfile +++ b/jcapiv1/Gemfile @@ -3,5 +3,7 @@ source 'https://rubygems.org' gemspec group :development, :test do - gem 'rake', '~> 12.0.0' + gem 'rake', '~> 13.0.1' + gem 'pry-byebug' + gem 'rubocop', '~> 0.66.0' end diff --git a/jcapiv1/README.md b/jcapiv1/README.md index f11b741..a4ef3b0 100644 --- a/jcapiv1/README.md +++ b/jcapiv1/README.md @@ -1,14 +1,15 @@ # jcapiv1 -JCAPIv1 - the Ruby gem for the JumpCloud APIs +JCAPIv1 - the Ruby gem for the JumpCloud API - JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +# Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) This SDK is automatically generated by the [Swagger Codegen](https://github.com/swagger-api/swagger-codegen) project: - API version: 1.0 - Package version: 3.0.0 -- Build package: io.swagger.codegen.languages.RubyClientCodegen +- Build package: io.swagger.codegen.v3.generators.ruby.RubyClientCodegen +For more information, please visit [https://support.jumpcloud.com/support/s/](https://support.jumpcloud.com/support/s/) ## Installation @@ -53,7 +54,976 @@ Please follow the [installation](#installation) procedure and then run the follo ```ruby # Load the gem require 'jcapiv1' +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ApplicationTemplatesApi.new +id = 'id_example' # String | +opts = { + fields: 'fields_example', # String | The space separated fields included in the returned records. If omitted the default list of fields will be returned. + limit: 56, # Integer | The number of records to return at once. + skip: 56, # Integer | The offset into the records to return. + sort: 'sort_example', # String | The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example' # String | +} + +begin + #Get an Application Template + result = api_instance.application_templates_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ApplicationTemplatesApi->application_templates_get: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ApplicationTemplatesApi.new +opts = { + fields: 'fields_example', # String | The space separated fields included in the returned records. If omitted the default list of fields will be returned. + limit: 56, # Integer | The number of records to return at once. + skip: 56, # Integer | The offset into the records to return. + sort: 'sort_example', # String | The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example' # String | +} + +begin + #List Application Templates + result = api_instance.application_templates_list(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ApplicationTemplatesApi->application_templates_list: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ApplicationsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Delete an Application + result = api_instance.applications_delete(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ApplicationsApi->applications_delete: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ApplicationsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Get an Application + result = api_instance.applications_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ApplicationsApi->applications_get: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ApplicationsApi.new +opts = { + fields: 'fields_example', # String | The space separated fields included in the returned records. If omitted the default list of fields will be returned. + limit: 56, # Integer | The number of records to return at once. + skip: 56, # Integer | The offset into the records to return. + sort: 'name', # String | The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example' # String | +} + +begin + #Applications + result = api_instance.applications_list(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ApplicationsApi->applications_list: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ApplicationsApi.new +opts = { + body: JCAPIv1::Application.new, # Application | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Create an Application + result = api_instance.applications_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ApplicationsApi->applications_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ApplicationsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::Application.new, # Application | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Update an Application + result = api_instance.applications_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ApplicationsApi->applications_put: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandResultsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Delete a Command result + result = api_instance.command_results_delete(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandResultsApi->command_results_delete: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandResultsApi.new +id = 'id_example' # String | +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example' # String | +} + +begin + #List an individual Command result + result = api_instance.command_results_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandResultsApi->command_results_get: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandResultsApi.new +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | + skip: 0, # Integer | The offset into the records to return. + sort: 'sort_example' # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. +} + +begin + #List all Command Results + result = api_instance.command_results_list(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandResultsApi->command_results_list: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandTriggersApi.new +triggername = 'triggername_example' # String | +opts = { + body: nil, # Hash | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Launch a command via a Trigger + result = api_instance.command_trigger_webhook_post(triggername, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandTriggersApi->command_trigger_webhook_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandsApi.new +id = 'id_example' # String | +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | + skip: 0 # Integer | The offset into the records to return. +} + +begin + #Get a Command File + result = api_instance.command_file_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandsApi->command_file_get: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Delete a Command + result = api_instance.commands_delete(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandsApi->commands_delete: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandsApi.new +id = 'id_example' # String | +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + x_org_id: 'x_org_id_example' # String | +} + +begin + #List an individual Command + result = api_instance.commands_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandsApi->commands_get: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandsApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #Get results for a specific command + result = api_instance.commands_get_results(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandsApi->commands_get_results: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandsApi.new +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | + skip: 0, # Integer | The offset into the records to return. + sort: 'sort_example' # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. +} + +begin + #List All Commands + result = api_instance.commands_list(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandsApi->commands_list: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandsApi.new +opts = { + body: JCAPIv1::Command.new, # Command | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Create A Command + result = api_instance.commands_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandsApi->commands_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::Command.new, # Command | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Update a Command + result = api_instance.commands_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandsApi->commands_put: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandsApi.new +opts = { + body: JCAPIv1::RunCommandBody.new # RunCommandBody | +} + +begin + #Run a command + result = api_instance.commands_run(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandsApi->commands_run: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ManagedServiceProviderApi.new +id = 'id_example' # String | + + +begin + #Administrator TOTP Reset Initiation + api_instance.admin_totpreset_begin(id) +rescue JCAPIv1::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->admin_totpreset_begin: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ManagedServiceProviderApi.new +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + search: 'search_example', # String | A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. + skip: 0, # Integer | The offset into the records to return. + sort: 'sort_example', # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + sort_ignore_case: 'sort_ignore_case_example' # String | Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. +} + +begin + #Get Organization Details + result = api_instance.organization_list(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->organization_list: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ManagedServiceProviderApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::Userput.new, # Userput | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Update a user + result = api_instance.users_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->users_put: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ManagedServiceProviderApi.new +id = 'id_example' # String | + + +begin + #Administrator Password Reset Initiation + api_instance.users_reactivate_get(id) +rescue JCAPIv1::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->users_reactivate_get: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::OrganizationsApi.new +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + search: 'search_example', # String | A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. + skip: 0, # Integer | The offset into the records to return. + sort: 'sort_example', # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + sort_ignore_case: 'sort_ignore_case_example' # String | Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. +} + +begin + #Get Organization Details + result = api_instance.organization_list(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling OrganizationsApi->organization_list: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::OrganizationsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::OrganizationsIdBody.new # OrganizationsIdBody | +} + +begin + #Update an Organization + result = api_instance.organization_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling OrganizationsApi->organization_put: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::OrganizationsApi.new +id = 'id_example' # String | +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example' # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. +} + +begin + #Get an Organization + result = api_instance.organizations_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling OrganizationsApi->organizations_get: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::RadiusServersApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Delete Radius Server + result = api_instance.radius_servers_delete(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling RadiusServersApi->radius_servers_delete: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::RadiusServersApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Get Radius Server + result = api_instance.radius_servers_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling RadiusServersApi->radius_servers_get: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::RadiusServersApi.new +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: 'sort_example', # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | +} + +begin + #List Radius Servers + result = api_instance.radius_servers_list(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling RadiusServersApi->radius_servers_list: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::RadiusServersApi.new +opts = { + body: JCAPIv1::Radiusserverpost.new, # Radiusserverpost | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Create a Radius Server + result = api_instance.radius_servers_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling RadiusServersApi->radius_servers_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::RadiusServersApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::RadiusserversIdBody.new, # RadiusserversIdBody | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Update Radius Servers + result = api_instance.radius_servers_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling RadiusServersApi->radius_servers_put: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SearchApi.new +opts = { + body: JCAPIv1::Search.new, # Search | + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | +} + +begin + #Search Commands Results + result = api_instance.search_commandresults_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SearchApi->search_commandresults_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SearchApi.new +opts = { + body: JCAPIv1::Search.new, # Search | + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | +} + +begin + #Search Commands + result = api_instance.search_commands_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SearchApi->search_commands_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SearchApi.new +opts = { + body: JCAPIv1::Search.new, # Search | + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #Search Organizations + result = api_instance.search_organizations_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SearchApi->search_organizations_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SearchApi.new +opts = { + body: JCAPIv1::Search.new, # Search | + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | + skip: 0, # Integer | The offset into the records to return. + filter: 'filter_example' # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. +} + +begin + #Search Systems + result = api_instance.search_systems_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SearchApi->search_systems_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SearchApi.new +opts = { + body: JCAPIv1::Search.new, # Search | + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | +} + +begin + #Search System Users + result = api_instance.search_systemusers_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SearchApi->search_systemusers_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemsApi.new +system_id = 'system_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Erase a System + api_instance.systems_command_builtin_erase(system_id, opts) +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemsApi->systems_command_builtin_erase: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemsApi.new +system_id = 'system_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Lock a System + api_instance.systems_command_builtin_lock(system_id, opts) +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemsApi->systems_command_builtin_lock: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemsApi.new +system_id = 'system_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Restart a System + api_instance.systems_command_builtin_restart(system_id, opts) +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemsApi->systems_command_builtin_restart: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemsApi.new +system_id = 'system_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Shutdown a System + api_instance.systems_command_builtin_shutdown(system_id, opts) +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemsApi->systems_command_builtin_shutdown: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemsApi.new +id = 'id_example' # String | +opts = { + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | +} + +begin + #Delete a System + result = api_instance.systems_delete(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemsApi->systems_delete: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemsApi.new +id = 'id_example' # String | +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | +} + +begin + #List an individual system + result = api_instance.systems_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemsApi->systems_get: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemsApi.new +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | + search: 'search_example', # String | A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. + skip: 0, # Integer | The offset into the records to return. + sort: 'sort_example', # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + filter: 'filter_example' # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. +} +begin + #List All Systems + result = api_instance.systems_list(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemsApi->systems_list: #{e}" +end # Setup authorization JCAPIv1.configure do |config| # Configure API key authorization: x-api-key @@ -62,31 +1032,385 @@ JCAPIv1.configure do |config| #config.api_key_prefix['x-api-key'] = 'Bearer' end -api_instance = JCAPIv1::ApplicationTemplatesApi.new +api_instance = JCAPIv1::SystemsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::Systemput.new, # Systemput | + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | +} + +begin + #Update a system + result = api_instance.systems_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemsApi->systems_put: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end -id = "id_example" # String | +api_instance = JCAPIv1::SystemusersApi.new +systemuser_id = 'systemuser_id_example' # String | +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Delete a system user's Public SSH Keys + result = api_instance.sshkey_delete(systemuser_id, id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->sshkey_delete: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end -content_type = "application/json" # String | +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} -accept = "application/json" # String | +begin + #List a system user's public SSH keys + result = api_instance.sshkey_list(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->sshkey_list: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | opts = { - fields: "fields_example", # String | The comma separated fields included in the returned records. If omitted the default list of fields will be returned. - limit: 56, # Integer | The number of records to return at once. - skip: 56, # Integer | The offset into the records to return. - sort: "The comma separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending.", # String | - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + body: JCAPIv1::Sshkeypost.new, # Sshkeypost | + x_org_id: 'x_org_id_example' # String | } begin - #Get an Application Template - result = api_instance.application_templates_get(id, content_type, accept, opts) + #Create a system user's Public SSH Key + result = api_instance.sshkey_post(id, opts) p result rescue JCAPIv1::ApiError => e - puts "Exception when calling ApplicationTemplatesApi->application_templates_get: #{e}" + puts "Exception when calling SystemusersApi->sshkey_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example', # String | + cascade_manager: 'cascade_manager_example' # String | This is an optional flag that can be enabled on the DELETE call, DELETE /systemusers/{id}?cascade_manager=null. This parameter will clear the Manager attribute on all direct reports and then delete the account. +} + +begin + #Delete a system user + result = api_instance.systemusers_delete(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_delete: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Expire a system user's password + result = api_instance.systemusers_expire(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_expire: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example' # String | +} + +begin + #List a system user + result = api_instance.systemusers_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_get: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +opts = { + limit: 10, # Integer | The number of records to return at once. + skip: 0, # Integer | The offset into the records to return. + sort: 'sort_example', # String | The space separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + fields: 'fields_example', # String | The space separated fields included in the returned records. If omitted the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example', # String | + search: 'search_example' # String | A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. +} + +begin + #List all system users + result = api_instance.systemusers_list(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_list: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | + + +begin + #Sync a systemuser's mfa enrollment status + api_instance.systemusers_mfasync(id) +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_mfasync: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +opts = { + body: JCAPIv1::Systemuserputpost.new, # Systemuserputpost | + x_org_id: 'x_org_id_example', # String | + full_validation_details: 'full_validation_details_example' # String | Pass this query parameter when a client wants all validation errors to be returned with a detailed error response for the form field specified. The current form fields are allowed: * `password` #### Password validation flag Use the `password` validation flag to receive details on a possible bad request response ``` ?fullValidationDetails=password ``` Without the flag, default behavior will be a normal 400 with only a single validation string error #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [ {\"field\": \"password\", \"description\": \"specialCharacter\"} ], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` +} + +begin + #Create a system user + result = api_instance.systemusers_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_post: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::Systemuserput.new, # Systemuserput | + x_org_id: 'x_org_id_example', # String | + full_validation_details: 'full_validation_details_example' # String | This endpoint can take in a query when a client wants all validation errors to be returned with error response for the form field specified, i.e. 'password' #### Password validation flag Use the \"password\" validation flag to receive details on a possible bad request response Without the `password` flag, default behavior will be a normal 400 with only a validation string message ``` ?fullValidationDetails=password ``` #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [{ \"field\": \"password\", \"description\": \"passwordHistory\" }], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` +} + +begin + #Update a system user + result = api_instance.systemusers_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_put: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::IdResetmfaBody.new, # IdResetmfaBody | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Reset a system user's MFA token + result = api_instance.systemusers_resetmfa(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_resetmfa: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::StateActivateBody.new # StateActivateBody | +} + +begin + #Activate System User + result = api_instance.systemusers_state_activate(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_state_activate: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Display info about a System User's TOTP enrollment. + result = api_instance.systemusers_totp_info(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_totp_info: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Unlock a system user + result = api_instance.systemusers_unlock(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_unlock: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::UsersApi.new +id = 'id_example' # String | + + +begin + #Administrator TOTP Reset Initiation + api_instance.admin_totpreset_begin(id) +rescue JCAPIv1::ApiError => e + puts "Exception when calling UsersApi->admin_totpreset_begin: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::UsersApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::Userput.new, # Userput | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Update a user + result = api_instance.users_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling UsersApi->users_put: #{e}" +end +# Setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' end +api_instance = JCAPIv1::UsersApi.new +id = 'id_example' # String | + + +begin + #Administrator Password Reset Initiation + api_instance.users_reactivate_get(id) +rescue JCAPIv1::ApiError => e + puts "Exception when calling UsersApi->users_reactivate_get: #{e}" +end ``` ## Documentation for API Endpoints @@ -109,40 +1433,53 @@ Class | Method | HTTP request | Description *JCAPIv1::CommandsApi* | [**command_file_get**](docs/CommandsApi.md#command_file_get) | **GET** /files/command/{id} | Get a Command File *JCAPIv1::CommandsApi* | [**commands_delete**](docs/CommandsApi.md#commands_delete) | **DELETE** /commands/{id} | Delete a Command *JCAPIv1::CommandsApi* | [**commands_get**](docs/CommandsApi.md#commands_get) | **GET** /commands/{id} | List an individual Command +*JCAPIv1::CommandsApi* | [**commands_get_results**](docs/CommandsApi.md#commands_get_results) | **GET** /commands/{id}/results | Get results for a specific command *JCAPIv1::CommandsApi* | [**commands_list**](docs/CommandsApi.md#commands_list) | **GET** /commands | List All Commands *JCAPIv1::CommandsApi* | [**commands_post**](docs/CommandsApi.md#commands_post) | **POST** /commands | Create A Command *JCAPIv1::CommandsApi* | [**commands_put**](docs/CommandsApi.md#commands_put) | **PUT** /commands/{id} | Update a Command +*JCAPIv1::CommandsApi* | [**commands_run**](docs/CommandsApi.md#commands_run) | **POST** /runCommand | Run a command +*JCAPIv1::ManagedServiceProviderApi* | [**admin_totpreset_begin**](docs/ManagedServiceProviderApi.md#admin_totpreset_begin) | **POST** /users/resettotp/{id} | Administrator TOTP Reset Initiation +*JCAPIv1::ManagedServiceProviderApi* | [**organization_list**](docs/ManagedServiceProviderApi.md#organization_list) | **GET** /organizations | Get Organization Details +*JCAPIv1::ManagedServiceProviderApi* | [**users_put**](docs/ManagedServiceProviderApi.md#users_put) | **PUT** /users/{id} | Update a user +*JCAPIv1::ManagedServiceProviderApi* | [**users_reactivate_get**](docs/ManagedServiceProviderApi.md#users_reactivate_get) | **GET** /users/reactivate/{id} | Administrator Password Reset Initiation *JCAPIv1::OrganizationsApi* | [**organization_list**](docs/OrganizationsApi.md#organization_list) | **GET** /organizations | Get Organization Details +*JCAPIv1::OrganizationsApi* | [**organization_put**](docs/OrganizationsApi.md#organization_put) | **PUT** /organizations/{id} | Update an Organization +*JCAPIv1::OrganizationsApi* | [**organizations_get**](docs/OrganizationsApi.md#organizations_get) | **GET** /organizations/{id} | Get an Organization +*JCAPIv1::RadiusServersApi* | [**radius_servers_delete**](docs/RadiusServersApi.md#radius_servers_delete) | **DELETE** /radiusservers/{id} | Delete Radius Server +*JCAPIv1::RadiusServersApi* | [**radius_servers_get**](docs/RadiusServersApi.md#radius_servers_get) | **GET** /radiusservers/{id} | Get Radius Server *JCAPIv1::RadiusServersApi* | [**radius_servers_list**](docs/RadiusServersApi.md#radius_servers_list) | **GET** /radiusservers | List Radius Servers *JCAPIv1::RadiusServersApi* | [**radius_servers_post**](docs/RadiusServersApi.md#radius_servers_post) | **POST** /radiusservers | Create a Radius Server *JCAPIv1::RadiusServersApi* | [**radius_servers_put**](docs/RadiusServersApi.md#radius_servers_put) | **PUT** /radiusservers/{id} | Update Radius Servers +*JCAPIv1::SearchApi* | [**search_commandresults_post**](docs/SearchApi.md#search_commandresults_post) | **POST** /search/commandresults | Search Commands Results +*JCAPIv1::SearchApi* | [**search_commands_post**](docs/SearchApi.md#search_commands_post) | **POST** /search/commands | Search Commands *JCAPIv1::SearchApi* | [**search_organizations_post**](docs/SearchApi.md#search_organizations_post) | **POST** /search/organizations | Search Organizations *JCAPIv1::SearchApi* | [**search_systems_post**](docs/SearchApi.md#search_systems_post) | **POST** /search/systems | Search Systems *JCAPIv1::SearchApi* | [**search_systemusers_post**](docs/SearchApi.md#search_systemusers_post) | **POST** /search/systemusers | Search System Users +*JCAPIv1::SystemsApi* | [**systems_command_builtin_erase**](docs/SystemsApi.md#systems_command_builtin_erase) | **POST** /systems/{system_id}/command/builtin/erase | Erase a System +*JCAPIv1::SystemsApi* | [**systems_command_builtin_lock**](docs/SystemsApi.md#systems_command_builtin_lock) | **POST** /systems/{system_id}/command/builtin/lock | Lock a System +*JCAPIv1::SystemsApi* | [**systems_command_builtin_restart**](docs/SystemsApi.md#systems_command_builtin_restart) | **POST** /systems/{system_id}/command/builtin/restart | Restart a System +*JCAPIv1::SystemsApi* | [**systems_command_builtin_shutdown**](docs/SystemsApi.md#systems_command_builtin_shutdown) | **POST** /systems/{system_id}/command/builtin/shutdown | Shutdown a System *JCAPIv1::SystemsApi* | [**systems_delete**](docs/SystemsApi.md#systems_delete) | **DELETE** /systems/{id} | Delete a System *JCAPIv1::SystemsApi* | [**systems_get**](docs/SystemsApi.md#systems_get) | **GET** /systems/{id} | List an individual system *JCAPIv1::SystemsApi* | [**systems_list**](docs/SystemsApi.md#systems_list) | **GET** /systems | List All Systems *JCAPIv1::SystemsApi* | [**systems_put**](docs/SystemsApi.md#systems_put) | **PUT** /systems/{id} | Update a system -*JCAPIv1::SystemsApi* | [**systems_systemusers_binding_list**](docs/SystemsApi.md#systems_systemusers_binding_list) | **GET** /systems/{id}/systemusers | List system user bindings -*JCAPIv1::SystemsApi* | [**systems_systemusers_binding_put**](docs/SystemsApi.md#systems_systemusers_binding_put) | **PUT** /systems/{id}/systemusers | Update a system's or user's binding *JCAPIv1::SystemusersApi* | [**sshkey_delete**](docs/SystemusersApi.md#sshkey_delete) | **DELETE** /systemusers/{systemuser_id}/sshkeys/{id} | Delete a system user's Public SSH Keys *JCAPIv1::SystemusersApi* | [**sshkey_list**](docs/SystemusersApi.md#sshkey_list) | **GET** /systemusers/{id}/sshkeys | List a system user's public SSH keys *JCAPIv1::SystemusersApi* | [**sshkey_post**](docs/SystemusersApi.md#sshkey_post) | **POST** /systemusers/{id}/sshkeys | Create a system user's Public SSH Key *JCAPIv1::SystemusersApi* | [**systemusers_delete**](docs/SystemusersApi.md#systemusers_delete) | **DELETE** /systemusers/{id} | Delete a system user +*JCAPIv1::SystemusersApi* | [**systemusers_expire**](docs/SystemusersApi.md#systemusers_expire) | **POST** /systemusers/{id}/expire | Expire a system user's password *JCAPIv1::SystemusersApi* | [**systemusers_get**](docs/SystemusersApi.md#systemusers_get) | **GET** /systemusers/{id} | List a system user *JCAPIv1::SystemusersApi* | [**systemusers_list**](docs/SystemusersApi.md#systemusers_list) | **GET** /systemusers | List all system users +*JCAPIv1::SystemusersApi* | [**systemusers_mfasync**](docs/SystemusersApi.md#systemusers_mfasync) | **POST** /systemusers/{id}/mfasync | Sync a systemuser's mfa enrollment status *JCAPIv1::SystemusersApi* | [**systemusers_post**](docs/SystemusersApi.md#systemusers_post) | **POST** /systemusers | Create a system user *JCAPIv1::SystemusersApi* | [**systemusers_put**](docs/SystemusersApi.md#systemusers_put) | **PUT** /systemusers/{id} | Update a system user *JCAPIv1::SystemusersApi* | [**systemusers_resetmfa**](docs/SystemusersApi.md#systemusers_resetmfa) | **POST** /systemusers/{id}/resetmfa | Reset a system user's MFA token -*JCAPIv1::SystemusersApi* | [**systemusers_systems_binding_list**](docs/SystemusersApi.md#systemusers_systems_binding_list) | **GET** /systemusers/{id}/systems | List system user binding -*JCAPIv1::SystemusersApi* | [**systemusers_systems_binding_put**](docs/SystemusersApi.md#systemusers_systems_binding_put) | **PUT** /systemusers/{id}/systems | Update a system user binding +*JCAPIv1::SystemusersApi* | [**systemusers_state_activate**](docs/SystemusersApi.md#systemusers_state_activate) | **POST** /systemusers/{id}/state/activate | Activate System User +*JCAPIv1::SystemusersApi* | [**systemusers_totp_info**](docs/SystemusersApi.md#systemusers_totp_info) | **GET** /systemusers/{id}/totpinfo | Display info about a System User's TOTP enrollment. *JCAPIv1::SystemusersApi* | [**systemusers_unlock**](docs/SystemusersApi.md#systemusers_unlock) | **POST** /systemusers/{id}/unlock | Unlock a system user -*JCAPIv1::TagsApi* | [**tags_delete**](docs/TagsApi.md#tags_delete) | **DELETE** /tags/{name} | Delete a Tag -*JCAPIv1::TagsApi* | [**tags_get**](docs/TagsApi.md#tags_get) | **GET** /Tags/{name} | List a Tag -*JCAPIv1::TagsApi* | [**tags_list**](docs/TagsApi.md#tags_list) | **GET** /tags | List All Tags -*JCAPIv1::TagsApi* | [**tags_post**](docs/TagsApi.md#tags_post) | **POST** /tags | Create a Tag -*JCAPIv1::TagsApi* | [**tags_put**](docs/TagsApi.md#tags_put) | **PUT** /Tag/{name} | Update a Tag - +*JCAPIv1::UsersApi* | [**admin_totpreset_begin**](docs/UsersApi.md#admin_totpreset_begin) | **POST** /users/resettotp/{id} | Administrator TOTP Reset Initiation +*JCAPIv1::UsersApi* | [**users_put**](docs/UsersApi.md#users_put) | **PUT** /users/{id} | Update a user +*JCAPIv1::UsersApi* | [**users_reactivate_get**](docs/UsersApi.md#users_reactivate_get) | **GET** /users/reactivate/{id} | Administrator Password Reset Initiation ## Documentation for Models @@ -154,12 +1491,15 @@ Class | Method | HTTP request | Description - [JCAPIv1::ApplicationConfigConstantAttributes](docs/ApplicationConfigConstantAttributes.md) - [JCAPIv1::ApplicationConfigConstantAttributesValue](docs/ApplicationConfigConstantAttributesValue.md) - [JCAPIv1::ApplicationConfigDatabaseAttributes](docs/ApplicationConfigDatabaseAttributes.md) + - [JCAPIv1::ApplicationConfigSignAssertion](docs/ApplicationConfigSignAssertion.md) + - [JCAPIv1::ApplicationLogo](docs/ApplicationLogo.md) - [JCAPIv1::Applicationslist](docs/Applicationslist.md) - [JCAPIv1::Applicationtemplate](docs/Applicationtemplate.md) - [JCAPIv1::ApplicationtemplateJit](docs/ApplicationtemplateJit.md) + - [JCAPIv1::ApplicationtemplateLogo](docs/ApplicationtemplateLogo.md) + - [JCAPIv1::ApplicationtemplateOidc](docs/ApplicationtemplateOidc.md) + - [JCAPIv1::ApplicationtemplateProvision](docs/ApplicationtemplateProvision.md) - [JCAPIv1::Applicationtemplateslist](docs/Applicationtemplateslist.md) - - [JCAPIv1::Body](docs/Body.md) - - [JCAPIv1::Body1](docs/Body1.md) - [JCAPIv1::Command](docs/Command.md) - [JCAPIv1::Commandfilereturn](docs/Commandfilereturn.md) - [JCAPIv1::CommandfilereturnResults](docs/CommandfilereturnResults.md) @@ -167,47 +1507,87 @@ Class | Method | HTTP request | Description - [JCAPIv1::CommandresultResponse](docs/CommandresultResponse.md) - [JCAPIv1::CommandresultResponseData](docs/CommandresultResponseData.md) - [JCAPIv1::Commandresultslist](docs/Commandresultslist.md) + - [JCAPIv1::CommandresultslistResults](docs/CommandresultslistResults.md) - [JCAPIv1::Commandslist](docs/Commandslist.md) - [JCAPIv1::CommandslistResults](docs/CommandslistResults.md) - - [JCAPIv1::Errorresponse](docs/Errorresponse.md) + - [JCAPIv1::Error](docs/Error.md) + - [JCAPIv1::ErrorDetails](docs/ErrorDetails.md) - [JCAPIv1::Fde](docs/Fde.md) + - [JCAPIv1::IdResetmfaBody](docs/IdResetmfaBody.md) + - [JCAPIv1::InlineResponse200](docs/InlineResponse200.md) + - [JCAPIv1::InlineResponse412](docs/InlineResponse412.md) - [JCAPIv1::Mfa](docs/Mfa.md) + - [JCAPIv1::MfaEnrollment](docs/MfaEnrollment.md) + - [JCAPIv1::MfaEnrollmentStatus](docs/MfaEnrollmentStatus.md) + - [JCAPIv1::Organization](docs/Organization.md) + - [JCAPIv1::Organizationentitlement](docs/Organizationentitlement.md) + - [JCAPIv1::OrganizationentitlementEntitlementProducts](docs/OrganizationentitlementEntitlementProducts.md) + - [JCAPIv1::OrganizationsIdBody](docs/OrganizationsIdBody.md) + - [JCAPIv1::Organizationsettings](docs/Organizationsettings.md) + - [JCAPIv1::OrganizationsettingsFeatures](docs/OrganizationsettingsFeatures.md) + - [JCAPIv1::OrganizationsettingsFeaturesDirectoryInsights](docs/OrganizationsettingsFeaturesDirectoryInsights.md) + - [JCAPIv1::OrganizationsettingsFeaturesDirectoryInsightsPremium](docs/OrganizationsettingsFeaturesDirectoryInsightsPremium.md) + - [JCAPIv1::OrganizationsettingsFeaturesSystemInsights](docs/OrganizationsettingsFeaturesSystemInsights.md) + - [JCAPIv1::OrganizationsettingsNewSystemUserStateDefaults](docs/OrganizationsettingsNewSystemUserStateDefaults.md) + - [JCAPIv1::OrganizationsettingsPasswordPolicy](docs/OrganizationsettingsPasswordPolicy.md) + - [JCAPIv1::OrganizationsettingsUserPortal](docs/OrganizationsettingsUserPortal.md) + - [JCAPIv1::OrganizationsettingsWindowsMDM](docs/OrganizationsettingsWindowsMDM.md) + - [JCAPIv1::Organizationsettingsput](docs/Organizationsettingsput.md) + - [JCAPIv1::OrganizationsettingsputNewSystemUserStateDefaults](docs/OrganizationsettingsputNewSystemUserStateDefaults.md) + - [JCAPIv1::OrganizationsettingsputPasswordPolicy](docs/OrganizationsettingsputPasswordPolicy.md) - [JCAPIv1::Organizationslist](docs/Organizationslist.md) - [JCAPIv1::OrganizationslistResults](docs/OrganizationslistResults.md) - [JCAPIv1::Radiusserver](docs/Radiusserver.md) - [JCAPIv1::Radiusserverpost](docs/Radiusserverpost.md) - [JCAPIv1::Radiusserverput](docs/Radiusserverput.md) + - [JCAPIv1::RadiusserversIdBody](docs/RadiusserversIdBody.md) - [JCAPIv1::Radiusserverslist](docs/Radiusserverslist.md) + - [JCAPIv1::RunCommandBody](docs/RunCommandBody.md) - [JCAPIv1::Search](docs/Search.md) - [JCAPIv1::Sshkeylist](docs/Sshkeylist.md) - [JCAPIv1::Sshkeypost](docs/Sshkeypost.md) + - [JCAPIv1::Sso](docs/Sso.md) + - [JCAPIv1::StateActivateBody](docs/StateActivateBody.md) - [JCAPIv1::System](docs/System.md) + - [JCAPIv1::SystemBuiltInCommands](docs/SystemBuiltInCommands.md) + - [JCAPIv1::SystemDomainInfo](docs/SystemDomainInfo.md) + - [JCAPIv1::SystemMdm](docs/SystemMdm.md) + - [JCAPIv1::SystemMdmInternal](docs/SystemMdmInternal.md) + - [JCAPIv1::SystemMdmWindows](docs/SystemMdmWindows.md) - [JCAPIv1::SystemNetworkInterfaces](docs/SystemNetworkInterfaces.md) + - [JCAPIv1::SystemOsVersionDetail](docs/SystemOsVersionDetail.md) + - [JCAPIv1::SystemProvisionMetadata](docs/SystemProvisionMetadata.md) + - [JCAPIv1::SystemProvisionMetadataProvisioner](docs/SystemProvisionMetadataProvisioner.md) + - [JCAPIv1::SystemSecureLogin](docs/SystemSecureLogin.md) + - [JCAPIv1::SystemServiceAccountState](docs/SystemServiceAccountState.md) - [JCAPIv1::SystemSshdParams](docs/SystemSshdParams.md) - [JCAPIv1::SystemSystemInsights](docs/SystemSystemInsights.md) + - [JCAPIv1::SystemUserMetrics](docs/SystemUserMetrics.md) - [JCAPIv1::Systemput](docs/Systemput.md) - [JCAPIv1::SystemputAgentBoundMessages](docs/SystemputAgentBoundMessages.md) - [JCAPIv1::Systemslist](docs/Systemslist.md) - - [JCAPIv1::Systemuser](docs/Systemuser.md) - - [JCAPIv1::Systemuserbinding](docs/Systemuserbinding.md) - - [JCAPIv1::Systemuserbindingsput](docs/Systemuserbindingsput.md) - [JCAPIv1::Systemuserput](docs/Systemuserput.md) - [JCAPIv1::SystemuserputAddresses](docs/SystemuserputAddresses.md) + - [JCAPIv1::SystemuserputAttributes](docs/SystemuserputAttributes.md) - [JCAPIv1::SystemuserputPhoneNumbers](docs/SystemuserputPhoneNumbers.md) + - [JCAPIv1::SystemuserputRelationships](docs/SystemuserputRelationships.md) - [JCAPIv1::Systemuserputpost](docs/Systemuserputpost.md) - [JCAPIv1::SystemuserputpostAddresses](docs/SystemuserputpostAddresses.md) - [JCAPIv1::SystemuserputpostPhoneNumbers](docs/SystemuserputpostPhoneNumbers.md) + - [JCAPIv1::SystemuserputpostRecoveryEmail](docs/SystemuserputpostRecoveryEmail.md) - [JCAPIv1::Systemuserreturn](docs/Systemuserreturn.md) - [JCAPIv1::SystemuserreturnAddresses](docs/SystemuserreturnAddresses.md) - [JCAPIv1::SystemuserreturnPhoneNumbers](docs/SystemuserreturnPhoneNumbers.md) + - [JCAPIv1::SystemuserreturnRecoveryEmail](docs/SystemuserreturnRecoveryEmail.md) - [JCAPIv1::Systemuserslist](docs/Systemuserslist.md) - - [JCAPIv1::Tag](docs/Tag.md) - - [JCAPIv1::Tagpost](docs/Tagpost.md) - - [JCAPIv1::Tagput](docs/Tagput.md) - - [JCAPIv1::Tagslist](docs/Tagslist.md) - - [JCAPIv1::Usersystembinding](docs/Usersystembinding.md) - - [JCAPIv1::Usersystembindingsput](docs/Usersystembindingsput.md) - + - [JCAPIv1::Totpenrollmentinfo](docs/Totpenrollmentinfo.md) + - [JCAPIv1::Triggerreturn](docs/Triggerreturn.md) + - [JCAPIv1::TrustedappConfigGet](docs/TrustedappConfigGet.md) + - [JCAPIv1::TrustedappConfigGetTrustedApps](docs/TrustedappConfigGetTrustedApps.md) + - [JCAPIv1::TrustedappConfigPut](docs/TrustedappConfigPut.md) + - [JCAPIv1::Userput](docs/Userput.md) + - [JCAPIv1::Userreturn](docs/Userreturn.md) + - [JCAPIv1::UserreturnGrowthData](docs/UserreturnGrowthData.md) ## Documentation for Authorization diff --git a/jcapiv1/docs/Application.md b/jcapiv1/docs/Application.md index a5b9f9f..a83aad9 100644 --- a/jcapiv1/docs/Application.md +++ b/jcapiv1/docs/Application.md @@ -4,13 +4,19 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **_id** | **String** | | [optional] +**active** | **BOOLEAN** | | [optional] **beta** | **BOOLEAN** | | [optional] -**config** | [**ApplicationConfig**](ApplicationConfig.md) | | [optional] +**color** | **String** | | [optional] +**config** | [**ApplicationConfig**](ApplicationConfig.md) | | +**created** | **String** | | [optional] +**database_attributes** | **Array<Object>** | | [optional] +**description** | **String** | | [optional] **display_label** | **String** | | [optional] **display_name** | **String** | | [optional] **learn_more** | **String** | | [optional] -**name** | **String** | | [optional] +**logo** | [**ApplicationLogo**](ApplicationLogo.md) | | [optional] +**name** | **String** | | **organization** | **String** | | [optional] -**sso_url** | **String** | | [optional] - +**sso** | [**Sso**](Sso.md) | | [optional] +**sso_url** | **String** | | diff --git a/jcapiv1/docs/ApplicationConfig.md b/jcapiv1/docs/ApplicationConfig.md index 3729395..736f5ac 100644 --- a/jcapiv1/docs/ApplicationConfig.md +++ b/jcapiv1/docs/ApplicationConfig.md @@ -9,6 +9,7 @@ Name | Type | Description | Notes **idp_certificate** | [**ApplicationConfigAcsUrl**](ApplicationConfigAcsUrl.md) | | [optional] **idp_entity_id** | [**ApplicationConfigAcsUrl**](ApplicationConfigAcsUrl.md) | | [optional] **idp_private_key** | [**ApplicationConfigAcsUrl**](ApplicationConfigAcsUrl.md) | | [optional] +**sign_assertion** | [**ApplicationConfigSignAssertion**](ApplicationConfigSignAssertion.md) | | [optional] +**sign_response** | [**ApplicationConfigSignAssertion**](ApplicationConfigSignAssertion.md) | | [optional] **sp_entity_id** | [**ApplicationConfigAcsUrl**](ApplicationConfigAcsUrl.md) | | [optional] - diff --git a/jcapiv1/docs/ApplicationConfigAcsUrl.md b/jcapiv1/docs/ApplicationConfigAcsUrl.md index 724c820..4bd2280 100644 --- a/jcapiv1/docs/ApplicationConfigAcsUrl.md +++ b/jcapiv1/docs/ApplicationConfigAcsUrl.md @@ -4,12 +4,13 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **label** | **String** | | [optional] +**options** | **String** | | [optional] **position** | **Integer** | | [optional] **read_only** | **BOOLEAN** | | [optional] **required** | **BOOLEAN** | | [optional] +**toggle** | **String** | | [optional] **tooltip** | [**ApplicationConfigAcsUrlTooltip**](ApplicationConfigAcsUrlTooltip.md) | | [optional] **type** | **String** | | [optional] **value** | **String** | | [optional] **visible** | **BOOLEAN** | | [optional] - diff --git a/jcapiv1/docs/ApplicationConfigAcsUrlTooltip.md b/jcapiv1/docs/ApplicationConfigAcsUrlTooltip.md index 48b9ffa..0b74ff4 100644 --- a/jcapiv1/docs/ApplicationConfigAcsUrlTooltip.md +++ b/jcapiv1/docs/ApplicationConfigAcsUrlTooltip.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **template** | **String** | | [optional] **variables** | [**ApplicationConfigAcsUrlTooltipVariables**](ApplicationConfigAcsUrlTooltipVariables.md) | | [optional] - diff --git a/jcapiv1/docs/ApplicationConfigAcsUrlTooltipVariables.md b/jcapiv1/docs/ApplicationConfigAcsUrlTooltipVariables.md index 1d1f85c..944e797 100644 --- a/jcapiv1/docs/ApplicationConfigAcsUrlTooltipVariables.md +++ b/jcapiv1/docs/ApplicationConfigAcsUrlTooltipVariables.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **icon** | **String** | | [optional] **message** | **String** | | [optional] - diff --git a/jcapiv1/docs/ApplicationConfigConstantAttributes.md b/jcapiv1/docs/ApplicationConfigConstantAttributes.md index c764ec5..d130c4e 100644 --- a/jcapiv1/docs/ApplicationConfigConstantAttributes.md +++ b/jcapiv1/docs/ApplicationConfigConstantAttributes.md @@ -13,4 +13,3 @@ Name | Type | Description | Notes **value** | [**Array<ApplicationConfigConstantAttributesValue>**](ApplicationConfigConstantAttributesValue.md) | | [optional] **visible** | **BOOLEAN** | | [optional] - diff --git a/jcapiv1/docs/ApplicationConfigConstantAttributesValue.md b/jcapiv1/docs/ApplicationConfigConstantAttributesValue.md index d5b8d0a..af2a00d 100644 --- a/jcapiv1/docs/ApplicationConfigConstantAttributesValue.md +++ b/jcapiv1/docs/ApplicationConfigConstantAttributesValue.md @@ -9,4 +9,3 @@ Name | Type | Description | Notes **value** | **String** | | [optional] **visible** | **BOOLEAN** | | [optional] - diff --git a/jcapiv1/docs/ApplicationConfigDatabaseAttributes.md b/jcapiv1/docs/ApplicationConfigDatabaseAttributes.md index 24d7652..32610be 100644 --- a/jcapiv1/docs/ApplicationConfigDatabaseAttributes.md +++ b/jcapiv1/docs/ApplicationConfigDatabaseAttributes.md @@ -5,4 +5,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **position** | **Integer** | | [optional] - diff --git a/jcapiv1/docs/ApplicationConfigSignAssertion.md b/jcapiv1/docs/ApplicationConfigSignAssertion.md new file mode 100644 index 0000000..19b79b5 --- /dev/null +++ b/jcapiv1/docs/ApplicationConfigSignAssertion.md @@ -0,0 +1,14 @@ +# JCAPIv1::ApplicationConfigSignAssertion + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**label** | **String** | | [optional] +**position** | **Integer** | | [optional] +**read_only** | **BOOLEAN** | | [optional] +**required** | **BOOLEAN** | | [optional] +**tooltip** | [**ApplicationConfigAcsUrlTooltip**](ApplicationConfigAcsUrlTooltip.md) | | [optional] +**type** | **String** | | [optional] +**value** | **BOOLEAN** | | [optional] +**visible** | **BOOLEAN** | | [optional] + diff --git a/jcapiv1/docs/ApplicationLogo.md b/jcapiv1/docs/ApplicationLogo.md new file mode 100644 index 0000000..9c478db --- /dev/null +++ b/jcapiv1/docs/ApplicationLogo.md @@ -0,0 +1,8 @@ +# JCAPIv1::ApplicationLogo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**color** | **String** | | [optional] +**url** | **String** | | [optional] + diff --git a/jcapiv1/docs/ApplicationTemplatesApi.md b/jcapiv1/docs/ApplicationTemplatesApi.md index 5c56bf3..857dbd4 100644 --- a/jcapiv1/docs/ApplicationTemplatesApi.md +++ b/jcapiv1/docs/ApplicationTemplatesApi.md @@ -7,9 +7,8 @@ Method | HTTP request | Description [**application_templates_get**](ApplicationTemplatesApi.md#application_templates_get) | **GET** /application-templates/{id} | Get an Application Template [**application_templates_list**](ApplicationTemplatesApi.md#application_templates_list) | **GET** /application-templates | List Application Templates - # **application_templates_get** -> Applicationtemplate application_templates_get(id, content_type, accept, opts) +> Applicationtemplate application_templates_get(id, opts) Get an Application Template @@ -28,25 +27,19 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::ApplicationTemplatesApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - fields: "fields_example", # String | The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + fields: 'fields_example', # String | The space separated fields included in the returned records. If omitted the default list of fields will be returned. limit: 56, # Integer | The number of records to return at once. skip: 56, # Integer | The offset into the records to return. - sort: "The comma separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending.", # String | - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + sort: 'sort_example', # String | The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example' # String | } begin #Get an Application Template - result = api_instance.application_templates_get(id, content_type, accept, opts) + result = api_instance.application_templates_get(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling ApplicationTemplatesApi->application_templates_get: #{e}" @@ -58,14 +51,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| The comma separated fields included in the returned records. If omitted the default list of fields will be returned. | [optional] + **fields** | **String**| The space separated fields included in the returned records. If omitted the default list of fields will be returned. | [optional] **limit** | **Integer**| The number of records to return at once. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] - **sort** | **String**| | [optional] [default to The comma separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending.] - **filter** | **String**| A filter to apply to the query. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | **String**| The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] + **x_org_id** | **String**| | [optional] ### Return type @@ -77,13 +68,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **application_templates_list** -> Applicationtemplateslist application_templates_list(content_type, accept, opts) +> Applicationtemplateslist application_templates_list(opts) List Application Templates @@ -102,23 +93,18 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::ApplicationTemplatesApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: "fields_example", # String | The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + fields: 'fields_example', # String | The space separated fields included in the returned records. If omitted the default list of fields will be returned. limit: 56, # Integer | The number of records to return at once. skip: 56, # Integer | The offset into the records to return. - sort: "The comma separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending.", # String | - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + sort: 'sort_example', # String | The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example' # String | } begin #List Application Templates - result = api_instance.application_templates_list(content_type, accept, opts) + result = api_instance.application_templates_list(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling ApplicationTemplatesApi->application_templates_list: #{e}" @@ -129,14 +115,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| The comma separated fields included in the returned records. If omitted the default list of fields will be returned. | [optional] + **fields** | **String**| The space separated fields included in the returned records. If omitted the default list of fields will be returned. | [optional] **limit** | **Integer**| The number of records to return at once. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] - **sort** | **String**| | [optional] [default to The comma separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending.] - **filter** | **String**| A filter to apply to the query. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | **String**| The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] + **x_org_id** | **String**| | [optional] ### Return type @@ -148,7 +132,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv1/docs/ApplicationsApi.md b/jcapiv1/docs/ApplicationsApi.md index 776c29a..fd7ba6b 100644 --- a/jcapiv1/docs/ApplicationsApi.md +++ b/jcapiv1/docs/ApplicationsApi.md @@ -10,7 +10,6 @@ Method | HTTP request | Description [**applications_post**](ApplicationsApi.md#applications_post) | **POST** /applications | Create an Application [**applications_put**](ApplicationsApi.md#applications_put) | **PUT** /applications/{id} | Update an Application - # **applications_delete** > Application applications_delete(id, opts) @@ -31,13 +30,9 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::ApplicationsApi.new - -id = "id_example" # String | - +id = 'id_example' # String | opts = { - content_type: "content_type_example", # String | - accept: "accept_example", # String | - x_org_id: "x_org_id_example" # String | + x_org_id: 'x_org_id_example' # String | } begin @@ -54,8 +49,6 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [optional] - **accept** | **String**| | [optional] **x_org_id** | **String**| | [optional] ### Return type @@ -68,7 +61,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json @@ -93,13 +86,9 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::ApplicationsApi.new - -id = "id_example" # String | - +id = 'id_example' # String | opts = { - content_type: "content_type_example", # String | - accept: "accept_example", # String | - x_org_id: "x_org_id_example" # String | + x_org_id: 'x_org_id_example' # String | } begin @@ -116,8 +105,6 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [optional] - **accept** | **String**| | [optional] **x_org_id** | **String**| | [optional] ### Return type @@ -130,13 +117,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **applications_list** -> Applicationslist applications_list(content_type, accept, opts) +> Applicationslist applications_list(opts) Applications @@ -155,23 +142,18 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::ApplicationsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: "fields_example", # String | The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + fields: 'fields_example', # String | The space separated fields included in the returned records. If omitted the default list of fields will be returned. limit: 56, # Integer | The number of records to return at once. skip: 56, # Integer | The offset into the records to return. - sort: "The comma separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending.", # String | - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + sort: 'name', # String | The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example' # String | } begin #Applications - result = api_instance.applications_list(content_type, accept, opts) + result = api_instance.applications_list(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling ApplicationsApi->applications_list: #{e}" @@ -182,14 +164,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| The comma separated fields included in the returned records. If omitted the default list of fields will be returned. | [optional] + **fields** | **String**| The space separated fields included in the returned records. If omitted the default list of fields will be returned. | [optional] **limit** | **Integer**| The number of records to return at once. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] - **sort** | **String**| | [optional] [default to The comma separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending.] - **filter** | **String**| A filter to apply to the query. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | **String**| The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. | [optional] [default to name] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] + **x_org_id** | **String**| | [optional] ### Return type @@ -201,7 +181,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json @@ -226,12 +206,9 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::ApplicationsApi.new - opts = { - body: JCAPIv1::Application.new, # Application | - content_type: "content_type_example", # String | - accept: "accept_example", # String | - x_org_id: "x_org_id_example" # String | + body: JCAPIv1::Application.new # Application | + x_org_id: 'x_org_id_example' # String | } begin @@ -248,8 +225,6 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **body** | [**Application**](Application.md)| | [optional] - **content_type** | **String**| | [optional] - **accept** | **String**| | [optional] **x_org_id** | **String**| | [optional] ### Return type @@ -272,7 +247,7 @@ Name | Type | Description | Notes Update an Application -The endpoint updates a SSO / SAML Application. +The endpoint updates a SSO / SAML Application. Any fields not provided will be reset or created with default values. ### Example ```ruby @@ -287,14 +262,10 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::ApplicationsApi.new - -id = "id_example" # String | - +id = 'id_example' # String | opts = { - body: JCAPIv1::Application.new, # Application | - content_type: "content_type_example", # String | - accept: "accept_example", # String | - x_org_id: "x_org_id_example" # String | + body: JCAPIv1::Application.new # Application | + x_org_id: 'x_org_id_example' # String | } begin @@ -312,8 +283,6 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | **body** | [**Application**](Application.md)| | [optional] - **content_type** | **String**| | [optional] - **accept** | **String**| | [optional] **x_org_id** | **String**| | [optional] ### Return type diff --git a/jcapiv1/docs/Applicationslist.md b/jcapiv1/docs/Applicationslist.md index a731c3e..d46efff 100644 --- a/jcapiv1/docs/Applicationslist.md +++ b/jcapiv1/docs/Applicationslist.md @@ -3,7 +3,7 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**name** | **String** | | [optional] **results** | [**Array<Application>**](Application.md) | The list of applications. | [optional] **total_count** | **Integer** | The total number of applications. | [optional] - diff --git a/jcapiv1/docs/Applicationtemplate.md b/jcapiv1/docs/Applicationtemplate.md index 714c95f..83eda4d 100644 --- a/jcapiv1/docs/Applicationtemplate.md +++ b/jcapiv1/docs/Applicationtemplate.md @@ -4,6 +4,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **_id** | **String** | | [optional] +**active** | **BOOLEAN** | | [optional] **beta** | **BOOLEAN** | | [optional] **color** | **String** | | [optional] **config** | [**ApplicationConfig**](ApplicationConfig.md) | | [optional] @@ -11,8 +12,14 @@ Name | Type | Description | Notes **display_name** | **String** | | [optional] **is_configured** | **BOOLEAN** | | [optional] **jit** | [**ApplicationtemplateJit**](ApplicationtemplateJit.md) | | [optional] +**keywords** | **Array<String>** | | [optional] **learn_more** | **String** | | [optional] +**logo** | [**ApplicationtemplateLogo**](ApplicationtemplateLogo.md) | | [optional] **name** | **String** | | [optional] +**oidc** | [**ApplicationtemplateOidc**](ApplicationtemplateOidc.md) | | [optional] +**provision** | [**ApplicationtemplateProvision**](ApplicationtemplateProvision.md) | | [optional] +**sso** | [**Sso**](Sso.md) | | [optional] **sso_url** | **String** | | [optional] - +**status** | **String** | | [optional] +**test** | **String** | | [optional] diff --git a/jcapiv1/docs/ApplicationtemplateJit.md b/jcapiv1/docs/ApplicationtemplateJit.md index 57f66a1..232d602 100644 --- a/jcapiv1/docs/ApplicationtemplateJit.md +++ b/jcapiv1/docs/ApplicationtemplateJit.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **attributes** | **Object** | | [optional] **create_only** | **BOOLEAN** | | [optional] - diff --git a/jcapiv1/docs/ApplicationtemplateLogo.md b/jcapiv1/docs/ApplicationtemplateLogo.md new file mode 100644 index 0000000..81eda77 --- /dev/null +++ b/jcapiv1/docs/ApplicationtemplateLogo.md @@ -0,0 +1,7 @@ +# JCAPIv1::ApplicationtemplateLogo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**url** | **String** | | [optional] + diff --git a/jcapiv1/docs/ApplicationtemplateOidc.md b/jcapiv1/docs/ApplicationtemplateOidc.md new file mode 100644 index 0000000..aa2e1b9 --- /dev/null +++ b/jcapiv1/docs/ApplicationtemplateOidc.md @@ -0,0 +1,10 @@ +# JCAPIv1::ApplicationtemplateOidc + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**grant_types** | **Array<String>** | The grant types allowed. | [optional] +**redirect_uris** | **Array<String>** | List of allowed redirectUris | [optional] +**sso_url** | **String** | The relying party url to trigger an oidc login. | [optional] +**token_endpoint_auth_method** | **String** | Method that the client uses to authenticate when requesting a token. If 'none', then the client must use PKCE. If 'client_secret_post', then the secret is passed in the post body when requesting the token. | [optional] + diff --git a/jcapiv1/docs/ApplicationtemplateProvision.md b/jcapiv1/docs/ApplicationtemplateProvision.md new file mode 100644 index 0000000..c7edaad --- /dev/null +++ b/jcapiv1/docs/ApplicationtemplateProvision.md @@ -0,0 +1,9 @@ +# JCAPIv1::ApplicationtemplateProvision + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**beta** | **BOOLEAN** | | [optional] +**groups_supported** | **BOOLEAN** | | [optional] +**type** | **String** | | [optional] + diff --git a/jcapiv1/docs/Applicationtemplateslist.md b/jcapiv1/docs/Applicationtemplateslist.md index 030b4eb..909d10b 100644 --- a/jcapiv1/docs/Applicationtemplateslist.md +++ b/jcapiv1/docs/Applicationtemplateslist.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **results** | [**Array<Applicationtemplate>**](Applicationtemplate.md) | The list of applications. | [optional] **total_count** | **Integer** | The total number of applications. | [optional] - diff --git a/jcapiv1/docs/Body1.md b/jcapiv1/docs/Body1.md deleted file mode 100644 index 33188a2..0000000 --- a/jcapiv1/docs/Body1.md +++ /dev/null @@ -1,9 +0,0 @@ -# JCAPIv1::Body1 - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**exclusion** | **BOOLEAN** | | [optional] -**exclusion_until** | **DateTime** | | [optional] - - diff --git a/jcapiv1/docs/Command.md b/jcapiv1/docs/Command.md index d73655b..b0efd0f 100644 --- a/jcapiv1/docs/Command.md +++ b/jcapiv1/docs/Command.md @@ -5,18 +5,21 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **command** | **String** | The command to execute on the server. | **command_runners** | **Array<String>** | An array of IDs of the Command Runner Users that can execute this command. | [optional] -**command_type** | **String** | The Command OS | [optional] +**command_type** | **String** | The Command OS | [default to 'linux'] **files** | **Array<String>** | An array of file IDs to include with the command. | [optional] **launch_type** | **String** | How the command will execute. | [optional] **listens_to** | **String** | | [optional] -**name** | **String** | | [optional] +**name** | **String** | | **organization** | **String** | The ID of the organization. | [optional] **schedule** | **String** | A crontab that consists of: [ (seconds) (minutes) (hours) (days of month) (months) (weekdays) ] or [ immediate ]. If you send this as an empty string, it will run immediately. | [optional] **schedule_repeat_type** | **String** | When the command will repeat. | [optional] +**schedule_year** | **Integer** | The year that a scheduled command will launch in. | [optional] +**shell** | **String** | The shell used to run the command. | [optional] **sudo** | **BOOLEAN** | | [optional] -**systems** | **Array<String>** | An array of system IDs to run the command on. Not available if you are using Groups. | [optional] +**systems** | **Array<String>** | Not used. Use /api/v2/commands/{id}/associations to bind commands to systems. | [optional] +**template** | **String** | The template this command was created from | [optional] +**time_to_live_seconds** | **Integer** | Time in seconds a command can wait in the queue to be run before timing out | [optional] **timeout** | **String** | The time in seconds to allow the command to run for. | [optional] **trigger** | **String** | The name of the command trigger. | [optional] **user** | **String** | The ID of the system user to run the command as. This field is required when creating a command with a commandType of \"mac\" or \"linux\". | [optional] - diff --git a/jcapiv1/docs/CommandResultsApi.md b/jcapiv1/docs/CommandResultsApi.md index d90d0a0..08379a9 100644 --- a/jcapiv1/docs/CommandResultsApi.md +++ b/jcapiv1/docs/CommandResultsApi.md @@ -8,13 +8,12 @@ Method | HTTP request | Description [**command_results_get**](CommandResultsApi.md#command_results_get) | **GET** /commandresults/{id} | List an individual Command result [**command_results_list**](CommandResultsApi.md#command_results_list) | **GET** /commandresults | List all Command Results - # **command_results_delete** -> Commandresult command_results_delete(id, content_type, accept, opts) +> Commandresult command_results_delete(id, opts) Delete a Command result -This endpoint deletes a specific command result. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` +This endpoint deletes a specific command result. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/commandresults/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` ### Example ```ruby @@ -29,20 +28,14 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::CommandResultsApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | } begin #Delete a Command result - result = api_instance.command_results_delete(id, content_type, accept, opts) + result = api_instance.command_results_delete(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling CommandResultsApi->command_results_delete: #{e}" @@ -54,9 +47,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type @@ -68,13 +59,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **command_results_get** -> Commandresult command_results_get(id, content_type, accept, opts) +> Commandresult command_results_get(id, opts) List an individual Command result @@ -93,22 +84,16 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::CommandResultsApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example' # String | } begin #List an individual Command result - result = api_instance.command_results_get(id, content_type, accept, opts) + result = api_instance.command_results_get(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling CommandResultsApi->command_results_get: #{e}" @@ -120,11 +105,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] + **x_org_id** | **String**| | [optional] ### Return type @@ -136,13 +119,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **command_results_list** -> Commandresultslist command_results_list(content_type, accept, opts) +> Commandresultslist command_results_list(opts) List all Command Results @@ -161,23 +144,18 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::CommandResultsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | skip: 0, # Integer | The offset into the records to return. - sort: "", # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + sort: 'sort_example' # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. } begin #List all Command Results - result = api_instance.command_results_list(content_type, accept, opts) + result = api_instance.command_results_list(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling CommandResultsApi->command_results_list: #{e}" @@ -188,14 +166,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] ### Return type @@ -207,7 +183,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv1/docs/CommandTriggersApi.md b/jcapiv1/docs/CommandTriggersApi.md index 81cfdf4..a2ec9b9 100644 --- a/jcapiv1/docs/CommandTriggersApi.md +++ b/jcapiv1/docs/CommandTriggersApi.md @@ -6,9 +6,8 @@ Method | HTTP request | Description ------------- | ------------- | ------------- [**command_trigger_webhook_post**](CommandTriggersApi.md#command_trigger_webhook_post) | **POST** /command/trigger/{triggername} | Launch a command via a Trigger - # **command_trigger_webhook_post** -> command_trigger_webhook_post(triggername, content_type, accept, opts) +> Triggerreturn command_trigger_webhook_post(triggername, opts) Launch a command via a Trigger @@ -27,20 +26,16 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::CommandTriggersApi.new - -triggername = "triggername_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +triggername = 'triggername_example' # String | opts = { - x_org_id: "" # String | + body: nil # Hash | + x_org_id: 'x_org_id_example' # String | } begin #Launch a command via a Trigger - api_instance.command_trigger_webhook_post(triggername, content_type, accept, opts) + result = api_instance.command_trigger_webhook_post(triggername, opts) + p result rescue JCAPIv1::ApiError => e puts "Exception when calling CommandTriggersApi->command_trigger_webhook_post: #{e}" end @@ -51,13 +46,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **triggername** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**Hash**](Hash.md)| | [optional] + **x_org_id** | **String**| | [optional] ### Return type -nil (empty response body) +[**Triggerreturn**](Triggerreturn.md) ### Authorization diff --git a/jcapiv1/docs/Commandfilereturn.md b/jcapiv1/docs/Commandfilereturn.md index 6b6caff..235d04e 100644 --- a/jcapiv1/docs/Commandfilereturn.md +++ b/jcapiv1/docs/Commandfilereturn.md @@ -3,7 +3,6 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**results** | [**CommandfilereturnResults**](CommandfilereturnResults.md) | | [optional] +**results** | [**Array<CommandfilereturnResults>**](CommandfilereturnResults.md) | | [optional] **total_count** | **Integer** | The total number of commands files | [optional] - diff --git a/jcapiv1/docs/CommandfilereturnResults.md b/jcapiv1/docs/CommandfilereturnResults.md index 9b5ce97..b535d6a 100644 --- a/jcapiv1/docs/CommandfilereturnResults.md +++ b/jcapiv1/docs/CommandfilereturnResults.md @@ -7,4 +7,3 @@ Name | Type | Description | Notes **destination** | **String** | The location where the file will be stored. | [optional] **name** | **String** | The file name. | [optional] - diff --git a/jcapiv1/docs/Commandresult.md b/jcapiv1/docs/Commandresult.md index d0cea1b..14a2147 100644 --- a/jcapiv1/docs/Commandresult.md +++ b/jcapiv1/docs/Commandresult.md @@ -8,9 +8,9 @@ Name | Type | Description | Notes **files** | **Array<String>** | An array of file ids that were included in the command | [optional] **name** | **String** | The name of the command. | [optional] **organization** | **String** | The ID of the organization. | [optional] -**request_time** | **String** | The time that the command was sent. | [optional] +**request_time** | **DateTime** | The time that the command was sent. | [optional] **response** | [**CommandresultResponse**](CommandresultResponse.md) | | [optional] -**response_time** | **String** | The time that the command was completed. | [optional] +**response_time** | **DateTime** | The time that the command was completed. | [optional] **sudo** | **BOOLEAN** | If the user had sudo rights | [optional] **system** | **String** | The name of the system the command was executed on. | [optional] **system_id** | **String** | The id of the system the command was executed on. | [optional] @@ -18,4 +18,3 @@ Name | Type | Description | Notes **workflow_id** | **String** | | [optional] **workflow_instance_id** | **String** | | [optional] - diff --git a/jcapiv1/docs/CommandresultResponse.md b/jcapiv1/docs/CommandresultResponse.md index 382aef1..5db9751 100644 --- a/jcapiv1/docs/CommandresultResponse.md +++ b/jcapiv1/docs/CommandresultResponse.md @@ -7,4 +7,3 @@ Name | Type | Description | Notes **error** | **String** | The stderr output from the command that ran. | [optional] **id** | **String** | ID of the response. | [optional] - diff --git a/jcapiv1/docs/CommandresultResponseData.md b/jcapiv1/docs/CommandresultResponseData.md index 0623fe1..96ff7bf 100644 --- a/jcapiv1/docs/CommandresultResponseData.md +++ b/jcapiv1/docs/CommandresultResponseData.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **exit_code** | **Integer** | The stderr output from the command that ran. | [optional] **output** | **String** | The output of the command that was executed. | [optional] - diff --git a/jcapiv1/docs/Commandresultslist.md b/jcapiv1/docs/Commandresultslist.md index 9639b0f..3f7a6f1 100644 --- a/jcapiv1/docs/Commandresultslist.md +++ b/jcapiv1/docs/Commandresultslist.md @@ -3,7 +3,6 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**results** | [**Array<Commandresult>**](Commandresult.md) | The list of command results | [optional] -**total_count** | **Integer** | The total number of command results | [optional] - +**results** | [**Array<CommandresultslistResults>**](CommandresultslistResults.md) | | [optional] +**total_count** | **Integer** | The total number of command results. | [optional] diff --git a/jcapiv1/docs/CommandresultslistResults.md b/jcapiv1/docs/CommandresultslistResults.md new file mode 100644 index 0000000..c798d1a --- /dev/null +++ b/jcapiv1/docs/CommandresultslistResults.md @@ -0,0 +1,17 @@ +# JCAPIv1::CommandresultslistResults + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**_id** | **String** | The ID of the command result. | [optional] +**command** | **String** | The command that was executed on the system. | [optional] +**exit_code** | **Integer** | The stderr output from the command that ran. | [optional] +**name** | **String** | The name of the command. | [optional] +**request_time** | **DateTime** | The time (UTC) that the command was sent. | [optional] +**response_time** | **DateTime** | The time (UTC) that the command was completed. | [optional] +**sudo** | **BOOLEAN** | If the user had sudo rights. | [optional] +**system** | **String** | The display name of the system the command was executed on. | [optional] +**system_id** | **String** | The id of the system the command was executed on. | [optional] +**user** | **String** | The user the command ran as. | [optional] +**workflow_id** | **String** | The id for the command that ran on the system. | [optional] + diff --git a/jcapiv1/docs/CommandsApi.md b/jcapiv1/docs/CommandsApi.md index 73a1a00..ea89a63 100644 --- a/jcapiv1/docs/CommandsApi.md +++ b/jcapiv1/docs/CommandsApi.md @@ -7,13 +7,14 @@ Method | HTTP request | Description [**command_file_get**](CommandsApi.md#command_file_get) | **GET** /files/command/{id} | Get a Command File [**commands_delete**](CommandsApi.md#commands_delete) | **DELETE** /commands/{id} | Delete a Command [**commands_get**](CommandsApi.md#commands_get) | **GET** /commands/{id} | List an individual Command +[**commands_get_results**](CommandsApi.md#commands_get_results) | **GET** /commands/{id}/results | Get results for a specific command [**commands_list**](CommandsApi.md#commands_list) | **GET** /commands | List All Commands [**commands_post**](CommandsApi.md#commands_post) | **POST** /commands | Create A Command [**commands_put**](CommandsApi.md#commands_put) | **PUT** /commands/{id} | Update a Command - +[**commands_run**](CommandsApi.md#commands_run) | **POST** /runCommand | Run a command # **command_file_get** -> Commandfilereturn command_file_get(id, content_type, accept, opts) +> Commandfilereturn command_file_get(id, opts) Get a Command File @@ -32,23 +33,17 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::CommandsApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | + skip: 0 # Integer | The offset into the records to return. } begin #Get a Command File - result = api_instance.command_file_get(id, content_type, accept, opts) + result = api_instance.command_file_get(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling CommandsApi->command_file_get: #{e}" @@ -60,12 +55,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] ### Return type @@ -77,13 +70,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **commands_delete** -> commands_delete(id, content_type, accept, opts) +> Command commands_delete(id, opts) Delete a Command @@ -102,20 +95,15 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::CommandsApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | } begin #Delete a Command - api_instance.commands_delete(id, content_type, accept, opts) + result = api_instance.commands_delete(id, opts) + p result rescue JCAPIv1::ApiError => e puts "Exception when calling CommandsApi->commands_delete: #{e}" end @@ -126,13 +114,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type -nil (empty response body) +[**Command**](Command.md) ### Authorization @@ -140,13 +126,13 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **commands_get** -> Command commands_get(id, content_type, accept, opts) +> Command commands_get(id, opts) List an individual Command @@ -165,25 +151,76 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::CommandsApi.new +id = 'id_example' # String | +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + x_org_id: 'x_org_id_example' # String | +} + +begin + #List an individual Command + result = api_instance.commands_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandsApi->commands_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **x_org_id** | **String**| | [optional] + +### Return type + +[**Command**](Command.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + -id = "id_example" # String | -content_type = "application/json" # String | +# **commands_get_results** +> Array<Commandresult> commands_get_results(id, opts) -accept = "application/json" # String | +Get results for a specific command +This endpoint returns results for a specific command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/{id}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandsApi.new +id = 'id_example' # String | opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. } begin - #List an individual Command - result = api_instance.commands_get(id, content_type, accept, opts) + #Get results for a specific command + result = api_instance.commands_get_results(id, opts) p result rescue JCAPIv1::ApiError => e - puts "Exception when calling CommandsApi->commands_get: #{e}" + puts "Exception when calling CommandsApi->commands_get_results: #{e}" end ``` @@ -192,15 +229,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] ### Return type -[**Command**](Command.md) +[**Array<Commandresult>**](Commandresult.md) ### Authorization @@ -208,13 +242,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **commands_list** -> Commandslist commands_list(content_type, accept, opts) +> Commandslist commands_list(opts) List All Commands @@ -233,23 +267,18 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::CommandsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - skip: 0, # Integer | The offset into the records to return. - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. limit: 10, # Integer | The number of records to return at once. Limited to 100. - sort: "", # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | + skip: 0, # Integer | The offset into the records to return. + sort: 'sort_example' # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. } begin #List All Commands - result = api_instance.commands_list(content_type, accept, opts) + result = api_instance.commands_list(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling CommandsApi->commands_list: #{e}" @@ -260,14 +289,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] ### Return type @@ -279,17 +306,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **commands_post** -> Command commands_post(content_type, accept, opts) +> Command commands_post(opts) Create A Command -This endpoint allows you to create a new command. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\" }' ``` +This endpoint allows you to create a new command. NOTE: the system property in the command is not used. Use a POST to /api/v2/commands/{id}/associations to bind a command to a system. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' -H 'x-api-key: {API_KEY}' -d '{\"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\"}' ``` ### Example ```ruby @@ -304,19 +331,14 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::CommandsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - body: JCAPIv1::Command.new, # Command | - x_org_id: "" # String | + body: JCAPIv1::Command.new # Command | + x_org_id: 'x_org_id_example' # String | } begin #Create A Command - result = api_instance.commands_post(content_type, accept, opts) + result = api_instance.commands_post(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling CommandsApi->commands_post: #{e}" @@ -327,10 +349,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Command**](Command.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type @@ -348,7 +368,7 @@ Name | Type | Description | Notes # **commands_put** -> Command commands_put(id, content_type, accept, opts) +> Command commands_put(id, opts) Update a Command @@ -367,21 +387,15 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::CommandsApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - body: JCAPIv1::Command.new, # Command | - x_org_id: "" # String | + body: JCAPIv1::Command.new # Command | + x_org_id: 'x_org_id_example' # String | } begin #Update a Command - result = api_instance.commands_put(id, content_type, accept, opts) + result = api_instance.commands_put(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling CommandsApi->commands_put: #{e}" @@ -393,10 +407,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Command**](Command.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type @@ -413,3 +425,57 @@ Name | Type | Description | Notes +# **commands_run** +> InlineResponse200 commands_run(opts) + +Run a command + +This endpoint allows you to run a command. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/runCommand \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' -d '{\"_id\":\"{commandID}\", \"systemIds\":[\"systemId\"]}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::CommandsApi.new +opts = { + body: JCAPIv1::RunCommandBody.new # RunCommandBody | +} + +begin + #Run a command + result = api_instance.commands_run(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling CommandsApi->commands_run: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**RunCommandBody**](RunCommandBody.md)| | [optional] + +### Return type + +[**InlineResponse200**](InlineResponse200.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + diff --git a/jcapiv1/docs/Commandslist.md b/jcapiv1/docs/Commandslist.md index a39da14..0b988ae 100644 --- a/jcapiv1/docs/Commandslist.md +++ b/jcapiv1/docs/Commandslist.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **results** | [**Array<CommandslistResults>**](CommandslistResults.md) | | [optional] **total_count** | **Integer** | The total number of commands | [optional] - diff --git a/jcapiv1/docs/CommandslistResults.md b/jcapiv1/docs/CommandslistResults.md index 37469a8..c2959db 100644 --- a/jcapiv1/docs/CommandslistResults.md +++ b/jcapiv1/docs/CommandslistResults.md @@ -14,4 +14,3 @@ Name | Type | Description | Notes **schedule_repeat_type** | **String** | When the command will repeat. | [optional] **trigger** | **String** | Trigger to execute command. | [optional] - diff --git a/jcapiv1/docs/Error.md b/jcapiv1/docs/Error.md new file mode 100644 index 0000000..22e9b85 --- /dev/null +++ b/jcapiv1/docs/Error.md @@ -0,0 +1,9 @@ +# JCAPIv1::Error + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**code** | **Integer** | HTTP status code | [optional] +**message** | **String** | Error message | [optional] +**status** | **String** | HTTP status description | [optional] + diff --git a/jcapiv1/docs/ErrorDetails.md b/jcapiv1/docs/ErrorDetails.md new file mode 100644 index 0000000..f342ae4 --- /dev/null +++ b/jcapiv1/docs/ErrorDetails.md @@ -0,0 +1,10 @@ +# JCAPIv1::ErrorDetails + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**code** | **Integer** | HTTP status code | [optional] +**message** | **String** | Error message | [optional] +**status** | **String** | HTTP status description | [optional] +**details** | **Array<Hash>** | Describes a list of objects with more detailed information of the given error. Each detail schema is according to one of the messages defined in Google's API: https://github.com/googleapis/googleapis/blob/master/google/rpc/error_details.proto\" | [optional] + diff --git a/jcapiv1/docs/Fde.md b/jcapiv1/docs/Fde.md index 02c85cc..219a806 100644 --- a/jcapiv1/docs/Fde.md +++ b/jcapiv1/docs/Fde.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **active** | **BOOLEAN** | | [optional] **key_present** | **BOOLEAN** | | [optional] - diff --git a/jcapiv2/docs/Mfa.md b/jcapiv1/docs/IdResetmfaBody.md similarity index 68% rename from jcapiv2/docs/Mfa.md rename to jcapiv1/docs/IdResetmfaBody.md index d2848c4..627a910 100644 --- a/jcapiv2/docs/Mfa.md +++ b/jcapiv1/docs/IdResetmfaBody.md @@ -1,10 +1,9 @@ -# JCAPIv2::Mfa +# JCAPIv1::IdResetmfaBody ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**configured** | **BOOLEAN** | | [optional] **exclusion** | **BOOLEAN** | | [optional] +**exclusion_days** | [**BigDecimal**](BigDecimal.md) | | [optional] **exclusion_until** | **DateTime** | | [optional] - diff --git a/jcapiv1/docs/InlineResponse200.md b/jcapiv1/docs/InlineResponse200.md new file mode 100644 index 0000000..81f8022 --- /dev/null +++ b/jcapiv1/docs/InlineResponse200.md @@ -0,0 +1,8 @@ +# JCAPIv1::InlineResponse200 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**queue_ids** | **Array<String>** | | [optional] +**workflow_instance_id** | **String** | | [optional] + diff --git a/jcapiv1/docs/InlineResponse412.md b/jcapiv1/docs/InlineResponse412.md new file mode 100644 index 0000000..a4ffdb3 --- /dev/null +++ b/jcapiv1/docs/InlineResponse412.md @@ -0,0 +1,7 @@ +# JCAPIv1::InlineResponse412 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**error** | **String** | mesasge containing what error occured | [optional] + diff --git a/jcapiv1/docs/ManagedServiceProviderApi.md b/jcapiv1/docs/ManagedServiceProviderApi.md new file mode 100644 index 0000000..59513ca --- /dev/null +++ b/jcapiv1/docs/ManagedServiceProviderApi.md @@ -0,0 +1,239 @@ +# JCAPIv1::ManagedServiceProviderApi + +All URIs are relative to *https://console.jumpcloud.com/api* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**admin_totpreset_begin**](ManagedServiceProviderApi.md#admin_totpreset_begin) | **POST** /users/resettotp/{id} | Administrator TOTP Reset Initiation +[**organization_list**](ManagedServiceProviderApi.md#organization_list) | **GET** /organizations | Get Organization Details +[**users_put**](ManagedServiceProviderApi.md#users_put) | **PUT** /users/{id} | Update a user +[**users_reactivate_get**](ManagedServiceProviderApi.md#users_reactivate_get) | **GET** /users/reactivate/{id} | Administrator Password Reset Initiation + +# **admin_totpreset_begin** +> admin_totpreset_begin(id) + +Administrator TOTP Reset Initiation + +This endpoint initiates a TOTP reset for an admin. This request does not accept a body. + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ManagedServiceProviderApi.new +id = 'id_example' # String | + + +begin + #Administrator TOTP Reset Initiation + api_instance.admin_totpreset_begin(id) +rescue JCAPIv1::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->admin_totpreset_begin: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **organization_list** +> Organizationslist organization_list(opts) + +Get Organization Details + +This endpoint returns Organization Details. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ManagedServiceProviderApi.new +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + search: 'search_example', # String | A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. + skip: 0, # Integer | The offset into the records to return. + sort: 'sort_example', # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + sort_ignore_case: 'sort_ignore_case_example' # String | Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. +} + +begin + #Get Organization Details + result = api_instance.organization_list(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->organization_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **search** | **String**| A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] + **sort_ignore_case** | **String**| Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. | [optional] + +### Return type + +[**Organizationslist**](Organizationslist.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **users_put** +> Userreturn users_put(id, opts) + +Update a user + +This endpoint allows you to update a user. + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ManagedServiceProviderApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::Userput.new # Userput | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Update a user + result = api_instance.users_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->users_put: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**Userput**](Userput.md)| | [optional] + **x_org_id** | **String**| | [optional] + +### Return type + +[**Userreturn**](Userreturn.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **users_reactivate_get** +> users_reactivate_get(id) + +Administrator Password Reset Initiation + +This endpoint triggers the sending of a reactivation e-mail to an administrator. + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::ManagedServiceProviderApi.new +id = 'id_example' # String | + + +begin + #Administrator Password Reset Initiation + api_instance.users_reactivate_get(id) +rescue JCAPIv1::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->users_reactivate_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv1/docs/Mfa.md b/jcapiv1/docs/Mfa.md index 7ceaa02..71ba82c 100644 --- a/jcapiv1/docs/Mfa.md +++ b/jcapiv1/docs/Mfa.md @@ -5,6 +5,6 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **configured** | **BOOLEAN** | | [optional] **exclusion** | **BOOLEAN** | | [optional] +**exclusion_days** | **Integer** | | [optional] **exclusion_until** | **DateTime** | | [optional] - diff --git a/jcapiv1/docs/MfaEnrollment.md b/jcapiv1/docs/MfaEnrollment.md new file mode 100644 index 0000000..5177c88 --- /dev/null +++ b/jcapiv1/docs/MfaEnrollment.md @@ -0,0 +1,10 @@ +# JCAPIv1::MfaEnrollment + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**overall_status** | [**MfaEnrollmentStatus**](MfaEnrollmentStatus.md) | | [optional] +**push_status** | [**MfaEnrollmentStatus**](MfaEnrollmentStatus.md) | | [optional] +**totp_status** | [**MfaEnrollmentStatus**](MfaEnrollmentStatus.md) | | [optional] +**web_authn_status** | [**MfaEnrollmentStatus**](MfaEnrollmentStatus.md) | | [optional] + diff --git a/jcapiv2/docs/ActiveDirectoryAgentInput.md b/jcapiv1/docs/MfaEnrollmentStatus.md similarity index 74% rename from jcapiv2/docs/ActiveDirectoryAgentInput.md rename to jcapiv1/docs/MfaEnrollmentStatus.md index 5131716..abedec0 100644 --- a/jcapiv2/docs/ActiveDirectoryAgentInput.md +++ b/jcapiv1/docs/MfaEnrollmentStatus.md @@ -1,7 +1,6 @@ -# JCAPIv2::ActiveDirectoryAgentInput +# JCAPIv1::MfaEnrollmentStatus ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- - diff --git a/jcapiv1/docs/Organization.md b/jcapiv1/docs/Organization.md new file mode 100644 index 0000000..baced52 --- /dev/null +++ b/jcapiv1/docs/Organization.md @@ -0,0 +1,19 @@ +# JCAPIv1::Organization + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**_id** | **String** | | [optional] +**accounts_receivable** | **String** | | [optional] +**created** | **String** | | [optional] +**display_name** | **String** | | [optional] +**entitlement** | [**Organizationentitlement**](Organizationentitlement.md) | | [optional] +**has_credit_card** | **BOOLEAN** | | [optional] +**has_stripe_customer_id** | **BOOLEAN** | | [optional] +**last_estimate_calculation_time_stamp** | **String** | | [optional] +**last_sfdc_sync_status** | **Object** | | [optional] +**logo_url** | **String** | | [optional] +**provider** | **String** | | [optional] +**settings** | [**Organizationsettings**](Organizationsettings.md) | | [optional] +**total_billing_estimate** | **Integer** | | [optional] + diff --git a/jcapiv1/docs/Organizationentitlement.md b/jcapiv1/docs/Organizationentitlement.md new file mode 100644 index 0000000..9f54c60 --- /dev/null +++ b/jcapiv1/docs/Organizationentitlement.md @@ -0,0 +1,10 @@ +# JCAPIv1::Organizationentitlement + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**billing_model** | **String** | | [optional] +**entitlement_products** | [**Array<OrganizationentitlementEntitlementProducts>**](OrganizationentitlementEntitlementProducts.md) | | [optional] +**is_manually_billed** | **BOOLEAN** | | [optional] +**price_per_user_sum** | **Integer** | | [optional] + diff --git a/jcapiv1/docs/OrganizationentitlementEntitlementProducts.md b/jcapiv1/docs/OrganizationentitlementEntitlementProducts.md new file mode 100644 index 0000000..906c712 --- /dev/null +++ b/jcapiv1/docs/OrganizationentitlementEntitlementProducts.md @@ -0,0 +1,14 @@ +# JCAPIv1::OrganizationentitlementEntitlementProducts + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**committed_users** | **Integer** | | [optional] +**contract_type** | **String** | | [optional] +**max_user_count** | **Integer** | | [optional] +**name** | **String** | | [optional] +**price_per_user** | **Integer** | | [optional] +**product_category** | **String** | | [optional] +**product_code** | **String** | | [optional] +**uncommitted_users** | **Integer** | | [optional] + diff --git a/jcapiv1/docs/OrganizationsApi.md b/jcapiv1/docs/OrganizationsApi.md index d0a9bc7..cdbad8e 100644 --- a/jcapiv1/docs/OrganizationsApi.md +++ b/jcapiv1/docs/OrganizationsApi.md @@ -5,10 +5,11 @@ All URIs are relative to *https://console.jumpcloud.com/api* Method | HTTP request | Description ------------- | ------------- | ------------- [**organization_list**](OrganizationsApi.md#organization_list) | **GET** /organizations | Get Organization Details - +[**organization_put**](OrganizationsApi.md#organization_put) | **PUT** /organizations/{id} | Update an Organization +[**organizations_get**](OrganizationsApi.md#organizations_get) | **GET** /organizations/{id} | Get an Organization # **organization_list** -> Organizationslist organization_list(content_type, accept, opts) +> Organizationslist organization_list(opts) Get Organization Details @@ -27,23 +28,19 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::OrganizationsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - filter: "filter_example" # String | A filter to apply to the query. + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. limit: 10, # Integer | The number of records to return at once. Limited to 100. + search: 'search_example', # String | A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. skip: 0, # Integer | The offset into the records to return. - sort: "", # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - search: "search_example", # String | A nested object containing a string `searchTerm` and a list of `fields` to search on. + sort: 'sort_example', # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + sort_ignore_case: 'sort_ignore_case_example' # String | Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. } begin #Get Organization Details - result = api_instance.organization_list(content_type, accept, opts) + result = api_instance.organization_list(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling OrganizationsApi->organization_list: #{e}" @@ -54,14 +51,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **search** | **String**| A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] [default to ] - **search** | **String**| A nested object containing a string `searchTerm` and a list of `fields` to search on. | [optional] + **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] + **sort_ignore_case** | **String**| Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. | [optional] ### Return type @@ -71,6 +67,62 @@ Name | Type | Description | Notes [x-api-key](../README.md#x-api-key) +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **organization_put** +> Organization organization_put(id, opts) + +Update an Organization + +This endpoint allows you to update an Organization. Note: `passwordPolicy` settings are only used when `passwordCompliance` is set to \"custom\". We discourage the use of non-custom passwordCompliance values. `emailDisclaimer` can only be modified by paying customers. `hasStripeCustomerId` is deprecated and will be removed. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/organizations/{OrganizationID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"settings\": { \"contactName\": \"Admin Name\", \"contactEmail\": \"admin@company.com\", \"systemUsersCanEdit\":true, \"passwordPolicy\": { \"enableMaxHistory\": true, \"maxHistory\": 3 } } }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::OrganizationsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::OrganizationsIdBody.new # OrganizationsIdBody | +} + +begin + #Update an Organization + result = api_instance.organization_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling OrganizationsApi->organization_put: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**OrganizationsIdBody**](OrganizationsIdBody.md)| | [optional] + +### Return type + +[**Organization**](Organization.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + ### HTTP request headers - **Content-Type**: application/json @@ -78,3 +130,61 @@ Name | Type | Description | Notes +# **organizations_get** +> Organization organizations_get(id, opts) + +Get an Organization + +This endpoint returns a particular Organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/organizations/{OrganizationID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::OrganizationsApi.new +id = 'id_example' # String | +opts = { + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example' # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. +} + +begin + #Get an Organization + result = api_instance.organizations_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling OrganizationsApi->organizations_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] + +### Return type + +[**Organization**](Organization.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv1/docs/OrganizationsIdBody.md b/jcapiv1/docs/OrganizationsIdBody.md new file mode 100644 index 0000000..2d10142 --- /dev/null +++ b/jcapiv1/docs/OrganizationsIdBody.md @@ -0,0 +1,7 @@ +# JCAPIv1::OrganizationsIdBody + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**settings** | [**Organizationsettingsput**](Organizationsettingsput.md) | | [optional] + diff --git a/jcapiv1/docs/Organizationsettings.md b/jcapiv1/docs/Organizationsettings.md new file mode 100644 index 0000000..9c65591 --- /dev/null +++ b/jcapiv1/docs/Organizationsettings.md @@ -0,0 +1,36 @@ +# JCAPIv1::Organizationsettings + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**agent_version** | **String** | | [optional] +**beta_features** | **Object** | | [optional] +**contact_email** | **String** | | [optional] +**contact_name** | **String** | | [optional] +**device_identification_enabled** | **BOOLEAN** | | [optional] +**disable_command_runner** | **BOOLEAN** | | [optional] +**disable_google_login** | **BOOLEAN** | | [optional] +**disable_ldap** | **BOOLEAN** | | [optional] +**disable_um** | **BOOLEAN** | | [optional] +**duplicate_ldap_groups** | **BOOLEAN** | | [optional] +**email_disclaimer** | **String** | | [optional] +**enable_google_apps** | **BOOLEAN** | | [optional] +**enable_managed_uid** | **BOOLEAN** | | [optional] +**enable_o365** | **BOOLEAN** | | [optional] +**enable_user_portal_agent_install** | **BOOLEAN** | | [optional] +**features** | [**OrganizationsettingsFeatures**](OrganizationsettingsFeatures.md) | | [optional] +**growth_data** | **Object** | Object containing Optimizely experimentIds and states corresponding to them | [optional] +**logo** | **String** | | [optional] +**max_system_users** | **Integer** | | [optional] +**name** | **String** | | [optional] +**new_system_user_state_defaults** | [**OrganizationsettingsNewSystemUserStateDefaults**](OrganizationsettingsNewSystemUserStateDefaults.md) | | [optional] +**password_compliance** | **String** | | [optional] +**password_policy** | [**OrganizationsettingsPasswordPolicy**](OrganizationsettingsPasswordPolicy.md) | | [optional] +**pending_delete** | **BOOLEAN** | | [optional] +**show_intro** | **BOOLEAN** | | [optional] +**system_user_password_expiration_in_days** | **Integer** | | [optional] +**system_users_can_edit** | **BOOLEAN** | | [optional] +**trusted_app_config** | [**TrustedappConfigGet**](TrustedappConfigGet.md) | | [optional] +**user_portal** | [**OrganizationsettingsUserPortal**](OrganizationsettingsUserPortal.md) | | [optional] +**windows_mdm** | [**OrganizationsettingsWindowsMDM**](OrganizationsettingsWindowsMDM.md) | | [optional] + diff --git a/jcapiv1/docs/OrganizationsettingsFeatures.md b/jcapiv1/docs/OrganizationsettingsFeatures.md new file mode 100644 index 0000000..c1cf722 --- /dev/null +++ b/jcapiv1/docs/OrganizationsettingsFeatures.md @@ -0,0 +1,9 @@ +# JCAPIv1::OrganizationsettingsFeatures + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**directory_insights** | [**OrganizationsettingsFeaturesDirectoryInsights**](OrganizationsettingsFeaturesDirectoryInsights.md) | | [optional] +**directory_insights_premium** | [**OrganizationsettingsFeaturesDirectoryInsightsPremium**](OrganizationsettingsFeaturesDirectoryInsightsPremium.md) | | [optional] +**system_insights** | [**OrganizationsettingsFeaturesSystemInsights**](OrganizationsettingsFeaturesSystemInsights.md) | | [optional] + diff --git a/jcapiv2/docs/SystemGraphManagementReqAttributesSudo.md b/jcapiv1/docs/OrganizationsettingsFeaturesDirectoryInsights.md similarity index 59% rename from jcapiv2/docs/SystemGraphManagementReqAttributesSudo.md rename to jcapiv1/docs/OrganizationsettingsFeaturesDirectoryInsights.md index 0e2acbb..0c97b5f 100644 --- a/jcapiv2/docs/SystemGraphManagementReqAttributesSudo.md +++ b/jcapiv1/docs/OrganizationsettingsFeaturesDirectoryInsights.md @@ -1,9 +1,7 @@ -# JCAPIv2::SystemGraphManagementReqAttributesSudo +# JCAPIv1::OrganizationsettingsFeaturesDirectoryInsights ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **enabled** | **BOOLEAN** | | [optional] -**without_password** | **BOOLEAN** | | [optional] - diff --git a/jcapiv1/docs/OrganizationsettingsFeaturesDirectoryInsightsPremium.md b/jcapiv1/docs/OrganizationsettingsFeaturesDirectoryInsightsPremium.md new file mode 100644 index 0000000..a97123a --- /dev/null +++ b/jcapiv1/docs/OrganizationsettingsFeaturesDirectoryInsightsPremium.md @@ -0,0 +1,9 @@ +# JCAPIv1::OrganizationsettingsFeaturesDirectoryInsightsPremium + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**created_at** | **String** | | [optional] +**enabled** | **BOOLEAN** | | [optional] +**updated_at** | **String** | | [optional] + diff --git a/jcapiv1/docs/OrganizationsettingsFeaturesSystemInsights.md b/jcapiv1/docs/OrganizationsettingsFeaturesSystemInsights.md new file mode 100644 index 0000000..44c7f7d --- /dev/null +++ b/jcapiv1/docs/OrganizationsettingsFeaturesSystemInsights.md @@ -0,0 +1,12 @@ +# JCAPIv1::OrganizationsettingsFeaturesSystemInsights + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**created_at** | **String** | | [optional] +**enable_new_darwin** | **BOOLEAN** | | [optional] +**enable_new_linux** | **BOOLEAN** | | [optional] +**enable_new_windows** | **BOOLEAN** | | [optional] +**enabled** | **BOOLEAN** | | [optional] +**updated_at** | **String** | | [optional] + diff --git a/jcapiv1/docs/OrganizationsettingsNewSystemUserStateDefaults.md b/jcapiv1/docs/OrganizationsettingsNewSystemUserStateDefaults.md new file mode 100644 index 0000000..beb546c --- /dev/null +++ b/jcapiv1/docs/OrganizationsettingsNewSystemUserStateDefaults.md @@ -0,0 +1,9 @@ +# JCAPIv1::OrganizationsettingsNewSystemUserStateDefaults + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**application_import** | **String** | The default user state for a user created using the [Bulk Users Create](https://docs.jumpcloud.com/api/2.0/index.html#operation/bulk_usersCreate) endpoint. See endpoint documentation for more details. | [optional] +**csv_import** | **String** | The default user state for a user created using the [Bulk Users Create](https://docs.jumpcloud.com/api/2.0/index.html#operation/bulk_usersCreate) endpoint. See endpoint documentation for more details. | [optional] +**manual_entry** | **String** | The default state for a user that is created using the [Create a system user](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_post) endpoint. See endpoint documentation for more details. | [optional] + diff --git a/jcapiv1/docs/OrganizationsettingsPasswordPolicy.md b/jcapiv1/docs/OrganizationsettingsPasswordPolicy.md new file mode 100644 index 0000000..7001327 --- /dev/null +++ b/jcapiv1/docs/OrganizationsettingsPasswordPolicy.md @@ -0,0 +1,32 @@ +# JCAPIv1::OrganizationsettingsPasswordPolicy + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**allow_username_substring** | **BOOLEAN** | | [optional] +**days_after_expiration_to_self_recover** | **Integer** | Deprecated field used for the legacy grace period feature. | [optional] +**days_before_expiration_to_force_reset** | **Integer** | | [optional] +**effective_date** | **String** | | [optional] +**enable_days_after_expiration_to_self_recover** | **BOOLEAN** | | [optional] +**enable_days_before_expiration_to_force_reset** | **BOOLEAN** | | [optional] +**enable_lockout_time_in_seconds** | **BOOLEAN** | | [optional] +**enable_max_history** | **BOOLEAN** | | [optional] +**enable_max_login_attempts** | **BOOLEAN** | | [optional] +**enable_min_change_period_in_days** | **BOOLEAN** | | [optional] +**enable_min_length** | **BOOLEAN** | | [optional] +**enable_password_expiration_in_days** | **BOOLEAN** | | [optional] +**enable_recovery_email** | **BOOLEAN** | | [optional] +**enable_reset_lockout_counter** | **BOOLEAN** | | [optional] +**grace_period_date** | **String** | | [optional] +**lockout_time_in_seconds** | **Integer** | | [optional] +**max_history** | **Integer** | | [optional] +**max_login_attempts** | **Integer** | | [optional] +**min_change_period_in_days** | **Integer** | | [optional] +**min_length** | **Integer** | | [optional] +**needs_lowercase** | **BOOLEAN** | | [optional] +**needs_numeric** | **BOOLEAN** | | [optional] +**needs_symbolic** | **BOOLEAN** | | [optional] +**needs_uppercase** | **BOOLEAN** | | [optional] +**password_expiration_in_days** | **Integer** | | [optional] +**reset_lockout_counter_minutes** | **Integer** | | [optional] + diff --git a/jcapiv1/docs/OrganizationsettingsUserPortal.md b/jcapiv1/docs/OrganizationsettingsUserPortal.md new file mode 100644 index 0000000..6af1f8e --- /dev/null +++ b/jcapiv1/docs/OrganizationsettingsUserPortal.md @@ -0,0 +1,7 @@ +# JCAPIv1::OrganizationsettingsUserPortal + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**idle_session_duration_minutes** | **Integer** | | [optional] + diff --git a/jcapiv1/docs/OrganizationsettingsWindowsMDM.md b/jcapiv1/docs/OrganizationsettingsWindowsMDM.md new file mode 100644 index 0000000..8fb84ab --- /dev/null +++ b/jcapiv1/docs/OrganizationsettingsWindowsMDM.md @@ -0,0 +1,8 @@ +# JCAPIv1::OrganizationsettingsWindowsMDM + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**auto_enroll** | **BOOLEAN** | Indicates if MDM Auto Enroll is active. | [optional] +**enabled** | **BOOLEAN** | Indicates if the Windows MDM is active. | [optional] + diff --git a/jcapiv1/docs/Organizationsettingsput.md b/jcapiv1/docs/Organizationsettingsput.md new file mode 100644 index 0000000..2286258 --- /dev/null +++ b/jcapiv1/docs/Organizationsettingsput.md @@ -0,0 +1,28 @@ +# JCAPIv1::Organizationsettingsput + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**contact_email** | **String** | | [optional] +**contact_name** | **String** | | [optional] +**device_identification_enabled** | **BOOLEAN** | | [optional] +**disable_google_login** | **BOOLEAN** | | [optional] +**disable_ldap** | **BOOLEAN** | | [optional] +**disable_um** | **BOOLEAN** | | [optional] +**duplicate_ldap_groups** | **BOOLEAN** | | [optional] +**email_disclaimer** | **String** | | [optional] +**enable_managed_uid** | **BOOLEAN** | | [optional] +**features** | [**OrganizationsettingsFeatures**](OrganizationsettingsFeatures.md) | | [optional] +**growth_data** | **Object** | Object containing Optimizely experimentIds and states corresponding to them | [optional] +**logo** | **String** | | [optional] +**max_system_users** | **Integer** | | [optional] +**name** | **String** | | [optional] +**new_system_user_state_defaults** | [**OrganizationsettingsputNewSystemUserStateDefaults**](OrganizationsettingsputNewSystemUserStateDefaults.md) | | [optional] +**password_compliance** | **String** | | [optional] +**password_policy** | [**OrganizationsettingsputPasswordPolicy**](OrganizationsettingsputPasswordPolicy.md) | | [optional] +**show_intro** | **BOOLEAN** | | [optional] +**system_user_password_expiration_in_days** | **Integer** | | [optional] +**system_users_can_edit** | **BOOLEAN** | | [optional] +**trusted_app_config** | [**TrustedappConfigPut**](TrustedappConfigPut.md) | | [optional] +**user_portal** | [**OrganizationsettingsUserPortal**](OrganizationsettingsUserPortal.md) | | [optional] + diff --git a/jcapiv1/docs/OrganizationsettingsputNewSystemUserStateDefaults.md b/jcapiv1/docs/OrganizationsettingsputNewSystemUserStateDefaults.md new file mode 100644 index 0000000..9388763 --- /dev/null +++ b/jcapiv1/docs/OrganizationsettingsputNewSystemUserStateDefaults.md @@ -0,0 +1,9 @@ +# JCAPIv1::OrganizationsettingsputNewSystemUserStateDefaults + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**application_import** | **String** | | [optional] +**csv_import** | **String** | | [optional] +**manual_entry** | **String** | | [optional] + diff --git a/jcapiv1/docs/OrganizationsettingsputPasswordPolicy.md b/jcapiv1/docs/OrganizationsettingsputPasswordPolicy.md new file mode 100644 index 0000000..dfd1db1 --- /dev/null +++ b/jcapiv1/docs/OrganizationsettingsputPasswordPolicy.md @@ -0,0 +1,29 @@ +# JCAPIv1::OrganizationsettingsputPasswordPolicy + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**allow_username_substring** | **BOOLEAN** | | [optional] +**days_after_expiration_to_self_recover** | **Integer** | Deprecated field used for the legacy grace period feature. | [optional] +**days_before_expiration_to_force_reset** | **Integer** | | [optional] +**effective_date** | **String** | | [optional] +**enable_days_after_expiration_to_self_recover** | **BOOLEAN** | | [optional] +**enable_days_before_expiration_to_force_reset** | **BOOLEAN** | | [optional] +**enable_lockout_time_in_seconds** | **BOOLEAN** | | [optional] +**enable_max_history** | **BOOLEAN** | | [optional] +**enable_max_login_attempts** | **BOOLEAN** | | [optional] +**enable_min_change_period_in_days** | **BOOLEAN** | | [optional] +**enable_min_length** | **BOOLEAN** | | [optional] +**enable_password_expiration_in_days** | **BOOLEAN** | | [optional] +**grace_period_date** | **String** | | [optional] +**lockout_time_in_seconds** | **Integer** | | [optional] +**max_history** | **Integer** | | [optional] +**max_login_attempts** | **Integer** | | [optional] +**min_change_period_in_days** | **Integer** | | [optional] +**min_length** | **Integer** | | [optional] +**needs_lowercase** | **BOOLEAN** | | [optional] +**needs_numeric** | **BOOLEAN** | | [optional] +**needs_symbolic** | **BOOLEAN** | | [optional] +**needs_uppercase** | **BOOLEAN** | | [optional] +**password_expiration_in_days** | **Integer** | | [optional] + diff --git a/jcapiv1/docs/Organizationslist.md b/jcapiv1/docs/Organizationslist.md index 9238f9d..3e81d71 100644 --- a/jcapiv1/docs/Organizationslist.md +++ b/jcapiv1/docs/Organizationslist.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **results** | [**Array<OrganizationslistResults>**](OrganizationslistResults.md) | The list of organizations. | [optional] **total_count** | **Integer** | The total number of organizations. | [optional] - diff --git a/jcapiv1/docs/OrganizationslistResults.md b/jcapiv1/docs/OrganizationslistResults.md index 82aad65..99ed4f2 100644 --- a/jcapiv1/docs/OrganizationslistResults.md +++ b/jcapiv1/docs/OrganizationslistResults.md @@ -7,4 +7,3 @@ Name | Type | Description | Notes **display_name** | **String** | The name of the organization. | [optional] **logo_url** | **String** | The organization logo image URL. | [optional] - diff --git a/jcapiv1/docs/RadiusServersApi.md b/jcapiv1/docs/RadiusServersApi.md index d43785c..9e9bcec 100644 --- a/jcapiv1/docs/RadiusServersApi.md +++ b/jcapiv1/docs/RadiusServersApi.md @@ -4,17 +4,74 @@ All URIs are relative to *https://console.jumpcloud.com/api* Method | HTTP request | Description ------------- | ------------- | ------------- +[**radius_servers_delete**](RadiusServersApi.md#radius_servers_delete) | **DELETE** /radiusservers/{id} | Delete Radius Server +[**radius_servers_get**](RadiusServersApi.md#radius_servers_get) | **GET** /radiusservers/{id} | Get Radius Server [**radius_servers_list**](RadiusServersApi.md#radius_servers_list) | **GET** /radiusservers | List Radius Servers [**radius_servers_post**](RadiusServersApi.md#radius_servers_post) | **POST** /radiusservers | Create a Radius Server [**radius_servers_put**](RadiusServersApi.md#radius_servers_put) | **PUT** /radiusservers/{id} | Update Radius Servers +# **radius_servers_delete** +> Radiusserverput radius_servers_delete(id, opts) -# **radius_servers_list** -> Radiusserverslist radius_servers_list(content_type, accept, opts) +Delete Radius Server -List Radius Servers +This endpoint allows you to delete RADIUS servers in your organization. ``` curl -X DELETE https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` -This endpoint allows you to get a list of all RADIUS servers in your organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::RadiusServersApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Delete Radius Server + result = api_instance.radius_servers_delete(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling RadiusServersApi->radius_servers_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **x_org_id** | **String**| | [optional] + +### Return type + +[**Radiusserverput**](Radiusserverput.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **radius_servers_get** +> Radiusserver radius_servers_get(id, opts) + +Get Radius Server + +This endpoint allows you to get a RADIUS server in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` ### Example ```ruby @@ -29,23 +86,74 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::RadiusServersApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Get Radius Server + result = api_instance.radius_servers_get(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling RadiusServersApi->radius_servers_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **x_org_id** | **String**| | [optional] + +### Return type + +[**Radiusserver**](Radiusserver.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + -content_type = "application/json" # String | +# **radius_servers_list** +> Radiusserverslist radius_servers_list(opts) + +List Radius Servers -accept = "application/json" # String | +This endpoint allows you to get a list of all RADIUS servers in your organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::RadiusServersApi.new opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - filter: "filter_example" # String | A filter to apply to the query. + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: "", # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - x_org_id: "" # String | + sort: 'sort_example', # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | } begin #List Radius Servers - result = api_instance.radius_servers_list(content_type, accept, opts) + result = api_instance.radius_servers_list(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling RadiusServersApi->radius_servers_list: #{e}" @@ -56,14 +164,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] [default to ] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] + **x_org_id** | **String**| | [optional] ### Return type @@ -75,13 +181,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **radius_servers_post** -> Radiusserver radius_servers_post(content_type, accept, opts) +> Radiusserver radius_servers_post(opts) Create a Radius Server @@ -100,19 +206,14 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::RadiusServersApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - body: JCAPIv1::Radiusserverpost.new, # Radiusserverpost | - x_org_id: "" # String | + body: JCAPIv1::Radiusserverpost.new # Radiusserverpost | + x_org_id: 'x_org_id_example' # String | } begin #Create a Radius Server - result = api_instance.radius_servers_post(content_type, accept, opts) + result = api_instance.radius_servers_post(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling RadiusServersApi->radius_servers_post: #{e}" @@ -123,10 +224,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Radiusserverpost**](Radiusserverpost.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type @@ -144,11 +243,11 @@ Name | Type | Description | Notes # **radius_servers_put** -> Radiusserverput radius_servers_put(id, content_type, accept, opts) +> Radiusserverput radius_servers_put(id, opts) Update Radius Servers -This endpoint allows you to update RADIUS servers in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{name_update}\", \"networkSourceIp\": \"{0.0.0.0}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` +This endpoint allows you to update RADIUS servers in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{name_update}\", \"networkSourceIp\": \"{0.0.0.0}\", \"sharedSecret\": \"{secret_password}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` ### Example ```ruby @@ -163,21 +262,15 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::RadiusServersApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - body: JCAPIv1::Body.new, # Body | - x_org_id: "" # String | + body: JCAPIv1::RadiusserversIdBody.new # RadiusserversIdBody | + x_org_id: 'x_org_id_example' # String | } begin #Update Radius Servers - result = api_instance.radius_servers_put(id, content_type, accept, opts) + result = api_instance.radius_servers_put(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling RadiusServersApi->radius_servers_put: #{e}" @@ -189,10 +282,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Body**](Body.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**RadiusserversIdBody**](RadiusserversIdBody.md)| | [optional] + **x_org_id** | **String**| | [optional] ### Return type diff --git a/jcapiv1/docs/Radiusserver.md b/jcapiv1/docs/Radiusserver.md index 8ee110e..7dca44f 100644 --- a/jcapiv1/docs/Radiusserver.md +++ b/jcapiv1/docs/Radiusserver.md @@ -4,6 +4,9 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **_id** | **String** | | [optional] +**auth_idp** | **String** | | [optional] +**ca_cert** | **String** | | [optional] +**device_cert_enabled** | **BOOLEAN** | | [optional] **mfa** | **String** | | [optional] **name** | **String** | | [optional] **network_source_ip** | **String** | | [optional] @@ -11,7 +14,8 @@ Name | Type | Description | Notes **shared_secret** | **String** | | [optional] **tag_names** | **Array<String>** | | [optional] **tags** | **Array<String>** | | [optional] +**user_cert_enabled** | **BOOLEAN** | | [optional] **user_lockout_action** | **String** | | [optional] +**user_password_enabled** | **BOOLEAN** | | [optional] **user_password_expiration_action** | **String** | | [optional] - diff --git a/jcapiv1/docs/Radiusserverpost.md b/jcapiv1/docs/Radiusserverpost.md index 6f2cb17..b8bd33a 100644 --- a/jcapiv1/docs/Radiusserverpost.md +++ b/jcapiv1/docs/Radiusserverpost.md @@ -3,12 +3,16 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**auth_idp** | **String** | | [optional] +**ca_cert** | **String** | | [optional] +**device_cert_enabled** | **BOOLEAN** | | [optional] **mfa** | **String** | | [optional] **name** | **String** | | **network_source_ip** | **String** | | **shared_secret** | **String** | RADIUS shared secret between the server and client. | **tag_names** | **Array<String>** | | [optional] +**user_cert_enabled** | **BOOLEAN** | | [optional] **user_lockout_action** | **String** | | [optional] +**user_password_enabled** | **BOOLEAN** | | [optional] **user_password_expiration_action** | **String** | | [optional] - diff --git a/jcapiv1/docs/Radiusserverput.md b/jcapiv1/docs/Radiusserverput.md index 26a057d..11cc8d2 100644 --- a/jcapiv1/docs/Radiusserverput.md +++ b/jcapiv1/docs/Radiusserverput.md @@ -4,11 +4,15 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **_id** | **String** | | [optional] +**auth_idp** | **String** | | [optional] +**ca_cert** | **String** | | [optional] +**device_cert_enabled** | **BOOLEAN** | | [optional] **mfa** | **String** | | [optional] **name** | **String** | | [optional] **network_source_ip** | **String** | | [optional] **tag_names** | **Array<String>** | | [optional] +**user_cert_enabled** | **BOOLEAN** | | [optional] **user_lockout_action** | **String** | | [optional] +**user_password_enabled** | **BOOLEAN** | | [optional] **user_password_expiration_action** | **String** | | [optional] - diff --git a/jcapiv1/docs/Body.md b/jcapiv1/docs/RadiusserversIdBody.md similarity index 58% rename from jcapiv1/docs/Body.md rename to jcapiv1/docs/RadiusserversIdBody.md index 00520a9..a15c594 100644 --- a/jcapiv1/docs/Body.md +++ b/jcapiv1/docs/RadiusserversIdBody.md @@ -1,13 +1,17 @@ -# JCAPIv1::Body +# JCAPIv1::RadiusserversIdBody ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**ca_cert** | **String** | | [optional] +**device_cert_enabled** | **BOOLEAN** | | [optional] **mfa** | **String** | | [optional] **name** | **String** | | **network_source_ip** | **String** | | +**shared_secret** | **String** | | **tags** | **Array<String>** | | [optional] +**user_cert_enabled** | **BOOLEAN** | | [optional] **user_lockout_action** | **String** | | [optional] +**user_password_enabled** | **BOOLEAN** | | [optional] **user_password_expiration_action** | **String** | | [optional] - diff --git a/jcapiv1/docs/Radiusserverslist.md b/jcapiv1/docs/Radiusserverslist.md index ccd66e5..0c460f1 100644 --- a/jcapiv1/docs/Radiusserverslist.md +++ b/jcapiv1/docs/Radiusserverslist.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **results** | [**Array<Radiusserver>**](Radiusserver.md) | | [optional] **total_count** | **Integer** | | [optional] - diff --git a/jcapiv1/docs/RunCommandBody.md b/jcapiv1/docs/RunCommandBody.md new file mode 100644 index 0000000..4208878 --- /dev/null +++ b/jcapiv1/docs/RunCommandBody.md @@ -0,0 +1,8 @@ +# JCAPIv1::RunCommandBody + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**_id** | **String** | The ID of the command. | [optional] +**system_ids** | **Array<String>** | An optional list of device IDs to run the command on. If omitted, the command will run on devices bound to the command. | [optional] + diff --git a/jcapiv1/docs/Search.md b/jcapiv1/docs/Search.md index 5122b4f..19a84d2 100644 --- a/jcapiv1/docs/Search.md +++ b/jcapiv1/docs/Search.md @@ -7,4 +7,3 @@ Name | Type | Description | Notes **filter** | **Object** | | [optional] **search_filter** | **Object** | | [optional] - diff --git a/jcapiv1/docs/SearchApi.md b/jcapiv1/docs/SearchApi.md index af26cf9..6f823b2 100644 --- a/jcapiv1/docs/SearchApi.md +++ b/jcapiv1/docs/SearchApi.md @@ -4,17 +4,82 @@ All URIs are relative to *https://console.jumpcloud.com/api* Method | HTTP request | Description ------------- | ------------- | ------------- +[**search_commandresults_post**](SearchApi.md#search_commandresults_post) | **POST** /search/commandresults | Search Commands Results +[**search_commands_post**](SearchApi.md#search_commands_post) | **POST** /search/commands | Search Commands [**search_organizations_post**](SearchApi.md#search_organizations_post) | **POST** /search/organizations | Search Organizations [**search_systems_post**](SearchApi.md#search_systems_post) | **POST** /search/systems | Search Systems [**search_systemusers_post**](SearchApi.md#search_systemusers_post) | **POST** /search/systemusers | Search System Users +# **search_commandresults_post** +> Commandresultslist search_commandresults_post(opts) -# **search_organizations_post** -> Organizationslist search_organizations_post(content_type, accept, opts) +Search Commands Results -Search Organizations +Return Command Results in multi-record format allowing for the passing of the `filter` parameter. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/commandresults route. The `filter` parameter must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. #### Sample Request Exact search for a specific command result ``` curl -X POST https://console.jumpcloud.com/api/search/commandresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : \"workflowInstanceId:$eq:62f3c599ec4e928499069c7f\", \"fields\" : \"name workflowId sudo\" }' ``` -This endpoint will return Organization data based on your search parameters. This endpoint WILL NOT allow you to add a new Organization. You can use the supported parameters and pass those in the body of request. The parameters must be passed as Content-Type application/json. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/search/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"search\":{ \"fields\" : [\"settings.name\"], \"searchTerm\": \"Second\" }, \"fields\": [\"_id\", \"displayName\", \"logoUrl\"], \"limit\" : 0, \"skip\" : 0 }' ``` +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SearchApi.new +opts = { + body: JCAPIv1::Search.new # Search | + x_org_id: 'x_org_id_example' # String | + fields: 'fields_example' # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example' # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10 # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #Search Commands Results + result = api_instance.search_commandresults_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SearchApi->search_commandresults_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**Search**](Search.md)| | [optional] + **x_org_id** | **String**| | [optional] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**Commandresultslist**](Commandresultslist.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **search_commands_post** +> Commandslist search_commands_post(opts) + +Search Commands + +Return Commands in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new command. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of commands in a launchType ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"launchType\" : \"repeated\"}], \"fields\" : \"name launchType sudo\" }' ``` Text search for commands with name ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"List\", \"fields\": [\"name\"] }, \"fields\" : \"name launchType sudo\" }' ``` Text search for multiple commands ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": [\"List\", \"Log\"], \"fields\": [\"name\"] }, \"fields\" : \"name launchType sudo\" }' ``` Combining `filter` and `searchFilter` to text search for commands with name who are in a list of launchType ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"List\", \"fields\": [\"name\"] }, \"filter\": { \"or\": [ {\"launchType\" : \"repeated\"}, {\"launchType\" : \"one-time\"} ] }, \"fields\" : \"name launchType sudo\" }' ``` ### Example ```ruby @@ -29,22 +94,81 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SearchApi.new +opts = { + body: JCAPIv1::Search.new # Search | + x_org_id: 'x_org_id_example' # String | + fields: 'fields_example' # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example' # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10 # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #Search Commands + result = api_instance.search_commands_post(opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SearchApi->search_commands_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**Search**](Search.md)| | [optional] + **x_org_id** | **String**| | [optional] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**Commandslist**](Commandslist.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json -content_type = "application/json" # String | -accept = "application/json" # String | +# **search_organizations_post** +> Organizationslist search_organizations_post(opts) + +Search Organizations + +This endpoint will return Organization data based on your search parameters. This endpoint WILL NOT allow you to add a new Organization. You can use the supported parameters and pass those in the body of request. The parameters must be passed as Content-Type application/json. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/search/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"search\":{ \"fields\" : [\"settings.name\"], \"searchTerm\": \"Second\" }, \"fields\": [\"_id\", \"displayName\", \"logoUrl\"], \"limit\" : 0, \"skip\" : 0 }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SearchApi.new opts = { - body: JCAPIv1::Search.new, # Search | - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - filter: "filter_example" # String | A filter to apply to the query. - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. + body: JCAPIv1::Search.new # Search | + fields: 'fields_example' # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example' # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10 # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. } begin #Search Organizations - result = api_instance.search_organizations_post(content_type, accept, opts) + result = api_instance.search_organizations_post(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling SearchApi->search_organizations_post: #{e}" @@ -55,11 +179,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Search**](Search.md)| | [optional] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] @@ -79,11 +201,11 @@ Name | Type | Description | Notes # **search_systems_post** -> Systemslist search_systems_post(content_type, accept, opts) +> Systemslist search_systems_post(opts) Search Systems -Return Systems in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the`searchTerm` the record will be returned. #### Sample Request Exact search for a list of hostnames ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\": { \"or\": [ {\"hostname\" : \"my-hostname\"}, {\"hostname\" : \"other-hostname\"} ] }, \"fields\" : \"os hostname displayName\" }' ``` Text search for a hostname or display name ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"fields\": \"os hostname displayName\" }' ``` Combining `filter` and `searchFilter` to search for names that match a given OS ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"filter\": { \"or\": [ {\"os\" : \"Ubuntu\"}, {\"os\" : \"Mac OS X\"} ] }, \"fields\": \"os hostname displayName\" }' ``` +Return Systems in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of hostnames ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\": { \"or\": [ {\"hostname\" : \"my-hostname\"}, {\"hostname\" : \"other-hostname\"} ] }, \"fields\" : \"os hostname displayName\" }' ``` Text search for a hostname or display name ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"fields\": \"os hostname displayName\" }' ``` Text search for a multiple hostnames. ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": [\"my-host\", \"my-other-host\"], \"fields\": [\"hostname\"] }, \"fields\": \"os hostname displayName\" }' ``` Combining `filter` and `searchFilter` to search for names that match a given OS ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"filter\": { \"or\": [ {\"os\" : \"Ubuntu\"}, {\"os\" : \"Mac OS X\"} ] }, \"fields\": \"os hostname displayName\" }' ``` ### Example ```ruby @@ -98,23 +220,18 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SearchApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - body: JCAPIv1::Search.new, # Search | - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | - skip: 0, # Integer | The offset into the records to return. - filter: "filter_example" # String | A filter to apply to the query. + body: JCAPIv1::Search.new # Search | + x_org_id: 'x_org_id_example' # String | + fields: 'fields_example' # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + limit: 10 # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. + filter: 'filter_example' # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. } begin #Search Systems - result = api_instance.search_systems_post(content_type, accept, opts) + result = api_instance.search_systems_post(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling SearchApi->search_systems_post: #{e}" @@ -125,14 +242,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Search**](Search.md)| | [optional] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] + **x_org_id** | **String**| | [optional] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | **String**| A filter to apply to the query. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] ### Return type @@ -150,11 +265,11 @@ Name | Type | Description | Notes # **search_systemusers_post** -> Systemuserslist search_systemusers_post(content_type, accept, opts) +> Systemuserslist search_systemusers_post(opts) Search System Users -Return System Users in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system user. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the`searchTerm` the record will be returned. #### Sample Request Exact search for a list of system users in a department ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"department\" : \"IT\"}], \"fields\" : \"email username sudo\" }' ``` Text search for system users with and email on a domain ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"fields\" : \"email username sudo\" }' ``` Combining `filter` and `searchFilter` to text search for system users with and email on a domain who are in a list of departments ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"filter\": { \"or\": [ {\"department\" : \"IT\"}, {\"department\" : \"Sales\"} ] }, \"fields\" : \"email username sudo\" }' ``` +Return System Users in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system user. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of system users in a department ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"department\" : \"IT\"}], \"fields\" : \"email username sudo\" }' ``` Text search for system users with and email on a domain ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"fields\" : \"email username sudo\" }' ``` Text search for multiple system users ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": [\"john\", \"sarah\"], \"fields\": [\"username\"] }, \"fields\" : \"email username sudo\" }' ``` Combining `filter` and `searchFilter` to text search for system users with and email on a domain who are in a list of departments ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"filter\": { \"or\": [ {\"department\" : \"IT\"}, {\"department\" : \"Sales\"} ] }, \"fields\" : \"email username sudo\" }' ``` ### Example ```ruby @@ -169,23 +284,18 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SearchApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - body: JCAPIv1::Search.new, # Search | - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - filter: "filter_example" # String | A filter to apply to the query. - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + body: JCAPIv1::Search.new # Search | + x_org_id: 'x_org_id_example' # String | + fields: 'fields_example' # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example' # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + limit: 10 # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. } begin #Search System Users - result = api_instance.search_systemusers_post(content_type, accept, opts) + result = api_instance.search_systemusers_post(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling SearchApi->search_systemusers_post: #{e}" @@ -196,14 +306,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Search**](Search.md)| | [optional] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] + **x_org_id** | **String**| | [optional] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] ### Return type diff --git a/jcapiv1/docs/Sshkeylist.md b/jcapiv1/docs/Sshkeylist.md index a02eeb9..f4d7e9a 100644 --- a/jcapiv1/docs/Sshkeylist.md +++ b/jcapiv1/docs/Sshkeylist.md @@ -8,4 +8,3 @@ Name | Type | Description | Notes **name** | **String** | The name of the SSH key. | [optional] **public_key** | **String** | The Public SSH key. | [optional] - diff --git a/jcapiv1/docs/Sshkeypost.md b/jcapiv1/docs/Sshkeypost.md index 30cd71f..2c7aded 100644 --- a/jcapiv1/docs/Sshkeypost.md +++ b/jcapiv1/docs/Sshkeypost.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **name** | **String** | The name of the SSH key. | **public_key** | **String** | The Public SSH key. | - diff --git a/jcapiv1/docs/Sso.md b/jcapiv1/docs/Sso.md new file mode 100644 index 0000000..eff959b --- /dev/null +++ b/jcapiv1/docs/Sso.md @@ -0,0 +1,15 @@ +# JCAPIv1::Sso + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**beta** | **BOOLEAN** | | [optional] +**hidden** | **BOOLEAN** | | [optional] +**idp_cert_expiration_at** | **DateTime** | | [optional] +**idp_certificate_updated_at** | **DateTime** | | [optional] +**idp_private_key_updated_at** | **DateTime** | | [optional] +**jit** | **BOOLEAN** | | [optional] +**sp_certificate_updated_at** | **DateTime** | | [optional] +**sp_error_flow** | **BOOLEAN** | | [optional] +**type** | **String** | | [optional] + diff --git a/jcapiv1/docs/Errorresponse.md b/jcapiv1/docs/StateActivateBody.md similarity index 61% rename from jcapiv1/docs/Errorresponse.md rename to jcapiv1/docs/StateActivateBody.md index 96ea329..a391442 100644 --- a/jcapiv1/docs/Errorresponse.md +++ b/jcapiv1/docs/StateActivateBody.md @@ -1,8 +1,7 @@ -# JCAPIv1::Errorresponse +# JCAPIv1::StateActivateBody ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**message** | **String** | | [optional] - +**email** | **Object** | | [optional] diff --git a/jcapiv1/docs/System.md b/jcapiv1/docs/System.md index 5ba24bd..b1c27ce 100644 --- a/jcapiv1/docs/System.md +++ b/jcapiv1/docs/System.md @@ -12,23 +12,39 @@ Name | Type | Description | Notes **allow_ssh_root_login** | **BOOLEAN** | | [optional] **amazon_instance_id** | **String** | | [optional] **arch** | **String** | | [optional] +**arch_family** | **String** | | [optional] +**azure_ad_joined** | **BOOLEAN** | | [optional] +**built_in_commands** | [**Array<SystemBuiltInCommands>**](SystemBuiltInCommands.md) | | [optional] **connection_history** | **Array<Object>** | | [optional] -**created** | **String** | | [optional] +**created** | **DateTime** | | [optional] +**description** | **String** | | [optional] +**desktop_capable** | **BOOLEAN** | | [optional] +**display_manager** | **String** | | [optional] **display_name** | **String** | | [optional] +**domain_info** | [**SystemDomainInfo**](SystemDomainInfo.md) | | [optional] **fde** | [**Fde**](Fde.md) | | [optional] +**file_system** | **String** | | [optional] +**has_service_account** | **BOOLEAN** | | [optional] **hostname** | **String** | | [optional] -**last_contact** | **String** | | [optional] +**last_contact** | **DateTime** | | [optional] +**mdm** | [**SystemMdm**](SystemMdm.md) | | [optional] **modify_sshd_config** | **BOOLEAN** | | [optional] **network_interfaces** | [**Array<SystemNetworkInterfaces>**](SystemNetworkInterfaces.md) | | [optional] **organization** | **String** | | [optional] **os** | **String** | | [optional] +**os_family** | **String** | | [optional] +**os_version_detail** | [**SystemOsVersionDetail**](SystemOsVersionDetail.md) | | [optional] +**provision_metadata** | [**SystemProvisionMetadata**](SystemProvisionMetadata.md) | | [optional] **remote_ip** | **String** | | [optional] +**secure_login** | [**SystemSecureLogin**](SystemSecureLogin.md) | | [optional] +**serial_number** | **String** | | [optional] +**service_account_state** | [**SystemServiceAccountState**](SystemServiceAccountState.md) | | [optional] **ssh_root_enabled** | **BOOLEAN** | | [optional] **sshd_params** | [**Array<SystemSshdParams>**](SystemSshdParams.md) | | [optional] **system_insights** | [**SystemSystemInsights**](SystemSystemInsights.md) | | [optional] **system_timezone** | **Integer** | | [optional] **tags** | **Array<String>** | | [optional] **template_name** | **String** | | [optional] +**user_metrics** | [**Array<SystemUserMetrics>**](SystemUserMetrics.md) | | [optional] **version** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemBuiltInCommands.md b/jcapiv1/docs/SystemBuiltInCommands.md new file mode 100644 index 0000000..d51e39a --- /dev/null +++ b/jcapiv1/docs/SystemBuiltInCommands.md @@ -0,0 +1,8 @@ +# JCAPIv1::SystemBuiltInCommands + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | | [optional] +**type** | **String** | | [optional] + diff --git a/jcapiv1/docs/SystemDomainInfo.md b/jcapiv1/docs/SystemDomainInfo.md new file mode 100644 index 0000000..1860b69 --- /dev/null +++ b/jcapiv1/docs/SystemDomainInfo.md @@ -0,0 +1,8 @@ +# JCAPIv1::SystemDomainInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**domain_name** | **String** | | [optional] +**part_of_domain** | **BOOLEAN** | | [optional] + diff --git a/jcapiv1/docs/SystemMdm.md b/jcapiv1/docs/SystemMdm.md new file mode 100644 index 0000000..78caab7 --- /dev/null +++ b/jcapiv1/docs/SystemMdm.md @@ -0,0 +1,14 @@ +# JCAPIv1::SystemMdm + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**dep** | **BOOLEAN** | | [optional] +**enrollment_type** | **String** | | [optional] +**internal** | [**SystemMdmInternal**](SystemMdmInternal.md) | | [optional] +**profile_identifier** | **String** | | [optional] +**provider_id** | **String** | | [optional] +**user_approved** | **BOOLEAN** | | [optional] +**vendor** | **String** | | [optional] +**windows** | [**SystemMdmWindows**](SystemMdmWindows.md) | | [optional] + diff --git a/jcapiv1/docs/SystemMdmInternal.md b/jcapiv1/docs/SystemMdmInternal.md new file mode 100644 index 0000000..888569f --- /dev/null +++ b/jcapiv1/docs/SystemMdmInternal.md @@ -0,0 +1,8 @@ +# JCAPIv1::SystemMdmInternal + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**device_id** | **String** | | [optional] +**windows_device_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/OauthCodeInput.md b/jcapiv1/docs/SystemMdmWindows.md similarity index 62% rename from jcapiv2/docs/OauthCodeInput.md rename to jcapiv1/docs/SystemMdmWindows.md index 4e2f73e..9c7b87c 100644 --- a/jcapiv2/docs/OauthCodeInput.md +++ b/jcapiv1/docs/SystemMdmWindows.md @@ -1,8 +1,7 @@ -# JCAPIv2::OauthCodeInput +# JCAPIv1::SystemMdmWindows ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**code** | **String** | | [optional] - +**upn** | **String** | | [optional] diff --git a/jcapiv1/docs/SystemNetworkInterfaces.md b/jcapiv1/docs/SystemNetworkInterfaces.md index 6e76bd5..db62f38 100644 --- a/jcapiv1/docs/SystemNetworkInterfaces.md +++ b/jcapiv1/docs/SystemNetworkInterfaces.md @@ -8,4 +8,3 @@ Name | Type | Description | Notes **internal** | **BOOLEAN** | | [optional] **name** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemOsVersionDetail.md b/jcapiv1/docs/SystemOsVersionDetail.md new file mode 100644 index 0000000..c21705d --- /dev/null +++ b/jcapiv1/docs/SystemOsVersionDetail.md @@ -0,0 +1,16 @@ +# JCAPIv1::SystemOsVersionDetail + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**distribution_name** | **String** | | [optional] +**major** | **String** | | [optional] +**major_number** | **Integer** | | [optional] +**minor** | **String** | | [optional] +**minor_number** | **Integer** | | [optional] +**os_name** | **String** | | [optional] +**patch** | **String** | | [optional] +**patch_number** | **Integer** | | [optional] +**release_name** | **String** | | [optional] +**revision** | **String** | | [optional] + diff --git a/jcapiv1/docs/SystemProvisionMetadata.md b/jcapiv1/docs/SystemProvisionMetadata.md new file mode 100644 index 0000000..3b910bd --- /dev/null +++ b/jcapiv1/docs/SystemProvisionMetadata.md @@ -0,0 +1,7 @@ +# JCAPIv1::SystemProvisionMetadata + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**provisioner** | [**SystemProvisionMetadataProvisioner**](SystemProvisionMetadataProvisioner.md) | | [optional] + diff --git a/jcapiv1/docs/SystemProvisionMetadataProvisioner.md b/jcapiv1/docs/SystemProvisionMetadataProvisioner.md new file mode 100644 index 0000000..69095b8 --- /dev/null +++ b/jcapiv1/docs/SystemProvisionMetadataProvisioner.md @@ -0,0 +1,8 @@ +# JCAPIv1::SystemProvisionMetadataProvisioner + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**provisioner_id** | **String** | | [optional] +**type** | **String** | | [optional] [default to 'administrator'] + diff --git a/jcapiv1/docs/SystemSecureLogin.md b/jcapiv1/docs/SystemSecureLogin.md new file mode 100644 index 0000000..cb4cf23 --- /dev/null +++ b/jcapiv1/docs/SystemSecureLogin.md @@ -0,0 +1,8 @@ +# JCAPIv1::SystemSecureLogin + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**enabled** | **BOOLEAN** | | [optional] +**supported** | **BOOLEAN** | | [optional] + diff --git a/jcapiv1/docs/SystemServiceAccountState.md b/jcapiv1/docs/SystemServiceAccountState.md new file mode 100644 index 0000000..4aa557c --- /dev/null +++ b/jcapiv1/docs/SystemServiceAccountState.md @@ -0,0 +1,9 @@ +# JCAPIv1::SystemServiceAccountState + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**has_secure_token** | **BOOLEAN** | | [optional] +**password_apfs_valid** | **BOOLEAN** | | [optional] +**password_od_valid** | **BOOLEAN** | | [optional] + diff --git a/jcapiv1/docs/SystemSshdParams.md b/jcapiv1/docs/SystemSshdParams.md index d2bfc98..076fde5 100644 --- a/jcapiv1/docs/SystemSshdParams.md +++ b/jcapiv1/docs/SystemSshdParams.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **name** | **String** | | [optional] **value** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemSystemInsights.md b/jcapiv1/docs/SystemSystemInsights.md index 15e04bf..1a79961 100644 --- a/jcapiv1/docs/SystemSystemInsights.md +++ b/jcapiv1/docs/SystemSystemInsights.md @@ -5,4 +5,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **state** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemUserMetrics.md b/jcapiv1/docs/SystemUserMetrics.md new file mode 100644 index 0000000..e90d3ca --- /dev/null +++ b/jcapiv1/docs/SystemUserMetrics.md @@ -0,0 +1,11 @@ +# JCAPIv1::SystemUserMetrics + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**admin** | **BOOLEAN** | | [optional] +**managed** | **BOOLEAN** | | [optional] +**secure_token_enabled** | **BOOLEAN** | | [optional] +**suspended** | **BOOLEAN** | | [optional] +**user_name** | **String** | | [optional] + diff --git a/jcapiv1/docs/Systemput.md b/jcapiv1/docs/Systemput.md index db21983..bf686f2 100644 --- a/jcapiv1/docs/Systemput.md +++ b/jcapiv1/docs/Systemput.md @@ -11,4 +11,3 @@ Name | Type | Description | Notes **display_name** | **String** | | [optional] **tags** | **Array<String>** | | [optional] - diff --git a/jcapiv1/docs/SystemputAgentBoundMessages.md b/jcapiv1/docs/SystemputAgentBoundMessages.md index 1d18c9e..691d96d 100644 --- a/jcapiv1/docs/SystemputAgentBoundMessages.md +++ b/jcapiv1/docs/SystemputAgentBoundMessages.md @@ -5,4 +5,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **cmd** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemsApi.md b/jcapiv1/docs/SystemsApi.md index 625c2b6..e17a671 100644 --- a/jcapiv1/docs/SystemsApi.md +++ b/jcapiv1/docs/SystemsApi.md @@ -4,20 +4,21 @@ All URIs are relative to *https://console.jumpcloud.com/api* Method | HTTP request | Description ------------- | ------------- | ------------- +[**systems_command_builtin_erase**](SystemsApi.md#systems_command_builtin_erase) | **POST** /systems/{system_id}/command/builtin/erase | Erase a System +[**systems_command_builtin_lock**](SystemsApi.md#systems_command_builtin_lock) | **POST** /systems/{system_id}/command/builtin/lock | Lock a System +[**systems_command_builtin_restart**](SystemsApi.md#systems_command_builtin_restart) | **POST** /systems/{system_id}/command/builtin/restart | Restart a System +[**systems_command_builtin_shutdown**](SystemsApi.md#systems_command_builtin_shutdown) | **POST** /systems/{system_id}/command/builtin/shutdown | Shutdown a System [**systems_delete**](SystemsApi.md#systems_delete) | **DELETE** /systems/{id} | Delete a System [**systems_get**](SystemsApi.md#systems_get) | **GET** /systems/{id} | List an individual system [**systems_list**](SystemsApi.md#systems_list) | **GET** /systems | List All Systems [**systems_put**](SystemsApi.md#systems_put) | **PUT** /systems/{id} | Update a system -[**systems_systemusers_binding_list**](SystemsApi.md#systems_systemusers_binding_list) | **GET** /systems/{id}/systemusers | List system user bindings -[**systems_systemusers_binding_put**](SystemsApi.md#systems_systemusers_binding_put) | **PUT** /systems/{id}/systemusers | Update a system's or user's binding +# **systems_command_builtin_erase** +> systems_command_builtin_erase(system_id, opts) -# **systems_delete** -> System systems_delete(id, content_type, accept, opts) - -Delete a System +Erase a System -This endpoint allows you to delete a system. This command will cause the system to uninstall the JumpCloud agent from its self which can can take about a minute. If the system is not connected to JumpCloud the system record will simply be removed. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint allows you to run the erase command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/erase \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` ### Example ```ruby @@ -32,25 +33,71 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemsApi.new +system_id = 'system_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Erase a System + api_instance.systems_command_builtin_erase(system_id, opts) +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemsApi->systems_command_builtin_erase: #{e}" +end +``` -id = "id_example" # String | +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **system_id** | **String**| | + **x_org_id** | **String**| | [optional] -content_type = "application/json" # String | +### Return type -accept = "application/json" # String | +nil (empty response body) +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systems_command_builtin_lock** +> systems_command_builtin_lock(system_id, opts) + +Lock a System + +This endpoint allows you to run the lock command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/lock \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemsApi.new +system_id = 'system_id_example' # String | opts = { - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | } begin - #Delete a System - result = api_instance.systems_delete(id, content_type, accept, opts) - p result + #Lock a System + api_instance.systems_command_builtin_lock(system_id, opts) rescue JCAPIv1::ApiError => e - puts "Exception when calling SystemsApi->systems_delete: #{e}" + puts "Exception when calling SystemsApi->systems_command_builtin_lock: #{e}" end ``` @@ -58,16 +105,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **date** | **String**| Current date header for the System Context API | [optional] - **authorization** | **String**| Authorization header for the System Context API | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **system_id** | **String**| | + **x_org_id** | **String**| | [optional] ### Return type -[**System**](System.md) +nil (empty response body) ### Authorization @@ -75,17 +118,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systems_get** -> System systems_get(id, content_type, accept, opts) +# **systems_command_builtin_restart** +> systems_command_builtin_restart(system_id, opts) -List an individual system +Restart a System -This endpoint returns an individual system. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint allows you to run the restart command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/restart \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` ### Example ```ruby @@ -100,27 +143,71 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemsApi.new +system_id = 'system_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Restart a System + api_instance.systems_command_builtin_restart(system_id, opts) +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemsApi->systems_command_builtin_restart: #{e}" +end +``` + +### Parameters -id = "id_example" # String | +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **system_id** | **String**| | + **x_org_id** | **String**| | [optional] + +### Return type -content_type = "application/json" # String | +nil (empty response body) -accept = "application/json" # String | +### Authorization +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systems_command_builtin_shutdown** +> systems_command_builtin_shutdown(system_id, opts) + +Shutdown a System + +This endpoint allows you to run the shutdown command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/shutdown \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemsApi.new +system_id = 'system_id_example' # String | opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - filter: "filter_example" # String | A filter to apply to the query. - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | } begin - #List an individual system - result = api_instance.systems_get(id, content_type, accept, opts) - p result + #Shutdown a System + api_instance.systems_command_builtin_shutdown(system_id, opts) rescue JCAPIv1::ApiError => e - puts "Exception when calling SystemsApi->systems_get: #{e}" + puts "Exception when calling SystemsApi->systems_command_builtin_shutdown: #{e}" end ``` @@ -128,18 +215,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] - **date** | **String**| Current date header for the System Context API | [optional] - **authorization** | **String**| Authorization header for the System Context API | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **system_id** | **String**| | + **x_org_id** | **String**| | [optional] ### Return type -[**System**](System.md) +nil (empty response body) ### Authorization @@ -147,17 +228,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systems_list** -> Systemslist systems_list(content_type, accept, opts) +# **systems_delete** +> System systems_delete(id, opts) -List All Systems +Delete a System -This endpoint returns all Systems. #### Sample Requests ``` curl -X GET https://console.jumpcloud.com/api/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint allows you to delete a system. This command will cause the system to uninstall the JumpCloud agent from its self which can can take about a minute. If the system is not connected to JumpCloud the system record will simply be removed. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -172,27 +253,19 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | - search: "search_example", # String | A nested object containing a string `searchTerm` and a list of `fields` to search on. - skip: 0, # Integer | The offset into the records to return. - sort: "", # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - filter: "filter_example" # String | A filter to apply to the query. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | } begin - #List All Systems - result = api_instance.systems_list(content_type, accept, opts) + #Delete a System + result = api_instance.systems_delete(id, opts) p result rescue JCAPIv1::ApiError => e - puts "Exception when calling SystemsApi->systems_list: #{e}" + puts "Exception when calling SystemsApi->systems_delete: #{e}" end ``` @@ -200,19 +273,14 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] - **search** | **String**| A nested object containing a string `searchTerm` and a list of `fields` to search on. | [optional] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] + **id** | **String**| | + **date** | **String**| Current date header for the System Context API | [optional] + **authorization** | **String**| Authorization header for the System Context API | [optional] + **x_org_id** | **String**| | [optional] ### Return type -[**Systemslist**](Systemslist.md) +[**System**](System.md) ### Authorization @@ -220,17 +288,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systems_put** -> System systems_put(id, content_type, accept, opts) +# **systems_get** +> System systems_get(id, opts) -Update a system +List an individual system -This endpoint allows you to update a system. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\":\"Name_Update\", \"allowSshPasswordAuthentication\":\"true\", \"allowSshRootLogin\":\"true\", \"allowMultiFactorAuthentication\":\"true\", \"allowPublicKeyAuthentication\":\"false\" }' ``` +This endpoint returns an individual system. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -245,26 +313,21 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemsApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - body: JCAPIv1::Systemput.new, # Systemput | - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - x_org_id: "" # String | + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | } begin - #Update a system - result = api_instance.systems_put(id, content_type, accept, opts) + #List an individual system + result = api_instance.systems_get(id, opts) p result rescue JCAPIv1::ApiError => e - puts "Exception when calling SystemsApi->systems_put: #{e}" + puts "Exception when calling SystemsApi->systems_get: #{e}" end ``` @@ -273,12 +336,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Systemput**](Systemput.md)| | [optional] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type @@ -290,17 +352,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systems_systemusers_binding_list** -> Systemuserbinding systems_systemusers_binding_list(id, content_type, accept, opts) +# **systems_list** +> Systemslist systems_list(opts) -List system user bindings +List All Systems -Hidden as Tags is deprecated List system user bindings for a specific system in a system and user binding format. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). #### Sample Request *List system user bindings for specific system* ``` curl -X https://console.jumpcloud.com/api/systems/{SystemID}/systemusers\\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ \" ``` +This endpoint returns all Systems. #### Sample Requests ``` curl -X GET https://console.jumpcloud.com/api/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -315,28 +377,22 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemsApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | + search: 'search_example', # String | A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. skip: 0, # Integer | The offset into the records to return. - sort: "", # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + sort: 'sort_example', # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + filter: 'filter_example' # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. } begin - #List system user bindings - result = api_instance.systems_systemusers_binding_list(id, content_type, accept, opts) + #List All Systems + result = api_instance.systems_list(opts) p result rescue JCAPIv1::ApiError => e - puts "Exception when calling SystemsApi->systems_systemusers_binding_list: #{e}" + puts "Exception when calling SystemsApi->systems_list: #{e}" end ``` @@ -344,19 +400,17 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| | [optional] + **search** | **String**| A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] ### Return type -[**Systemuserbinding**](Systemuserbinding.md) +[**Systemslist**](Systemslist.md) ### Authorization @@ -364,17 +418,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systems_systemusers_binding_put** -> systems_systemusers_binding_put(id, content_type, accept, opts) +# **systems_put** +> System systems_put(id, opts) -Update a system's or user's binding +Update a system -Hidden as Tags is deprecated Adds or removes a user binding for a system. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). #### Sample Request *Add (or remove) a system user to (from) a system* ``` curl \\ -d '{ \"add\": [\"[SYSTEM_USER_ID_TO_ADD_HERE]\"], \"remove\": [\"[SYSTEM_USER_ID_TO_REMOVE_HERE]\"] }' \\ -X PUT \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systems/[SYSTEM_ID_HERE]/systemusers +This endpoint allows you to update a system. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\":\"Name_Update\", \"allowSshPasswordAuthentication\":\"true\", \"allowSshRootLogin\":\"true\", \"allowMultiFactorAuthentication\":\"true\", \"allowPublicKeyAuthentication\":\"false\" }' ``` ### Example ```ruby @@ -389,23 +443,20 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemsApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - body: JCAPIv1::Systemuserbindingsput.new, # Systemuserbindingsput | - x_org_id: "" # String | + body: JCAPIv1::Systemput.new # Systemput | + date: 'date_example' # String | Current date header for the System Context API + authorization: 'authorization_example' # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | } begin - #Update a system's or user's binding - api_instance.systems_systemusers_binding_put(id, content_type, accept, opts) + #Update a system + result = api_instance.systems_put(id, opts) + p result rescue JCAPIv1::ApiError => e - puts "Exception when calling SystemsApi->systems_systemusers_binding_put: #{e}" + puts "Exception when calling SystemsApi->systems_put: #{e}" end ``` @@ -414,14 +465,14 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Systemuserbindingsput**](Systemuserbindingsput.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**Systemput**](Systemput.md)| | [optional] + **date** | **String**| Current date header for the System Context API | [optional] + **authorization** | **String**| Authorization header for the System Context API | [optional] + **x_org_id** | **String**| | [optional] ### Return type -nil (empty response body) +[**System**](System.md) ### Authorization diff --git a/jcapiv1/docs/Systemslist.md b/jcapiv1/docs/Systemslist.md index 5e4fa1c..5f4d172 100644 --- a/jcapiv1/docs/Systemslist.md +++ b/jcapiv1/docs/Systemslist.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **results** | [**Array<System>**](System.md) | The list of systems. | [optional] **total_count** | **Integer** | The total number of systems. | [optional] - diff --git a/jcapiv1/docs/Systemuser.md b/jcapiv1/docs/Systemuser.md deleted file mode 100644 index 27b217c..0000000 --- a/jcapiv1/docs/Systemuser.md +++ /dev/null @@ -1,48 +0,0 @@ -# JCAPIv1::Systemuser - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**_id** | **String** | | [optional] -**account_locked** | **BOOLEAN** | | [optional] -**activated** | **BOOLEAN** | | [optional] -**allow_public_key** | **BOOLEAN** | | [optional] -**associated_tag_count** | **Integer** | | [optional] -**attributes** | **Array<Object>** | | [optional] -**company** | **String** | | [optional] -**cost_center** | **String** | | [optional] -**created** | **String** | | [optional] -**department** | **String** | | [optional] -**description** | **String** | | [optional] -**displayname** | **String** | | [optional] -**email** | **String** | | [optional] -**employee_identifier** | **String** | Must be unique per user. | [optional] -**employee_type** | **String** | | [optional] -**enable_managed_uid** | **BOOLEAN** | | [optional] -**enable_user_portal_multifactor** | **BOOLEAN** | | [optional] -**external_dn** | **String** | | [optional] -**external_source_type** | **String** | | [optional] -**externally_managed** | **BOOLEAN** | | [optional] -**firstname** | **String** | | [optional] -**job_title** | **String** | | [optional] -**lastname** | **String** | | [optional] -**ldap_binding_user** | **BOOLEAN** | | [optional] -**location** | **String** | | [optional] -**mfa** | [**Mfa**](Mfa.md) | | [optional] -**middlename** | **String** | | [optional] -**password_expiration_date** | **String** | | [optional] -**password_expired** | **BOOLEAN** | | [optional] -**password_never_expires** | **BOOLEAN** | | [optional] -**passwordless_sudo** | **BOOLEAN** | | [optional] -**public_key** | **String** | | [optional] -**samba_service_user** | **BOOLEAN** | | [optional] -**ssh_keys** | [**Array<Sshkeylist>**](Sshkeylist.md) | | [optional] -**sudo** | **BOOLEAN** | | [optional] -**suspended** | **BOOLEAN** | | [optional] -**tags** | **Array<String>** | | [optional] -**totp_enabled** | **BOOLEAN** | | [optional] -**unix_guid** | **Integer** | | [optional] -**unix_uid** | **Integer** | | [optional] -**username** | **String** | | [optional] - - diff --git a/jcapiv1/docs/Systemuserbindingsput.md b/jcapiv1/docs/Systemuserbindingsput.md deleted file mode 100644 index 0ff3df8..0000000 --- a/jcapiv1/docs/Systemuserbindingsput.md +++ /dev/null @@ -1,9 +0,0 @@ -# JCAPIv1::Systemuserbindingsput - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**add** | **Array<String>** | The list of systemuser ids to be added to this system. | -**remove** | **Array<String>** | The list of systemuser ids to be removed from this system. | - - diff --git a/jcapiv1/docs/Systemuserput.md b/jcapiv1/docs/Systemuserput.md index 5bf5d1e..50b0695 100644 --- a/jcapiv1/docs/Systemuserput.md +++ b/jcapiv1/docs/Systemuserput.md @@ -6,11 +6,13 @@ Name | Type | Description | Notes **account_locked** | **BOOLEAN** | | [optional] **addresses** | [**Array<SystemuserputAddresses>**](SystemuserputAddresses.md) | type, poBox, extendedAddress, streetAddress, locality, region, postalCode, country | [optional] **allow_public_key** | **BOOLEAN** | | [optional] -**attributes** | **Array<Object>** | | [optional] +**alternate_email** | **String** | | [optional] +**attributes** | [**Array<SystemuserputAttributes>**](SystemuserputAttributes.md) | | [optional] **company** | **String** | | [optional] **cost_center** | **String** | | [optional] **department** | **String** | | [optional] **description** | **String** | | [optional] +**disable_device_max_login_attempts** | **BOOLEAN** | | [optional] **displayname** | **String** | | [optional] **email** | **String** | | [optional] **employee_identifier** | **String** | Must be unique per user. | [optional] @@ -18,6 +20,7 @@ Name | Type | Description | Notes **enable_managed_uid** | **BOOLEAN** | | [optional] **enable_user_portal_multifactor** | **BOOLEAN** | | [optional] **external_dn** | **String** | | [optional] +**external_password_expiration_date** | **String** | | [optional] **external_source_type** | **String** | | [optional] **externally_managed** | **BOOLEAN** | | [optional] **firstname** | **String** | | [optional] @@ -25,15 +28,18 @@ Name | Type | Description | Notes **lastname** | **String** | | [optional] **ldap_binding_user** | **BOOLEAN** | | [optional] **location** | **String** | | [optional] +**managed_apple_id** | **String** | | [optional] +**manager** | **String** | Relation with another systemuser to identify the last as a manager. | [optional] **mfa** | [**Mfa**](Mfa.md) | | [optional] **middlename** | **String** | | [optional] **password** | **String** | | [optional] **password_never_expires** | **BOOLEAN** | | [optional] **phone_numbers** | [**Array<SystemuserputPhoneNumbers>**](SystemuserputPhoneNumbers.md) | | [optional] **public_key** | **String** | | [optional] -**relationships** | **Array<Object>** | | [optional] +**relationships** | [**Array<SystemuserputRelationships>**](SystemuserputRelationships.md) | | [optional] **samba_service_user** | **BOOLEAN** | | [optional] **ssh_keys** | [**Array<Sshkeypost>**](Sshkeypost.md) | | [optional] +**state** | **String** | | [optional] **sudo** | **BOOLEAN** | | [optional] **suspended** | **BOOLEAN** | | [optional] **tags** | **Array<String>** | | [optional] @@ -41,4 +47,3 @@ Name | Type | Description | Notes **unix_uid** | **Integer** | | [optional] **username** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemuserputAddresses.md b/jcapiv1/docs/SystemuserputAddresses.md index b0f213e..59a7e18 100644 --- a/jcapiv1/docs/SystemuserputAddresses.md +++ b/jcapiv1/docs/SystemuserputAddresses.md @@ -12,4 +12,3 @@ Name | Type | Description | Notes **street_address** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv2/docs/Body2.md b/jcapiv1/docs/SystemuserputAttributes.md similarity index 54% rename from jcapiv2/docs/Body2.md rename to jcapiv1/docs/SystemuserputAttributes.md index 02174f3..caad011 100644 --- a/jcapiv2/docs/Body2.md +++ b/jcapiv1/docs/SystemuserputAttributes.md @@ -1,10 +1,8 @@ -# JCAPIv2::Body2 +# JCAPIv1::SystemuserputAttributes ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**groups** | **Array<String>** | | [optional] **name** | **String** | | [optional] -**users** | **Array<String>** | | [optional] - +**value** | **String** | | [optional] diff --git a/jcapiv1/docs/SystemuserputPhoneNumbers.md b/jcapiv1/docs/SystemuserputPhoneNumbers.md index 1ccffa1..147ad52 100644 --- a/jcapiv1/docs/SystemuserputPhoneNumbers.md +++ b/jcapiv1/docs/SystemuserputPhoneNumbers.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **number** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemuserputRelationships.md b/jcapiv1/docs/SystemuserputRelationships.md new file mode 100644 index 0000000..092b100 --- /dev/null +++ b/jcapiv1/docs/SystemuserputRelationships.md @@ -0,0 +1,8 @@ +# JCAPIv1::SystemuserputRelationships + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**type** | **String** | | [optional] +**value** | **String** | | [optional] + diff --git a/jcapiv1/docs/Systemuserputpost.md b/jcapiv1/docs/Systemuserputpost.md index 3d194ce..d2fc5fe 100644 --- a/jcapiv1/docs/Systemuserputpost.md +++ b/jcapiv1/docs/Systemuserputpost.md @@ -7,11 +7,13 @@ Name | Type | Description | Notes **activated** | **BOOLEAN** | | [optional] **addresses** | [**Array<SystemuserputpostAddresses>**](SystemuserputpostAddresses.md) | | [optional] **allow_public_key** | **BOOLEAN** | | [optional] -**attributes** | **Array<Object>** | | [optional] +**alternate_email** | **String** | | [optional] +**attributes** | [**Array<SystemuserputAttributes>**](SystemuserputAttributes.md) | | [optional] **company** | **String** | | [optional] **cost_center** | **String** | | [optional] **department** | **String** | | [optional] **description** | **String** | | [optional] +**disable_device_max_login_attempts** | **BOOLEAN** | | [optional] **displayname** | **String** | | [optional] **email** | **String** | | **employee_identifier** | **String** | Must be unique per user. | [optional] @@ -19,6 +21,7 @@ Name | Type | Description | Notes **enable_managed_uid** | **BOOLEAN** | | [optional] **enable_user_portal_multifactor** | **BOOLEAN** | | [optional] **external_dn** | **String** | | [optional] +**external_password_expiration_date** | **DateTime** | | [optional] **external_source_type** | **String** | | [optional] **externally_managed** | **BOOLEAN** | | [optional] **firstname** | **String** | | [optional] @@ -26,6 +29,8 @@ Name | Type | Description | Notes **lastname** | **String** | | [optional] **ldap_binding_user** | **BOOLEAN** | | [optional] **location** | **String** | | [optional] +**managed_apple_id** | **String** | | [optional] +**manager** | **String** | Relation with another systemuser to identify the last as a manager. | [optional] **mfa** | [**Mfa**](Mfa.md) | | [optional] **middlename** | **String** | | [optional] **password** | **String** | | [optional] @@ -33,8 +38,10 @@ Name | Type | Description | Notes **passwordless_sudo** | **BOOLEAN** | | [optional] **phone_numbers** | [**Array<SystemuserputpostPhoneNumbers>**](SystemuserputpostPhoneNumbers.md) | | [optional] **public_key** | **String** | | [optional] -**relationships** | **Array<Object>** | | [optional] +**recovery_email** | [**SystemuserputpostRecoveryEmail**](SystemuserputpostRecoveryEmail.md) | | [optional] +**relationships** | [**Array<SystemuserputRelationships>**](SystemuserputRelationships.md) | | [optional] **samba_service_user** | **BOOLEAN** | | [optional] +**state** | **String** | | [optional] **sudo** | **BOOLEAN** | | [optional] **suspended** | **BOOLEAN** | | [optional] **tags** | **Array<String>** | | [optional] @@ -42,4 +49,3 @@ Name | Type | Description | Notes **unix_uid** | **Integer** | | [optional] **username** | **String** | | - diff --git a/jcapiv1/docs/SystemuserputpostAddresses.md b/jcapiv1/docs/SystemuserputpostAddresses.md index f58ea93..22960d0 100644 --- a/jcapiv1/docs/SystemuserputpostAddresses.md +++ b/jcapiv1/docs/SystemuserputpostAddresses.md @@ -12,4 +12,3 @@ Name | Type | Description | Notes **street_address** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemuserputpostPhoneNumbers.md b/jcapiv1/docs/SystemuserputpostPhoneNumbers.md index 8cab943..c6ce186 100644 --- a/jcapiv1/docs/SystemuserputpostPhoneNumbers.md +++ b/jcapiv1/docs/SystemuserputpostPhoneNumbers.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **number** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemuserputpostRecoveryEmail.md b/jcapiv1/docs/SystemuserputpostRecoveryEmail.md new file mode 100644 index 0000000..372c1fb --- /dev/null +++ b/jcapiv1/docs/SystemuserputpostRecoveryEmail.md @@ -0,0 +1,7 @@ +# JCAPIv1::SystemuserputpostRecoveryEmail + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**address** | **String** | | [optional] + diff --git a/jcapiv1/docs/Systemuserreturn.md b/jcapiv1/docs/Systemuserreturn.md index 205591f..a37390f 100644 --- a/jcapiv1/docs/Systemuserreturn.md +++ b/jcapiv1/docs/Systemuserreturn.md @@ -5,16 +5,20 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **_id** | **String** | | [optional] **account_locked** | **BOOLEAN** | | [optional] +**account_locked_date** | **String** | | [optional] **activated** | **BOOLEAN** | | [optional] **addresses** | [**Array<SystemuserreturnAddresses>**](SystemuserreturnAddresses.md) | | [optional] **allow_public_key** | **BOOLEAN** | | [optional] -**attributes** | **Array<Object>** | | [optional] +**alternate_email** | **String** | | [optional] +**attributes** | [**Array<SystemuserputAttributes>**](SystemuserputAttributes.md) | | [optional] **bad_login_attempts** | **Integer** | | [optional] **company** | **String** | | [optional] **cost_center** | **String** | | [optional] **created** | **String** | | [optional] +**creation_source** | **String** | | [optional] **department** | **String** | | [optional] **description** | **String** | | [optional] +**disable_device_max_login_attempts** | **BOOLEAN** | | [optional] **displayname** | **String** | | [optional] **email** | **String** | | [optional] **employee_identifier** | **String** | Must be unique per user. | [optional] @@ -22,6 +26,7 @@ Name | Type | Description | Notes **enable_managed_uid** | **BOOLEAN** | | [optional] **enable_user_portal_multifactor** | **BOOLEAN** | | [optional] **external_dn** | **String** | | [optional] +**external_password_expiration_date** | **String** | | [optional] **external_source_type** | **String** | | [optional] **externally_managed** | **BOOLEAN** | | [optional] **firstname** | **String** | | [optional] @@ -29,18 +34,24 @@ Name | Type | Description | Notes **lastname** | **String** | | [optional] **ldap_binding_user** | **BOOLEAN** | | [optional] **location** | **String** | | [optional] +**managed_apple_id** | **String** | | [optional] +**manager** | **String** | Relation with another systemuser to identify the last as a manager. | [optional] **mfa** | [**Mfa**](Mfa.md) | | [optional] +**mfa_enrollment** | [**MfaEnrollment**](MfaEnrollment.md) | | [optional] **middlename** | **String** | | [optional] **organization** | **String** | | [optional] +**password_date** | **String** | | [optional] **password_expiration_date** | **String** | | [optional] **password_expired** | **BOOLEAN** | | [optional] **password_never_expires** | **BOOLEAN** | | [optional] **passwordless_sudo** | **BOOLEAN** | | [optional] **phone_numbers** | [**Array<SystemuserreturnPhoneNumbers>**](SystemuserreturnPhoneNumbers.md) | | [optional] **public_key** | **String** | | [optional] -**relationships** | **Array<Object>** | | [optional] +**recovery_email** | [**SystemuserreturnRecoveryEmail**](SystemuserreturnRecoveryEmail.md) | | [optional] +**relationships** | [**Array<SystemuserputRelationships>**](SystemuserputRelationships.md) | | [optional] **samba_service_user** | **BOOLEAN** | | [optional] **ssh_keys** | [**Array<Sshkeylist>**](Sshkeylist.md) | | [optional] +**state** | **String** | | [optional] **sudo** | **BOOLEAN** | | [optional] **suspended** | **BOOLEAN** | | [optional] **tags** | **Array<String>** | | [optional] @@ -49,4 +60,3 @@ Name | Type | Description | Notes **unix_uid** | **Integer** | | [optional] **username** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemuserreturnAddresses.md b/jcapiv1/docs/SystemuserreturnAddresses.md index 6edcaf0..ab11563 100644 --- a/jcapiv1/docs/SystemuserreturnAddresses.md +++ b/jcapiv1/docs/SystemuserreturnAddresses.md @@ -13,4 +13,3 @@ Name | Type | Description | Notes **street_address** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemuserreturnPhoneNumbers.md b/jcapiv1/docs/SystemuserreturnPhoneNumbers.md index a78a8d2..c1579ec 100644 --- a/jcapiv1/docs/SystemuserreturnPhoneNumbers.md +++ b/jcapiv1/docs/SystemuserreturnPhoneNumbers.md @@ -7,4 +7,3 @@ Name | Type | Description | Notes **number** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv1/docs/SystemuserreturnRecoveryEmail.md b/jcapiv1/docs/SystemuserreturnRecoveryEmail.md new file mode 100644 index 0000000..add33bb --- /dev/null +++ b/jcapiv1/docs/SystemuserreturnRecoveryEmail.md @@ -0,0 +1,9 @@ +# JCAPIv1::SystemuserreturnRecoveryEmail + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**address** | **String** | | [optional] +**verified** | **BOOLEAN** | | [optional] +**verified_at** | **String** | | [optional] + diff --git a/jcapiv1/docs/SystemusersApi.md b/jcapiv1/docs/SystemusersApi.md index d2e8e73..7a98928 100644 --- a/jcapiv1/docs/SystemusersApi.md +++ b/jcapiv1/docs/SystemusersApi.md @@ -4,22 +4,23 @@ All URIs are relative to *https://console.jumpcloud.com/api* Method | HTTP request | Description ------------- | ------------- | ------------- -[**sshkey_delete**](SystemusersApi.md#sshkey_delete) | **DELETE** /systemusers/{systemuser_id}/sshkeys/{id} | Delete a system user's Public SSH Keys -[**sshkey_list**](SystemusersApi.md#sshkey_list) | **GET** /systemusers/{id}/sshkeys | List a system user's public SSH keys -[**sshkey_post**](SystemusersApi.md#sshkey_post) | **POST** /systemusers/{id}/sshkeys | Create a system user's Public SSH Key +[**sshkey_delete**](SystemusersApi.md#sshkey_delete) | **DELETE** /systemusers/{systemuser_id}/sshkeys/{id} | Delete a system user's Public SSH Keys +[**sshkey_list**](SystemusersApi.md#sshkey_list) | **GET** /systemusers/{id}/sshkeys | List a system user's public SSH keys +[**sshkey_post**](SystemusersApi.md#sshkey_post) | **POST** /systemusers/{id}/sshkeys | Create a system user's Public SSH Key [**systemusers_delete**](SystemusersApi.md#systemusers_delete) | **DELETE** /systemusers/{id} | Delete a system user +[**systemusers_expire**](SystemusersApi.md#systemusers_expire) | **POST** /systemusers/{id}/expire | Expire a system user's password [**systemusers_get**](SystemusersApi.md#systemusers_get) | **GET** /systemusers/{id} | List a system user [**systemusers_list**](SystemusersApi.md#systemusers_list) | **GET** /systemusers | List all system users +[**systemusers_mfasync**](SystemusersApi.md#systemusers_mfasync) | **POST** /systemusers/{id}/mfasync | Sync a systemuser's mfa enrollment status [**systemusers_post**](SystemusersApi.md#systemusers_post) | **POST** /systemusers | Create a system user [**systemusers_put**](SystemusersApi.md#systemusers_put) | **PUT** /systemusers/{id} | Update a system user -[**systemusers_resetmfa**](SystemusersApi.md#systemusers_resetmfa) | **POST** /systemusers/{id}/resetmfa | Reset a system user's MFA token -[**systemusers_systems_binding_list**](SystemusersApi.md#systemusers_systems_binding_list) | **GET** /systemusers/{id}/systems | List system user binding -[**systemusers_systems_binding_put**](SystemusersApi.md#systemusers_systems_binding_put) | **PUT** /systemusers/{id}/systems | Update a system user binding +[**systemusers_resetmfa**](SystemusersApi.md#systemusers_resetmfa) | **POST** /systemusers/{id}/resetmfa | Reset a system user's MFA token +[**systemusers_state_activate**](SystemusersApi.md#systemusers_state_activate) | **POST** /systemusers/{id}/state/activate | Activate System User +[**systemusers_totp_info**](SystemusersApi.md#systemusers_totp_info) | **GET** /systemusers/{id}/totpinfo | Display info about a System User's TOTP enrollment. [**systemusers_unlock**](SystemusersApi.md#systemusers_unlock) | **POST** /systemusers/{id}/unlock | Unlock a system user - # **sshkey_delete** -> sshkey_delete(systemuser_id, id, content_type, accept, opts) +> String sshkey_delete(systemuser_id, id, opts) Delete a system user's Public SSH Keys @@ -38,22 +39,16 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new - -systemuser_id = "systemuser_id_example" # String | - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +systemuser_id = 'systemuser_id_example' # String | +id = 'id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | } begin #Delete a system user's Public SSH Keys - api_instance.sshkey_delete(systemuser_id, id, content_type, accept, opts) + result = api_instance.sshkey_delete(systemuser_id, id, opts) + p result rescue JCAPIv1::ApiError => e puts "Exception when calling SystemusersApi->sshkey_delete: #{e}" end @@ -65,13 +60,11 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **systemuser_id** | **String**| | **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type -nil (empty response body) +**String** ### Authorization @@ -79,13 +72,13 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json - - **Accept**: application/json + - **Content-Type**: Not defined + - **Accept**: application/json, text/plain # **sshkey_list** -> Array<Sshkeylist> sshkey_list(id, content_type, accept, opts) +> Array<Sshkeylist> sshkey_list(id, opts) List a system user's public SSH keys @@ -104,20 +97,14 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | } begin #List a system user's public SSH keys - result = api_instance.sshkey_list(id, content_type, accept, opts) + result = api_instance.sshkey_list(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling SystemusersApi->sshkey_list: #{e}" @@ -129,9 +116,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type @@ -143,13 +128,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **sshkey_post** -> Sshkeylist sshkey_post(id, content_type, accept, opts) +> Sshkeylist sshkey_post(id, opts) Create a system user's Public SSH Key @@ -168,21 +153,15 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - body: JCAPIv1::Sshkeypost.new, # Sshkeypost | - x_org_id: "" # String | + body: JCAPIv1::Sshkeypost.new # Sshkeypost | + x_org_id: 'x_org_id_example' # String | } begin #Create a system user's Public SSH Key - result = api_instance.sshkey_post(id, content_type, accept, opts) + result = api_instance.sshkey_post(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling SystemusersApi->sshkey_post: #{e}" @@ -194,10 +173,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Sshkeypost**](Sshkeypost.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type @@ -215,7 +192,7 @@ Name | Type | Description | Notes # **systemusers_delete** -> Systemuserreturn systemusers_delete(id, content_type, accept, opts) +> Systemuserreturn systemusers_delete(id, opts) Delete a system user @@ -234,20 +211,15 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | + cascade_manager: 'cascade_manager_example' # String | This is an optional flag that can be enabled on the DELETE call, DELETE /systemusers/{id}?cascade_manager=null. This parameter will clear the Manager attribute on all direct reports and then delete the account. } begin #Delete a system user - result = api_instance.systemusers_delete(id, content_type, accept, opts) + result = api_instance.systemusers_delete(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling SystemusersApi->systemusers_delete: #{e}" @@ -259,9 +231,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] + **cascade_manager** | **String**| This is an optional flag that can be enabled on the DELETE call, DELETE /systemusers/{id}?cascade_manager=null. This parameter will clear the Manager attribute on all direct reports and then delete the account. | [optional] ### Return type @@ -273,17 +244,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systemusers_get** -> Systemuserreturn systemusers_get(id, content_type, accept, opts) +# **systemusers_expire** +> String systemusers_expire(id, opts) -List a system user +Expire a system user's password -This endpoint returns a particular System User. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint allows you to expire a user's password. ### Example ```ruby @@ -298,22 +269,72 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | +} + +begin + #Expire a system user's password + result = api_instance.systemusers_expire(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_expire: #{e}" +end +``` + +### Parameters -id = "id_example" # String | +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **x_org_id** | **String**| | [optional] + +### Return type -content_type = "application/json" # String | +**String** -accept = "application/json" # String | +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json, text/plain + + + +# **systemusers_get** +> Systemuserreturn systemusers_get(id, opts) + +List a system user + +This endpoint returns a particular System User. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + fields: 'fields_example', # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example' # String | } begin #List a system user - result = api_instance.systemusers_get(id, content_type, accept, opts) + result = api_instance.systemusers_get(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling SystemusersApi->systemusers_get: #{e}" @@ -325,11 +346,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] + **x_org_id** | **String**| | [optional] ### Return type @@ -341,13 +360,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **systemusers_list** -> Systemuserslist systemusers_list(content_type, accept, opts) +> Systemuserslist systemusers_list(opts) List all system users @@ -366,24 +385,19 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { limit: 10, # Integer | The number of records to return at once. skip: 0, # Integer | The offset into the records to return. - sort: "", # String | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - fields: "", # String | The comma separated fields included in the returned records. If omitted the default list of fields will be returned. - x_org_id: "" # String | - search: "search_example", # String | A nested object containing a string `searchTerm` and a list of `fields` to search on. - filter: "filter_example" # String | A filter to apply to the query. + sort: 'sort_example', # String | The space separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + fields: 'fields_example', # String | The space separated fields included in the returned records. If omitted the default list of fields will be returned. + filter: 'filter_example', # String | A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/` endpoints, e.g. `/search/systems`. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + x_org_id: 'x_org_id_example', # String | + search: 'search_example' # String | A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. } begin #List all system users - result = api_instance.systemusers_list(content_type, accept, opts) + result = api_instance.systemusers_list(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling SystemusersApi->systemusers_list: #{e}" @@ -394,15 +408,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | **String**| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] [default to ] - **fields** | **String**| The comma separated fields included in the returned records. If omitted the default list of fields will be returned. | [optional] [default to ] - **x_org_id** | **String**| | [optional] [default to ] - **search** | **String**| A nested object containing a string `searchTerm` and a list of `fields` to search on. | [optional] - **filter** | **String**| A filter to apply to the query. | [optional] + **sort** | **String**| The space separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **fields** | **String**| The space separated fields included in the returned records. If omitted the default list of fields will be returned. | [optional] + **filter** | **String**| A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. | [optional] + **x_org_id** | **String**| | [optional] + **search** | **String**| A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. | [optional] ### Return type @@ -414,17 +426,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systemusers_post** -> Systemuserreturn systemusers_post(content_type, accept, opts) +# **systemusers_mfasync** +> systemusers_mfasync(id) -Create a system user +Sync a systemuser's mfa enrollment status -This endpoint allows you to create a new system user. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"username\":\"{username}\", \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` +This endpoint allows you to re-sync a user's mfa enrollment status #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/mfasync \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` ### Example ```ruby @@ -439,19 +451,67 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new +id = 'id_example' # String | + + +begin + #Sync a systemuser's mfa enrollment status + api_instance.systemusers_mfasync(id) +rescue JCAPIv1::ApiError => e + puts "Exception when calling SystemusersApi->systemusers_mfasync: #{e}" +end +``` + +### Parameters -content_type = "application/json" # String | +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization -accept = "application/json" # String | +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systemusers_post** +> Systemuserreturn systemusers_post(opts) + +Create a system user + +\"This endpoint allows you to create a new system user. #### Default User State The `state` of the user can be explicitly passed in or omitted. If `state` is omitted from the request, then the user will get created using the value returned from the [Get an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organizations_get) endpoint. The default user state for manually created users is stored in `settings.newSystemUserStateDefaults.manualEntry` These default state values can be changed in the admin portal settings or by using the [Update an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organization_put) endpoint. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"username\":\"{username}\", \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv1::SystemusersApi.new opts = { - body: JCAPIv1::Systemuserputpost.new, # Systemuserputpost | - x_org_id: "" # String | + body: JCAPIv1::Systemuserputpost.new # Systemuserputpost | + x_org_id: 'x_org_id_example' # String | + full_validation_details: 'full_validation_details_example' # String | Pass this query parameter when a client wants all validation errors to be returned with a detailed error response for the form field specified. The current form fields are allowed: * `password` #### Password validation flag Use the `password` validation flag to receive details on a possible bad request response ``` ?fullValidationDetails=password ``` Without the flag, default behavior will be a normal 400 with only a single validation string error #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [ {\"field\": \"password\", \"description\": \"specialCharacter\"} ], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` } begin #Create a system user - result = api_instance.systemusers_post(content_type, accept, opts) + result = api_instance.systemusers_post(opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling SystemusersApi->systemusers_post: #{e}" @@ -462,10 +522,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Systemuserputpost**](Systemuserputpost.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] + **full_validation_details** | **String**| Pass this query parameter when a client wants all validation errors to be returned with a detailed error response for the form field specified. The current form fields are allowed: * `password` #### Password validation flag Use the `password` validation flag to receive details on a possible bad request response ``` ?fullValidationDetails=password ``` Without the flag, default behavior will be a normal 400 with only a single validation string error #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [ {\"field\": \"password\", \"description\": \"specialCharacter\"} ], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` | [optional] ### Return type @@ -483,7 +542,7 @@ Name | Type | Description | Notes # **systemusers_put** -> Systemuserreturn systemusers_put(id, content_type, accept, opts) +> Systemuserreturn systemusers_put(id, opts) Update a system user @@ -502,21 +561,16 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - body: JCAPIv1::Systemuserput.new, # Systemuserput | - x_org_id: "" # String | + body: JCAPIv1::Systemuserput.new # Systemuserput | + x_org_id: 'x_org_id_example' # String | + full_validation_details: 'full_validation_details_example' # String | This endpoint can take in a query when a client wants all validation errors to be returned with error response for the form field specified, i.e. 'password' #### Password validation flag Use the \"password\" validation flag to receive details on a possible bad request response Without the `password` flag, default behavior will be a normal 400 with only a validation string message ``` ?fullValidationDetails=password ``` #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [{ \"field\": \"password\", \"description\": \"passwordHistory\" }], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` } begin #Update a system user - result = api_instance.systemusers_put(id, content_type, accept, opts) + result = api_instance.systemusers_put(id, opts) p result rescue JCAPIv1::ApiError => e puts "Exception when calling SystemusersApi->systemusers_put: #{e}" @@ -528,10 +582,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Systemuserput**](Systemuserput.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] + **full_validation_details** | **String**| This endpoint can take in a query when a client wants all validation errors to be returned with error response for the form field specified, i.e. 'password' #### Password validation flag Use the \"password\" validation flag to receive details on a possible bad request response Without the `password` flag, default behavior will be a normal 400 with only a validation string message ``` ?fullValidationDetails=password ``` #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [{ \"field\": \"password\", \"description\": \"passwordHistory\" }], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` | [optional] ### Return type @@ -549,11 +602,11 @@ Name | Type | Description | Notes # **systemusers_resetmfa** -> systemusers_resetmfa(id, content_type, accept, opts) +> String systemusers_resetmfa(id, opts) Reset a system user's MFA token -This endpoint allows you to reset the TOTP key for a specified system user and put them in an TOTP MFA enrollment period. This will result in the user being prompted to setup TOTP MFA when logging into userportal. Please be aware that if the user does not complete TOTP MFA setup before the `exclusionUntil` date, they will be locked out of any resources that require TOTP MFA. Please refer to our [Knowledge Base Article](https://support.jumpcloud.com/customer/en/portal/articles/2959138-using-multifactor-authentication-with-jumpcloud) on setting up MFA for more information. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/resetmfa \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"exclusion\": true, \"exclusionUntil\": \"{date-time}\"}' ``` +This endpoint allows you to reset the TOTP key for a specified system user and put them in an TOTP MFA enrollment period. This will result in the user being prompted to setup TOTP MFA when logging into userportal. Please be aware that if the user does not complete TOTP MFA setup before the `exclusionUntil` date, they will be locked out of any resources that require TOTP MFA. Please refer to our [Knowledge Base Article](https://support.jumpcloud.com/customer/en/portal/articles/2959138-using-multifactor-authentication-with-jumpcloud) on setting up MFA for more information. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/resetmfa \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"exclusion\": true, \"exclusionUntil\": \"{date-time}\"}' ``` ### Example ```ruby @@ -568,21 +621,16 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - body: JCAPIv1::Body1.new, # Body1 | - x_org_id: "" # String | + body: JCAPIv1::IdResetmfaBody.new # IdResetmfaBody | + x_org_id: 'x_org_id_example' # String | } begin #Reset a system user's MFA token - api_instance.systemusers_resetmfa(id, content_type, accept, opts) + result = api_instance.systemusers_resetmfa(id, opts) + p result rescue JCAPIv1::ApiError => e puts "Exception when calling SystemusersApi->systemusers_resetmfa: #{e}" end @@ -593,14 +641,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Body1**](Body1.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**IdResetmfaBody**](IdResetmfaBody.md)| | [optional] + **x_org_id** | **String**| | [optional] ### Return type -nil (empty response body) +**String** ### Authorization @@ -609,16 +655,16 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: application/json, text/plain -# **systemusers_systems_binding_list** -> Object systemusers_systems_binding_list(id, content_type, accept, opts) +# **systemusers_state_activate** +> String systemusers_state_activate(id, opts) -List system user binding +Activate System User -Hidden as Tags is deprecated Adds or removes a system binding for a user. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). List system bindings for a specific system user in a system and user binding format. ### Examples #### List system bindings for specific system user ``` curl \\ -H 'Content-Type: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systemusers/[SYSTEM_USER_ID_HERE]/systems\" ``` +This endpoint changes the state of a STAGED user to ACTIVATED. #### Email Flag Use the \"email\" flag to determine whether or not to send a Welcome or Activation email to the newly activated user. Sending an empty body without the `email` flag, will send an email with default behavior (see the \"Behavior\" section below) ``` {} ``` Sending `email=true` flag will send an email with default behavior (see `Behavior` below) ``` { \"email\": true } ``` Populated email will override the default behavior and send to the specified email value ``` { \"email\": \"example@example.com\" } ``` Sending `email=false` will suppress sending the email ``` { \"email\": false } ``` #### Behavior Users with a password will be sent a Welcome email to: - The address specified in `email` flag in the request - If no `email` flag, the user's primary email address (default behavior) Users without a password will be sent an Activation email to: - The address specified in `email` flag in the request - If no `email` flag, the user's alternate email address (default behavior) - If no alternate email address, the user's primary email address (default behavior) #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers/{id}/state/activate \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: ' \\ -d '{ \"email\": \"alternate-activation-email@email.com\" }' ``` ### Example ```ruby @@ -633,28 +679,17 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - sort: "", # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - filter: "filter_example" # String | A filter to apply to the query. - x_org_id: "" # String | + body: JCAPIv1::StateActivateBody.new # StateActivateBody | } begin - #List system user binding - result = api_instance.systemusers_systems_binding_list(id, content_type, accept, opts) + #Activate System User + result = api_instance.systemusers_state_activate(id, opts) p result rescue JCAPIv1::ApiError => e - puts "Exception when calling SystemusersApi->systemusers_systems_binding_list: #{e}" + puts "Exception when calling SystemusersApi->systemusers_state_activate: #{e}" end ``` @@ -663,18 +698,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**StateActivateBody**](StateActivateBody.md)| | [optional] ### Return type -**Object** +**String** ### Authorization @@ -687,12 +715,12 @@ Name | Type | Description | Notes -# **systemusers_systems_binding_put** -> Usersystembinding systemusers_systems_binding_put(id, content_type, accept, opts) +# **systemusers_totp_info** +> Totpenrollmentinfo systemusers_totp_info(id, opts) -Update a system user binding +Display info about a System User's TOTP enrollment. -Hidden as Tags is deprecated Adds or removes a system binding for a user. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). ### Example #### Add (or remove) system to system user ``` curl \\ -d '{ \"add\": [\"[SYSTEM_ID_TO_ADD_HERE]\"], \"remove\": [\"[SYSTEM_ID_TO_REMOVE_HERE]\"] }' \\ -X PUT \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systemusers/[SYSTEM_USER_ID_HERE]/systems\" ``` +This endpoint will return info for a specific System User's TOTP enrollment. ### Example ```ruby @@ -707,24 +735,17 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - body: JCAPIv1::Usersystembindingsput.new, # Usersystembindingsput | - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | } begin - #Update a system user binding - result = api_instance.systemusers_systems_binding_put(id, content_type, accept, opts) + #Display info about a System User's TOTP enrollment. + result = api_instance.systemusers_totp_info(id, opts) p result rescue JCAPIv1::ApiError => e - puts "Exception when calling SystemusersApi->systemusers_systems_binding_put: #{e}" + puts "Exception when calling SystemusersApi->systemusers_totp_info: #{e}" end ``` @@ -733,14 +754,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Usersystembindingsput**](Usersystembindingsput.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type -[**Usersystembinding**](Usersystembinding.md) +[**Totpenrollmentinfo**](Totpenrollmentinfo.md) ### Authorization @@ -748,13 +766,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **systemusers_unlock** -> systemusers_unlock(id, content_type, accept, opts) +> String systemusers_unlock(id, opts) Unlock a system user @@ -773,20 +791,15 @@ JCAPIv1.configure do |config| end api_instance = JCAPIv1::SystemusersApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | } begin #Unlock a system user - api_instance.systemusers_unlock(id, content_type, accept, opts) + result = api_instance.systemusers_unlock(id, opts) + p result rescue JCAPIv1::ApiError => e puts "Exception when calling SystemusersApi->systemusers_unlock: #{e}" end @@ -797,13 +810,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| | [optional] ### Return type -nil (empty response body) +**String** ### Authorization @@ -811,8 +822,8 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json - - **Accept**: application/json + - **Content-Type**: Not defined + - **Accept**: application/json, text/plain diff --git a/jcapiv1/docs/Systemuserslist.md b/jcapiv1/docs/Systemuserslist.md index 7be1d56..35a5799 100644 --- a/jcapiv1/docs/Systemuserslist.md +++ b/jcapiv1/docs/Systemuserslist.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **results** | [**Array<Systemuserreturn>**](Systemuserreturn.md) | The list of system users. | [optional] **total_count** | **Integer** | The total number of system users. | [optional] - diff --git a/jcapiv1/docs/Tag.md b/jcapiv1/docs/Tag.md deleted file mode 100644 index 0cf83cd..0000000 --- a/jcapiv1/docs/Tag.md +++ /dev/null @@ -1,19 +0,0 @@ -# JCAPIv1::Tag - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**_id** | **String** | | [optional] -**expired** | **BOOLEAN** | | [optional] -**external_dn** | **String** | | [optional] -**external_source_type** | **String** | | [optional] -**externally_managed** | **BOOLEAN** | | [optional] -**group_gid** | **String** | | [optional] -**group_name** | **String** | | [optional] -**name** | **String** | A unique name for the Tag. | [optional] -**regular_expressions** | **Array<String>** | | [optional] -**send_to_ldap** | **BOOLEAN** | | [optional] -**systems** | **Array<String>** | An array of system ids that are associated to the Tag. | [optional] -**systemusers** | **Array<String>** | An array of system user ids that are associated to the Tag. | [optional] - - diff --git a/jcapiv1/docs/Tagpost.md b/jcapiv1/docs/Tagpost.md deleted file mode 100644 index 3e8db61..0000000 --- a/jcapiv1/docs/Tagpost.md +++ /dev/null @@ -1,17 +0,0 @@ -# JCAPIv1::Tagpost - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**external_dn** | **String** | | [optional] -**external_source_type** | **String** | | [optional] -**externally_managed** | **BOOLEAN** | | [optional] -**group_gid** | **String** | | [optional] -**group_name** | **String** | | [optional] -**name** | **String** | A unique name for the Tag. | -**regular_expressions** | **Array<String>** | | [optional] -**send_to_ldap** | **BOOLEAN** | | [optional] -**systems** | **Array<String>** | An array of system ids that are associated to the Tag. | [optional] -**systemusers** | **Array<String>** | An array of system user ids that are associated to the Tag. | [optional] - - diff --git a/jcapiv1/docs/Tagput.md b/jcapiv1/docs/Tagput.md deleted file mode 100644 index dda24d0..0000000 --- a/jcapiv1/docs/Tagput.md +++ /dev/null @@ -1,17 +0,0 @@ -# JCAPIv1::Tagput - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**external_dn** | **String** | | [optional] -**external_source_type** | **String** | | [optional] -**externally_managed** | **BOOLEAN** | | [optional] -**group_gid** | **String** | | [optional] -**group_name** | **String** | | [optional] -**name** | **String** | A unique name for the Tag. | [optional] -**regular_expressions** | **Array<String>** | | [optional] -**send_to_ldap** | **BOOLEAN** | | [optional] -**systems** | **Array<String>** | An array of system ids that are associated to the Tag. | [optional] -**systemusers** | **Array<String>** | An array of system user ids that are associated to the Tag. | [optional] - - diff --git a/jcapiv1/docs/TagsApi.md b/jcapiv1/docs/TagsApi.md deleted file mode 100644 index cbf78a4..0000000 --- a/jcapiv1/docs/TagsApi.md +++ /dev/null @@ -1,339 +0,0 @@ -# JCAPIv1::TagsApi - -All URIs are relative to *https://console.jumpcloud.com/api* - -Method | HTTP request | Description -------------- | ------------- | ------------- -[**tags_delete**](TagsApi.md#tags_delete) | **DELETE** /tags/{name} | Delete a Tag -[**tags_get**](TagsApi.md#tags_get) | **GET** /Tags/{name} | List a Tag -[**tags_list**](TagsApi.md#tags_list) | **GET** /tags | List All Tags -[**tags_post**](TagsApi.md#tags_post) | **POST** /tags | Create a Tag -[**tags_put**](TagsApi.md#tags_put) | **PUT** /Tag/{name} | Update a Tag - - -# **tags_delete** -> Tag tags_delete(name, content_type, accept) - -Delete a Tag - -Hidden as Tags is deprecated Delete a Tag. - -### Example -```ruby -# load the gem -require 'jcapiv1' -# setup authorization -JCAPIv1.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv1::TagsApi.new - -name = "name_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - - -begin - #Delete a Tag - result = api_instance.tags_delete(name, content_type, accept) - p result -rescue JCAPIv1::ApiError => e - puts "Exception when calling TagsApi->tags_delete: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **name** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - -### Return type - -[**Tag**](Tag.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - -# **tags_get** -> Tag tags_get(name, content_type, accept, opts) - -List a Tag - -Hidden as Tags is deprecated Returns a specific tag. - -### Example -```ruby -# load the gem -require 'jcapiv1' -# setup authorization -JCAPIv1.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv1::TagsApi.new - -name = "name_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - -opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - sort: "", # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - filter: "filter_example" # String | A filter to apply to the query. -} - -begin - #List a Tag - result = api_instance.tags_get(name, content_type, accept, opts) - p result -rescue JCAPIv1::ApiError => e - puts "Exception when calling TagsApi->tags_get: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **name** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] - -### Return type - -[**Tag**](Tag.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - -# **tags_list** -> Tagslist tags_list(content_type, accept, opts) - -List All Tags - -Hidden as Tags is deprecated Returns all Tags. - -### Example -```ruby -# load the gem -require 'jcapiv1' -# setup authorization -JCAPIv1.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv1::TagsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - -opts = { - fields: "", # String | Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - sort: "", # String | Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - filter: "filter_example" # String | A filter to apply to the query. -} - -begin - #List All Tags - result = api_instance.tags_list(content_type, accept, opts) - p result -rescue JCAPIv1::ApiError => e - puts "Exception when calling TagsApi->tags_list: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | **String**| Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. | [optional] [default to ] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | **String**| Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. | [optional] [default to ] - **filter** | **String**| A filter to apply to the query. | [optional] - -### Return type - -[**Tagslist**](Tagslist.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - -# **tags_post** -> Tag tags_post(content_type, accept, opts) - -Create a Tag - -Hidden as Tags is deprecated Create a tag. ### Examples #### Create a new Tag ``` curl \\ -d '{\"name\" : \"Developers\"}' \\ -X 'POST' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/tags\" ``` - -### Example -```ruby -# load the gem -require 'jcapiv1' -# setup authorization -JCAPIv1.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv1::TagsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - -opts = { - body: JCAPIv1::Tagpost.new # Tagpost | -} - -begin - #Create a Tag - result = api_instance.tags_post(content_type, accept, opts) - p result -rescue JCAPIv1::ApiError => e - puts "Exception when calling TagsApi->tags_post: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Tagpost**](Tagpost.md)| | [optional] - -### Return type - -[**Tag**](Tag.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - -# **tags_put** -> Tag tags_put(name, content_type, accept, opts) - -Update a Tag - -Hidden as Tags is deprecated Update a specific tag. - -### Example -```ruby -# load the gem -require 'jcapiv1' -# setup authorization -JCAPIv1.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv1::TagsApi.new - -name = "name_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - -opts = { - body: JCAPIv1::Tagput.new # Tagput | -} - -begin - #Update a Tag - result = api_instance.tags_put(name, content_type, accept, opts) - p result -rescue JCAPIv1::ApiError => e - puts "Exception when calling TagsApi->tags_put: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **name** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Tagput**](Tagput.md)| | [optional] - -### Return type - -[**Tag**](Tag.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - diff --git a/jcapiv1/docs/Tagslist.md b/jcapiv1/docs/Tagslist.md deleted file mode 100644 index ed7602d..0000000 --- a/jcapiv1/docs/Tagslist.md +++ /dev/null @@ -1,9 +0,0 @@ -# JCAPIv1::Tagslist - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**results** | [**Array<Tag>**](Tag.md) | The list of tags. | [optional] -**total_count** | **Integer** | The total number of tags. | [optional] - - diff --git a/jcapiv1/docs/Totpenrollmentinfo.md b/jcapiv1/docs/Totpenrollmentinfo.md new file mode 100644 index 0000000..0eb2b49 --- /dev/null +++ b/jcapiv1/docs/Totpenrollmentinfo.md @@ -0,0 +1,7 @@ +# JCAPIv1::Totpenrollmentinfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**enrollment_date** | **DateTime** | The TOTP enrollment date of the user. | [optional] + diff --git a/jcapiv1/docs/Triggerreturn.md b/jcapiv1/docs/Triggerreturn.md new file mode 100644 index 0000000..df4f7fe --- /dev/null +++ b/jcapiv1/docs/Triggerreturn.md @@ -0,0 +1,7 @@ +# JCAPIv1::Triggerreturn + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**triggered** | **Array<String>** | | [optional] + diff --git a/jcapiv1/docs/TrustedappConfigGet.md b/jcapiv1/docs/TrustedappConfigGet.md new file mode 100644 index 0000000..b8cef58 --- /dev/null +++ b/jcapiv1/docs/TrustedappConfigGet.md @@ -0,0 +1,8 @@ +# JCAPIv1::TrustedappConfigGet + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**checksum** | **String** | Checksum to validate the trustedApp configuration for the organization | +**trusted_apps** | [**Array<TrustedappConfigGetTrustedApps>**](TrustedappConfigGetTrustedApps.md) | List of authorized apps for the organization | + diff --git a/jcapiv1/docs/TrustedappConfigGetTrustedApps.md b/jcapiv1/docs/TrustedappConfigGetTrustedApps.md new file mode 100644 index 0000000..a97756f --- /dev/null +++ b/jcapiv1/docs/TrustedappConfigGetTrustedApps.md @@ -0,0 +1,9 @@ +# JCAPIv1::TrustedappConfigGetTrustedApps + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | Name of the trusted application | +**path** | **String** | Absolute path for the app's location in user's device | [optional] +**teamid** | **String** | App's Team ID | [optional] + diff --git a/jcapiv1/docs/TrustedappConfigPut.md b/jcapiv1/docs/TrustedappConfigPut.md new file mode 100644 index 0000000..d1c2f18 --- /dev/null +++ b/jcapiv1/docs/TrustedappConfigPut.md @@ -0,0 +1,7 @@ +# JCAPIv1::TrustedappConfigPut + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**trusted_apps** | [**Array<TrustedappConfigGetTrustedApps>**](TrustedappConfigGetTrustedApps.md) | List of authorized apps for the organization | + diff --git a/jcapiv1/docs/Userput.md b/jcapiv1/docs/Userput.md new file mode 100644 index 0000000..c1bf9db --- /dev/null +++ b/jcapiv1/docs/Userput.md @@ -0,0 +1,13 @@ +# JCAPIv1::Userput + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**email** | **String** | | [optional] +**enable_multi_factor** | **BOOLEAN** | | [optional] +**firstname** | **String** | | [optional] +**growth_data** | **Object** | | [optional] +**last_whats_new_checked** | **Date** | | [optional] +**lastname** | **String** | | [optional] +**role_name** | **String** | | [optional] + diff --git a/jcapiv1/docs/Userreturn.md b/jcapiv1/docs/Userreturn.md new file mode 100644 index 0000000..f776fb8 --- /dev/null +++ b/jcapiv1/docs/Userreturn.md @@ -0,0 +1,26 @@ +# JCAPIv1::Userreturn + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**_id** | **String** | | [optional] +**api_key_updated_at** | **DateTime** | | [optional] +**created** | **DateTime** | | [optional] +**disable_introduction** | **BOOLEAN** | | [optional] +**email** | **String** | | [optional] +**enable_multi_factor** | **BOOLEAN** | | [optional] +**firstname** | **String** | | [optional] +**growth_data** | [**UserreturnGrowthData**](UserreturnGrowthData.md) | | [optional] +**last_whats_new_checked** | **DateTime** | | [optional] +**lastname** | **String** | | [optional] +**organization** | **String** | | [optional] +**password_updated_at** | **DateTime** | | [optional] +**provider** | **String** | | [optional] +**role** | **String** | | [optional] +**role_name** | **String** | | [optional] +**session_count** | **Integer** | | [optional] +**suspended** | **BOOLEAN** | | [optional] +**totp_enrolled** | **BOOLEAN** | | [optional] +**totp_updated_at** | **DateTime** | | [optional] +**users_time_zone** | **String** | | [optional] + diff --git a/jcapiv1/docs/UserreturnGrowthData.md b/jcapiv1/docs/UserreturnGrowthData.md new file mode 100644 index 0000000..1dfb3ea --- /dev/null +++ b/jcapiv1/docs/UserreturnGrowthData.md @@ -0,0 +1,8 @@ +# JCAPIv1::UserreturnGrowthData + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**experiment_states** | **Hash** | | [optional] +**onboarding_state** | **Hash** | | [optional] + diff --git a/jcapiv1/docs/UsersApi.md b/jcapiv1/docs/UsersApi.md new file mode 100644 index 0000000..e2440b4 --- /dev/null +++ b/jcapiv1/docs/UsersApi.md @@ -0,0 +1,172 @@ +# JCAPIv1::UsersApi + +All URIs are relative to *https://console.jumpcloud.com/api* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**admin_totpreset_begin**](UsersApi.md#admin_totpreset_begin) | **POST** /users/resettotp/{id} | Administrator TOTP Reset Initiation +[**users_put**](UsersApi.md#users_put) | **PUT** /users/{id} | Update a user +[**users_reactivate_get**](UsersApi.md#users_reactivate_get) | **GET** /users/reactivate/{id} | Administrator Password Reset Initiation + +# **admin_totpreset_begin** +> admin_totpreset_begin(id) + +Administrator TOTP Reset Initiation + +This endpoint initiates a TOTP reset for an admin. This request does not accept a body. + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::UsersApi.new +id = 'id_example' # String | + + +begin + #Administrator TOTP Reset Initiation + api_instance.admin_totpreset_begin(id) +rescue JCAPIv1::ApiError => e + puts "Exception when calling UsersApi->admin_totpreset_begin: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **users_put** +> Userreturn users_put(id, opts) + +Update a user + +This endpoint allows you to update a user. + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::UsersApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv1::Userput.new # Userput | + x_org_id: 'x_org_id_example' # String | +} + +begin + #Update a user + result = api_instance.users_put(id, opts) + p result +rescue JCAPIv1::ApiError => e + puts "Exception when calling UsersApi->users_put: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**Userput**](Userput.md)| | [optional] + **x_org_id** | **String**| | [optional] + +### Return type + +[**Userreturn**](Userreturn.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **users_reactivate_get** +> users_reactivate_get(id) + +Administrator Password Reset Initiation + +This endpoint triggers the sending of a reactivation e-mail to an administrator. + +### Example +```ruby +# load the gem +require 'jcapiv1' +# setup authorization +JCAPIv1.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv1::UsersApi.new +id = 'id_example' # String | + + +begin + #Administrator Password Reset Initiation + api_instance.users_reactivate_get(id) +rescue JCAPIv1::ApiError => e + puts "Exception when calling UsersApi->users_reactivate_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv1/docs/Usersystembindingsput.md b/jcapiv1/docs/Usersystembindingsput.md deleted file mode 100644 index c38a32a..0000000 --- a/jcapiv1/docs/Usersystembindingsput.md +++ /dev/null @@ -1,9 +0,0 @@ -# JCAPIv1::Usersystembindingsput - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**add** | **Array<String>** | The list of system ids to be added to this user. | -**remove** | **Array<String>** | The list of system ids to be removed from this user. | - - diff --git a/jcapiv1/jcapiv1.gemspec b/jcapiv1/jcapiv1.gemspec index 1102153..3470cf1 100644 --- a/jcapiv1/jcapiv1.gemspec +++ b/jcapiv1/jcapiv1.gemspec @@ -1,15 +1,14 @@ # -*- encoding: utf-8 -*- -# + =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end $:.push File.expand_path("../lib", __FILE__) @@ -20,26 +19,19 @@ Gem::Specification.new do |s| s.version = JCAPIv1::VERSION s.platform = Gem::Platform::RUBY s.authors = ["Swagger-Codegen"] - s.email = [""] + s.email = ["support@jumpcloud.com"] s.homepage = "https://github.com/swagger-api/swagger-codegen" - s.summary = "JumpCloud APIs Ruby Gem" - s.description = " JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users." - # TODO uncommnet and update below with a proper license - #s.license = "Apache 2.0" + s.summary = "JumpCloud API Ruby Gem" + s.description = "# Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) " + s.license = "Unlicense" s.required_ruby_version = ">= 1.9" s.add_runtime_dependency 'typhoeus', '~> 1.0', '>= 1.0.1' s.add_runtime_dependency 'json', '~> 2.1', '>= 2.1.0' s.add_development_dependency 'rspec', '~> 3.6', '>= 3.6.0' - s.add_development_dependency 'vcr', '~> 3.0', '>= 3.0.1' - s.add_development_dependency 'webmock', '~> 1.24', '>= 1.24.3' - s.add_development_dependency 'autotest', '~> 4.4', '>= 4.4.6' - s.add_development_dependency 'autotest-rails-pure', '~> 4.1', '>= 4.1.2' - s.add_development_dependency 'autotest-growl', '~> 0.2', '>= 0.2.16' - s.add_development_dependency 'autotest-fsevent', '~> 0.2', '>= 0.2.12' - - s.files = `find *`.split("\n").uniq.sort.select{|f| !f.empty? } + + s.files = `find *`.split("\n").uniq.sort.select { |f| !f.empty? } s.test_files = `find spec/*`.split("\n") s.executables = [] s.require_paths = ["lib"] diff --git a/jcapiv1/lib/jcapiv1.rb b/jcapiv1/lib/jcapiv1.rb index ed696fc..0eda012 100644 --- a/jcapiv1/lib/jcapiv1.rb +++ b/jcapiv1/lib/jcapiv1.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end # Common files @@ -25,12 +24,15 @@ require 'jcapiv1/models/application_config_constant_attributes' require 'jcapiv1/models/application_config_constant_attributes_value' require 'jcapiv1/models/application_config_database_attributes' +require 'jcapiv1/models/application_config_sign_assertion' +require 'jcapiv1/models/application_logo' require 'jcapiv1/models/applicationslist' require 'jcapiv1/models/applicationtemplate' require 'jcapiv1/models/applicationtemplate_jit' +require 'jcapiv1/models/applicationtemplate_logo' +require 'jcapiv1/models/applicationtemplate_oidc' +require 'jcapiv1/models/applicationtemplate_provision' require 'jcapiv1/models/applicationtemplateslist' -require 'jcapiv1/models/body' -require 'jcapiv1/models/body_1' require 'jcapiv1/models/command' require 'jcapiv1/models/commandfilereturn' require 'jcapiv1/models/commandfilereturn_results' @@ -38,46 +40,87 @@ require 'jcapiv1/models/commandresult_response' require 'jcapiv1/models/commandresult_response_data' require 'jcapiv1/models/commandresultslist' +require 'jcapiv1/models/commandresultslist_results' require 'jcapiv1/models/commandslist' require 'jcapiv1/models/commandslist_results' -require 'jcapiv1/models/errorresponse' +require 'jcapiv1/models/error' +require 'jcapiv1/models/error_details' require 'jcapiv1/models/fde' +require 'jcapiv1/models/id_resetmfa_body' +require 'jcapiv1/models/inline_response_200' +require 'jcapiv1/models/inline_response_412' require 'jcapiv1/models/mfa' +require 'jcapiv1/models/mfa_enrollment' +require 'jcapiv1/models/mfa_enrollment_status' +require 'jcapiv1/models/organization' +require 'jcapiv1/models/organizationentitlement' +require 'jcapiv1/models/organizationentitlement_entitlement_products' +require 'jcapiv1/models/organizations_id_body' +require 'jcapiv1/models/organizationsettings' +require 'jcapiv1/models/organizationsettings_features' +require 'jcapiv1/models/organizationsettings_features_directory_insights' +require 'jcapiv1/models/organizationsettings_features_directory_insights_premium' +require 'jcapiv1/models/organizationsettings_features_system_insights' +require 'jcapiv1/models/organizationsettings_new_system_user_state_defaults' +require 'jcapiv1/models/organizationsettings_password_policy' +require 'jcapiv1/models/organizationsettings_user_portal' +require 'jcapiv1/models/organizationsettings_windows_mdm' +require 'jcapiv1/models/organizationsettingsput' +require 'jcapiv1/models/organizationsettingsput_new_system_user_state_defaults' +require 'jcapiv1/models/organizationsettingsput_password_policy' require 'jcapiv1/models/organizationslist' require 'jcapiv1/models/organizationslist_results' require 'jcapiv1/models/radiusserver' require 'jcapiv1/models/radiusserverpost' require 'jcapiv1/models/radiusserverput' +require 'jcapiv1/models/radiusservers_id_body' require 'jcapiv1/models/radiusserverslist' +require 'jcapiv1/models/run_command_body' require 'jcapiv1/models/search' require 'jcapiv1/models/sshkeylist' require 'jcapiv1/models/sshkeypost' +require 'jcapiv1/models/sso' +require 'jcapiv1/models/state_activate_body' require 'jcapiv1/models/system' +require 'jcapiv1/models/system_built_in_commands' +require 'jcapiv1/models/system_domain_info' +require 'jcapiv1/models/system_mdm' +require 'jcapiv1/models/system_mdm_internal' +require 'jcapiv1/models/system_mdm_windows' require 'jcapiv1/models/system_network_interfaces' +require 'jcapiv1/models/system_os_version_detail' +require 'jcapiv1/models/system_provision_metadata' +require 'jcapiv1/models/system_provision_metadata_provisioner' +require 'jcapiv1/models/system_secure_login' +require 'jcapiv1/models/system_service_account_state' require 'jcapiv1/models/system_sshd_params' require 'jcapiv1/models/system_system_insights' +require 'jcapiv1/models/system_user_metrics' require 'jcapiv1/models/systemput' require 'jcapiv1/models/systemput_agent_bound_messages' require 'jcapiv1/models/systemslist' -require 'jcapiv1/models/systemuser' -require 'jcapiv1/models/systemuserbinding' -require 'jcapiv1/models/systemuserbindingsput' require 'jcapiv1/models/systemuserput' require 'jcapiv1/models/systemuserput_addresses' +require 'jcapiv1/models/systemuserput_attributes' require 'jcapiv1/models/systemuserput_phone_numbers' +require 'jcapiv1/models/systemuserput_relationships' require 'jcapiv1/models/systemuserputpost' require 'jcapiv1/models/systemuserputpost_addresses' require 'jcapiv1/models/systemuserputpost_phone_numbers' +require 'jcapiv1/models/systemuserputpost_recovery_email' require 'jcapiv1/models/systemuserreturn' require 'jcapiv1/models/systemuserreturn_addresses' require 'jcapiv1/models/systemuserreturn_phone_numbers' +require 'jcapiv1/models/systemuserreturn_recovery_email' require 'jcapiv1/models/systemuserslist' -require 'jcapiv1/models/tag' -require 'jcapiv1/models/tagpost' -require 'jcapiv1/models/tagput' -require 'jcapiv1/models/tagslist' -require 'jcapiv1/models/usersystembinding' -require 'jcapiv1/models/usersystembindingsput' +require 'jcapiv1/models/totpenrollmentinfo' +require 'jcapiv1/models/triggerreturn' +require 'jcapiv1/models/trustedapp_config_get' +require 'jcapiv1/models/trustedapp_config_get_trusted_apps' +require 'jcapiv1/models/trustedapp_config_put' +require 'jcapiv1/models/userput' +require 'jcapiv1/models/userreturn' +require 'jcapiv1/models/userreturn_growth_data' # APIs require 'jcapiv1/api/application_templates_api' @@ -85,12 +128,13 @@ require 'jcapiv1/api/command_results_api' require 'jcapiv1/api/command_triggers_api' require 'jcapiv1/api/commands_api' +require 'jcapiv1/api/managed_service_provider_api' require 'jcapiv1/api/organizations_api' require 'jcapiv1/api/radius_servers_api' require 'jcapiv1/api/search_api' require 'jcapiv1/api/systems_api' require 'jcapiv1/api/systemusers_api' -require 'jcapiv1/api/tags_api' +require 'jcapiv1/api/users_api' module JCAPIv1 class << self diff --git a/jcapiv1/lib/jcapiv1/api/application_templates_api.rb b/jcapiv1/lib/jcapiv1/api/application_templates_api.rb index c547580..a3115d4 100644 --- a/jcapiv1/lib/jcapiv1/api/application_templates_api.rb +++ b/jcapiv1/lib/jcapiv1/api/application_templates_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv1 class ApplicationTemplatesApi attr_accessor :api_client @@ -19,59 +16,46 @@ class ApplicationTemplatesApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Get an Application Template # The endpoint returns a specific SSO / SAML Application Template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/application-templates/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort (default to The comma separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending.) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [String] :x_org_id # @return [Applicationtemplate] - def application_templates_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = application_templates_get_with_http_info(id, content_type, accept, opts) - return data + def application_templates_get(id, opts = {}) + data, _status_code, _headers = application_templates_get_with_http_info(id, opts) + data end # Get an Application Template - # The endpoint returns a specific SSO / SAML Application Template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/application-templates/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # The endpoint returns a specific SSO / SAML Application Template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/application-templates/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id - # @return [Array<(Applicationtemplate, Fixnum, Hash)>] Applicationtemplate data, response status code and response headers - def application_templates_get_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Applicationtemplate, Integer, Hash)>] Applicationtemplate data, response status code and response headers + def application_templates_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationTemplatesApi.application_templates_get ..." + @api_client.config.logger.debug 'Calling API: ApplicationTemplatesApi.application_templates_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling ApplicationTemplatesApi.application_templates_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ApplicationTemplatesApi.application_templates_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ApplicationTemplatesApi.application_templates_get" - end # resource path - local_var_path = "/application-templates/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/application-templates/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? @@ -79,80 +63,67 @@ def application_templates_get_with_http_info(id, content_type, accept, opts = {} query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Applicationtemplate' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Applicationtemplate') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ApplicationTemplatesApi#application_templates_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List Application Templates # The endpoint returns all the SSO / SAML Application Templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/application-templates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort (default to The comma separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending.) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [String] :x_org_id # @return [Applicationtemplateslist] - def application_templates_list(content_type, accept, opts = {}) - data, _status_code, _headers = application_templates_list_with_http_info(content_type, accept, opts) - return data + def application_templates_list(opts = {}) + data, _status_code, _headers = application_templates_list_with_http_info(opts) + data end # List Application Templates - # The endpoint returns all the SSO / SAML Application Templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/application-templates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # The endpoint returns all the SSO / SAML Application Templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/application-templates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id - # @return [Array<(Applicationtemplateslist, Fixnum, Hash)>] Applicationtemplateslist data, response status code and response headers - def application_templates_list_with_http_info(content_type, accept, opts = {}) + # @return [Array<(Applicationtemplateslist, Integer, Hash)>] Applicationtemplateslist data, response status code and response headers + def application_templates_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationTemplatesApi.application_templates_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ApplicationTemplatesApi.application_templates_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ApplicationTemplatesApi.application_templates_list" + @api_client.config.logger.debug 'Calling API: ApplicationTemplatesApi.application_templates_list ...' end # resource path - local_var_path = "/application-templates" + local_var_path = '/application-templates' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? @@ -160,28 +131,28 @@ def application_templates_list_with_http_info(content_type, accept, opts = {}) query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Applicationtemplateslist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Applicationtemplateslist') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ApplicationTemplatesApi#application_templates_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv1/lib/jcapiv1/api/applications_api.rb b/jcapiv1/lib/jcapiv1/api/applications_api.rb index b5c66a9..6e26422 100644 --- a/jcapiv1/lib/jcapiv1/api/applications_api.rb +++ b/jcapiv1/lib/jcapiv1/api/applications_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv1 class ApplicationsApi attr_accessor :api_client @@ -19,181 +16,158 @@ class ApplicationsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Delete an Application # The endpoint deletes an SSO / SAML Application. # @param id # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id # @return [Application] def applications_delete(id, opts = {}) data, _status_code, _headers = applications_delete_with_http_info(id, opts) - return data + data end # Delete an Application # The endpoint deletes an SSO / SAML Application. # @param id # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id - # @return [Array<(Application, Fixnum, Hash)>] Application data, response status code and response headers + # @return [Array<(Application, Integer, Hash)>] Application data, response status code and response headers def applications_delete_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationsApi.applications_delete ..." + @api_client.config.logger.debug 'Calling API: ApplicationsApi.applications_delete ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling ApplicationsApi.applications_delete" end # resource path - local_var_path = "/applications/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/applications/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = opts[:'content_type'] if !opts[:'content_type'].nil? - header_params[:'Accept'] = opts[:'accept'] if !opts[:'accept'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Application' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Application') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ApplicationsApi#applications_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get an Application # The endpoint retrieves an SSO / SAML Application. # @param id # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id # @return [Application] def applications_get(id, opts = {}) data, _status_code, _headers = applications_get_with_http_info(id, opts) - return data + data end # Get an Application # The endpoint retrieves an SSO / SAML Application. # @param id # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id - # @return [Array<(Application, Fixnum, Hash)>] Application data, response status code and response headers + # @return [Array<(Application, Integer, Hash)>] Application data, response status code and response headers def applications_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationsApi.applications_get ..." + @api_client.config.logger.debug 'Calling API: ApplicationsApi.applications_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling ApplicationsApi.applications_get" end # resource path - local_var_path = "/applications/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/applications/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = opts[:'content_type'] if !opts[:'content_type'].nil? - header_params[:'Accept'] = opts[:'accept'] if !opts[:'accept'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Application' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Application') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ApplicationsApi#applications_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Applications # The endpoint returns all your SSO / SAML Applications. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort (default to The comma separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending.) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. (default to name) + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [String] :x_org_id # @return [Applicationslist] - def applications_list(content_type, accept, opts = {}) - data, _status_code, _headers = applications_list_with_http_info(content_type, accept, opts) - return data + def applications_list(opts = {}) + data, _status_code, _headers = applications_list_with_http_info(opts) + data end # Applications - # The endpoint returns all your SSO / SAML Applications. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # The endpoint returns all your SSO / SAML Applications. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id - # @return [Array<(Applicationslist, Fixnum, Hash)>] Applicationslist data, response status code and response headers - def applications_list_with_http_info(content_type, accept, opts = {}) + # @return [Array<(Applicationslist, Integer, Hash)>] Applicationslist data, response status code and response headers + def applications_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationsApi.applications_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ApplicationsApi.applications_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ApplicationsApi.applications_list" + @api_client.config.logger.debug 'Calling API: ApplicationsApi.applications_list ...' end # resource path - local_var_path = "/applications" + local_var_path = '/applications' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? @@ -201,154 +175,148 @@ def applications_list_with_http_info(content_type, accept, opts = {}) query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Applicationslist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Applicationslist') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ApplicationsApi#applications_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create an Application # The endpoint adds a new SSO / SAML Applications. # @param [Hash] opts the optional parameters # @option opts [Application] :body - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id # @return [Application] def applications_post(opts = {}) data, _status_code, _headers = applications_post_with_http_info(opts) - return data + data end # Create an Application # The endpoint adds a new SSO / SAML Applications. # @param [Hash] opts the optional parameters # @option opts [Application] :body - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id - # @return [Array<(Application, Fixnum, Hash)>] Application data, response status code and response headers + # @return [Array<(Application, Integer, Hash)>] Application data, response status code and response headers def applications_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationsApi.applications_post ..." + @api_client.config.logger.debug 'Calling API: ApplicationsApi.applications_post ...' end # resource path - local_var_path = "/applications" + local_var_path = '/applications' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = opts[:'content_type'] if !opts[:'content_type'].nil? - header_params[:'Accept'] = opts[:'accept'] if !opts[:'accept'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Application' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Application') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ApplicationsApi#applications_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Update an Application - # The endpoint updates a SSO / SAML Application. + # The endpoint updates a SSO / SAML Application. Any fields not provided will be reset or created with default values. # @param id # @param [Hash] opts the optional parameters # @option opts [Application] :body - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id # @return [Application] def applications_put(id, opts = {}) data, _status_code, _headers = applications_put_with_http_info(id, opts) - return data + data end # Update an Application - # The endpoint updates a SSO / SAML Application. + # The endpoint updates a SSO / SAML Application. Any fields not provided will be reset or created with default values. # @param id # @param [Hash] opts the optional parameters # @option opts [Application] :body - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id - # @return [Array<(Application, Fixnum, Hash)>] Application data, response status code and response headers + # @return [Array<(Application, Integer, Hash)>] Application data, response status code and response headers def applications_put_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationsApi.applications_put ..." + @api_client.config.logger.debug 'Calling API: ApplicationsApi.applications_put ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling ApplicationsApi.applications_put" end # resource path - local_var_path = "/applications/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/applications/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = opts[:'content_type'] if !opts[:'content_type'].nil? - header_params[:'Accept'] = opts[:'accept'] if !opts[:'accept'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Application' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Application') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ApplicationsApi#applications_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv1/lib/jcapiv1/api/command_results_api.rb b/jcapiv1/lib/jcapiv1/api/command_results_api.rb index 381238b..8202a3e 100644 --- a/jcapiv1/lib/jcapiv1/api/command_results_api.rb +++ b/jcapiv1/lib/jcapiv1/api/command_results_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv1 class CommandResultsApi attr_accessor :api_client @@ -19,236 +16,193 @@ class CommandResultsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Delete a Command result - # This endpoint deletes a specific command result. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` + # This endpoint deletes a specific command result. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/commandresults/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id # @return [Commandresult] - def command_results_delete(id, content_type, accept, opts = {}) - data, _status_code, _headers = command_results_delete_with_http_info(id, content_type, accept, opts) - return data + def command_results_delete(id, opts = {}) + data, _status_code, _headers = command_results_delete_with_http_info(id, opts) + data end # Delete a Command result - # This endpoint deletes a specific command result. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` + # This endpoint deletes a specific command result. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/commandresults/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id - # @return [Array<(Commandresult, Fixnum, Hash)>] Commandresult data, response status code and response headers - def command_results_delete_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Commandresult, Integer, Hash)>] Commandresult data, response status code and response headers + def command_results_delete_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandResultsApi.command_results_delete ..." + @api_client.config.logger.debug 'Calling API: CommandResultsApi.command_results_delete ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling CommandResultsApi.command_results_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandResultsApi.command_results_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandResultsApi.command_results_delete" - end # resource path - local_var_path = "/commandresults/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/commandresults/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Commandresult' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Commandresult') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandResultsApi#command_results_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List an individual Command result # This endpoint returns a specific command result. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults/{CommandResultID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [String] :x_org_id # @return [Commandresult] - def command_results_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = command_results_get_with_http_info(id, content_type, accept, opts) - return data + def command_results_get(id, opts = {}) + data, _status_code, _headers = command_results_get_with_http_info(id, opts) + data end # List an individual Command result - # This endpoint returns a specific command result. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults/{CommandResultID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific command result. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults/{CommandResultID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id - # @return [Array<(Commandresult, Fixnum, Hash)>] Commandresult data, response status code and response headers - def command_results_get_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Commandresult, Integer, Hash)>] Commandresult data, response status code and response headers + def command_results_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandResultsApi.command_results_get ..." + @api_client.config.logger.debug 'Calling API: CommandResultsApi.command_results_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling CommandResultsApi.command_results_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandResultsApi.command_results_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandResultsApi.command_results_get" - end # resource path - local_var_path = "/commandresults/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/commandresults/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Commandresult' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Commandresult') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandResultsApi#command_results_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List all Command Results # This endpoint returns all command results. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. # @return [Commandresultslist] - def command_results_list(content_type, accept, opts = {}) - data, _status_code, _headers = command_results_list_with_http_info(content_type, accept, opts) - return data + def command_results_list(opts = {}) + data, _status_code, _headers = command_results_list_with_http_info(opts) + data end # List all Command Results - # This endpoint returns all command results. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all command results. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id - # @return [Array<(Commandresultslist, Fixnum, Hash)>] Commandresultslist data, response status code and response headers - def command_results_list_with_http_info(content_type, accept, opts = {}) + # @return [Array<(Commandresultslist, Integer, Hash)>] Commandresultslist data, response status code and response headers + def command_results_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandResultsApi.command_results_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandResultsApi.command_results_list" + @api_client.config.logger.debug 'Calling API: CommandResultsApi.command_results_list ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandResultsApi.command_results_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling CommandResultsApi.command_results_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/commandresults" + local_var_path = '/commandresults' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? - query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Commandresultslist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Commandresultslist') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandResultsApi#command_results_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv1/lib/jcapiv1/api/command_triggers_api.rb b/jcapiv1/lib/jcapiv1/api/command_triggers_api.rb index 413e82b..dc229b4 100644 --- a/jcapiv1/lib/jcapiv1/api/command_triggers_api.rb +++ b/jcapiv1/lib/jcapiv1/api/command_triggers_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv1 class CommandTriggersApi attr_accessor :api_client @@ -19,72 +16,64 @@ class CommandTriggersApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Launch a command via a Trigger # This endpoint allows you to launch a command based on a defined trigger. #### Sample Requests **Launch a Command via a Trigger** ``` curl --silent \\ -X 'POST' \\ -H \"x-api-key: {API_KEY}\" \\ \"https://console.jumpcloud.com/api/command/trigger/{TriggerName}\" ``` **Launch a Command via a Trigger passing a JSON object to the command** ``` curl --silent \\ -X 'POST' \\ -H \"x-api-key: {API_KEY}\" \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -d '{ \"srcip\":\"192.168.2.32\", \"attack\":\"Cross Site Scripting Attempt\" }' \\ \"https://console.jumpcloud.com/api/command/trigger/{TriggerName}\" ``` # @param triggername - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def command_trigger_webhook_post(triggername, content_type, accept, opts = {}) - command_trigger_webhook_post_with_http_info(triggername, content_type, accept, opts) - return nil + # @option opts [Hash] :body + # @option opts [String] :x_org_id + # @return [Triggerreturn] + def command_trigger_webhook_post(triggername, opts = {}) + data, _status_code, _headers = command_trigger_webhook_post_with_http_info(triggername, opts) + data end # Launch a command via a Trigger - # This endpoint allows you to launch a command based on a defined trigger. #### Sample Requests **Launch a Command via a Trigger** ``` curl --silent \\ -X 'POST' \\ -H \"x-api-key: {API_KEY}\" \\ \"https://console.jumpcloud.com/api/command/trigger/{TriggerName}\" ``` **Launch a Command via a Trigger passing a JSON object to the command** ``` curl --silent \\ -X 'POST' \\ -H \"x-api-key: {API_KEY}\" \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -d '{ \"srcip\":\"192.168.2.32\", \"attack\":\"Cross Site Scripting Attempt\" }' \\ \"https://console.jumpcloud.com/api/command/trigger/{TriggerName}\" ``` + # This endpoint allows you to launch a command based on a defined trigger. #### Sample Requests **Launch a Command via a Trigger** ``` curl --silent \\ -X 'POST' \\ -H \"x-api-key: {API_KEY}\" \\ \"https://console.jumpcloud.com/api/command/trigger/{TriggerName}\" ``` **Launch a Command via a Trigger passing a JSON object to the command** ``` curl --silent \\ -X 'POST' \\ -H \"x-api-key: {API_KEY}\" \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -d '{ \"srcip\":\"192.168.2.32\", \"attack\":\"Cross Site Scripting Attempt\" }' \\ \"https://console.jumpcloud.com/api/command/trigger/{TriggerName}\" ``` # @param triggername - # @param content_type - # @param accept # @param [Hash] opts the optional parameters + # @option opts [Hash] :body # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def command_trigger_webhook_post_with_http_info(triggername, content_type, accept, opts = {}) + # @return [Array<(Triggerreturn, Integer, Hash)>] Triggerreturn data, response status code and response headers + def command_trigger_webhook_post_with_http_info(triggername, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandTriggersApi.command_trigger_webhook_post ..." + @api_client.config.logger.debug 'Calling API: CommandTriggersApi.command_trigger_webhook_post ...' end # verify the required parameter 'triggername' is set if @api_client.config.client_side_validation && triggername.nil? fail ArgumentError, "Missing the required parameter 'triggername' when calling CommandTriggersApi.command_trigger_webhook_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandTriggersApi.command_trigger_webhook_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandTriggersApi.command_trigger_webhook_post" - end # resource path - local_var_path = "/command/trigger/{triggername}".sub('{' + 'triggername' + '}', triggername.to_s) + local_var_path = '/command/trigger/{triggername}'.sub('{' + 'triggername' + '}', triggername.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Triggerreturn' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandTriggersApi#command_trigger_webhook_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv1/lib/jcapiv1/api/commands_api.rb b/jcapiv1/lib/jcapiv1/api/commands_api.rb index 06b38fe..4acba82 100644 --- a/jcapiv1/lib/jcapiv1/api/commands_api.rb +++ b/jcapiv1/lib/jcapiv1/api/commands_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv1 class CommandsApi attr_accessor :api_client @@ -19,466 +16,498 @@ class CommandsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Get a Command File # This endpoint returns the uploaded file(s) associated with a specific command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/files/command/{commandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) # @return [Commandfilereturn] - def command_file_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = command_file_get_with_http_info(id, content_type, accept, opts) - return data + def command_file_get(id, opts = {}) + data, _status_code, _headers = command_file_get_with_http_info(id, opts) + data end # Get a Command File - # This endpoint returns the uploaded file(s) associated with a specific command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/files/command/{commandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the uploaded file(s) associated with a specific command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/files/command/{commandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :x_org_id - # @return [Array<(Commandfilereturn, Fixnum, Hash)>] Commandfilereturn data, response status code and response headers - def command_file_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Commandfilereturn, Integer, Hash)>] Commandfilereturn data, response status code and response headers + def command_file_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandsApi.command_file_get ..." + @api_client.config.logger.debug 'Calling API: CommandsApi.command_file_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling CommandsApi.command_file_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandsApi.command_file_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandsApi.command_file_get" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling CommandsApi.command_file_get, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/files/command/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/files/command/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Commandfilereturn' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Commandfilereturn') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandsApi#command_file_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Delete a Command # This endpoint deletes a specific command based on the Command ID. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def commands_delete(id, content_type, accept, opts = {}) - commands_delete_with_http_info(id, content_type, accept, opts) - return nil + # @option opts [String] :x_org_id + # @return [Command] + def commands_delete(id, opts = {}) + data, _status_code, _headers = commands_delete_with_http_info(id, opts) + data end # Delete a Command - # This endpoint deletes a specific command based on the Command ID. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint deletes a specific command based on the Command ID. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def commands_delete_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Command, Integer, Hash)>] Command data, response status code and response headers + def commands_delete_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandsApi.commands_delete ..." + @api_client.config.logger.debug 'Calling API: CommandsApi.commands_delete ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling CommandsApi.commands_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandsApi.commands_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandsApi.commands_delete" - end # resource path - local_var_path = "/commands/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/commands/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Command' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandsApi#commands_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List an individual Command # This endpoint returns a specific command based on the command ID. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :x_org_id # @return [Command] - def commands_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = commands_get_with_http_info(id, content_type, accept, opts) - return data + def commands_get(id, opts = {}) + data, _status_code, _headers = commands_get_with_http_info(id, opts) + data end # List an individual Command - # This endpoint returns a specific command based on the command ID. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific command based on the command ID. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. # @option opts [String] :x_org_id - # @return [Array<(Command, Fixnum, Hash)>] Command data, response status code and response headers - def commands_get_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Command, Integer, Hash)>] Command data, response status code and response headers + def commands_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandsApi.commands_get ..." + @api_client.config.logger.debug 'Calling API: CommandsApi.commands_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling CommandsApi.commands_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandsApi.commands_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandsApi.commands_get" - end # resource path - local_var_path = "/commands/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/commands/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? - query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Command' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Command') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandsApi#commands_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Get results for a specific command + # This endpoint returns results for a specific command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/{id}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def commands_get_results(id, opts = {}) + data, _status_code, _headers = commands_get_results_with_http_info(id, opts) + data + end + # Get results for a specific command + # This endpoint returns results for a specific command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/{id}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def commands_get_results_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: CommandsApi.commands_get_results ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling CommandsApi.commands_get_results" + end + # resource path + local_var_path = '/commands/{id}/results'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: CommandsApi#commands_get_results\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # List All Commands # This endpoint returns all commands. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. # @return [Commandslist] - def commands_list(content_type, accept, opts = {}) - data, _status_code, _headers = commands_list_with_http_info(content_type, accept, opts) - return data + def commands_list(opts = {}) + data, _status_code, _headers = commands_list_with_http_info(opts) + data end # List All Commands - # This endpoint returns all commands. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all commands. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters - # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. # @option opts [String] :x_org_id - # @return [Array<(Commandslist, Fixnum, Hash)>] Commandslist data, response status code and response headers - def commands_list_with_http_info(content_type, accept, opts = {}) + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + # @return [Array<(Commandslist, Integer, Hash)>] Commandslist data, response status code and response headers + def commands_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandsApi.commands_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandsApi.commands_list" + @api_client.config.logger.debug 'Calling API: CommandsApi.commands_list ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandsApi.commands_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling CommandsApi.commands_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/commands" + local_var_path = '/commands' # query parameters - query_params = {} - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? - query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Commandslist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Commandslist') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandsApi#commands_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create A Command - # This endpoint allows you to create a new command. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\" }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new command. NOTE: the system property in the command is not used. Use a POST to /api/v2/commands/{id}/associations to bind a command to a system. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' -H 'x-api-key: {API_KEY}' -d '{\"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\"}' ``` # @param [Hash] opts the optional parameters # @option opts [Command] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id # @return [Command] - def commands_post(content_type, accept, opts = {}) - data, _status_code, _headers = commands_post_with_http_info(content_type, accept, opts) - return data + def commands_post(opts = {}) + data, _status_code, _headers = commands_post_with_http_info(opts) + data end # Create A Command - # This endpoint allows you to create a new command. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\" }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new command. NOTE: the system property in the command is not used. Use a POST to /api/v2/commands/{id}/associations to bind a command to a system. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' -H 'x-api-key: {API_KEY}' -d '{\"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\"}' ``` # @param [Hash] opts the optional parameters # @option opts [Command] :body # @option opts [String] :x_org_id - # @return [Array<(Command, Fixnum, Hash)>] Command data, response status code and response headers - def commands_post_with_http_info(content_type, accept, opts = {}) + # @return [Array<(Command, Integer, Hash)>] Command data, response status code and response headers + def commands_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandsApi.commands_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandsApi.commands_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandsApi.commands_post" + @api_client.config.logger.debug 'Calling API: CommandsApi.commands_post ...' end # resource path - local_var_path = "/commands" + local_var_path = '/commands' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Command' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Command') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandsApi#commands_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Update a Command # This endpoint Updates a command based on the command ID and returns the modified command record. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Command] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id # @return [Command] - def commands_put(id, content_type, accept, opts = {}) - data, _status_code, _headers = commands_put_with_http_info(id, content_type, accept, opts) - return data + def commands_put(id, opts = {}) + data, _status_code, _headers = commands_put_with_http_info(id, opts) + data end # Update a Command - # This endpoint Updates a command based on the command ID and returns the modified command record. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\" }' ``` + # This endpoint Updates a command based on the command ID and returns the modified command record. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Command] :body # @option opts [String] :x_org_id - # @return [Array<(Command, Fixnum, Hash)>] Command data, response status code and response headers - def commands_put_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Command, Integer, Hash)>] Command data, response status code and response headers + def commands_put_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandsApi.commands_put ..." + @api_client.config.logger.debug 'Calling API: CommandsApi.commands_put ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling CommandsApi.commands_put" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandsApi.commands_put" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandsApi.commands_put" - end # resource path - local_var_path = "/commands/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/commands/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Command' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Command') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandsApi#commands_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Run a command + # This endpoint allows you to run a command. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/runCommand \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' -d '{\"_id\":\"{commandID}\", \"systemIds\":[\"systemId\"]}' ``` + # @param [Hash] opts the optional parameters + # @option opts [RunCommandBody] :body + # @return [InlineResponse200] + def commands_run(opts = {}) + data, _status_code, _headers = commands_run_with_http_info(opts) + data + end + + # Run a command + # This endpoint allows you to run a command. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/runCommand \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' -d '{\"_id\":\"{commandID}\", \"systemIds\":[\"systemId\"]}' ``` + # @param [Hash] opts the optional parameters + # @option opts [RunCommandBody] :body + # @return [Array<(InlineResponse200, Integer, Hash)>] InlineResponse200 data, response status code and response headers + def commands_run_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: CommandsApi.commands_run ...' + end + # resource path + local_var_path = '/runCommand' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'InlineResponse200' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: CommandsApi#commands_run\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end end end diff --git a/jcapiv1/lib/jcapiv1/api/managed_service_provider_api.rb b/jcapiv1/lib/jcapiv1/api/managed_service_provider_api.rb new file mode 100644 index 0000000..e5757b2 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/api/managed_service_provider_api.rb @@ -0,0 +1,266 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv1 + class ManagedServiceProviderApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Administrator TOTP Reset Initiation + # This endpoint initiates a TOTP reset for an admin. This request does not accept a body. + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def admin_totpreset_begin(id, opts = {}) + admin_totpreset_begin_with_http_info(id, opts) + nil + end + + # Administrator TOTP Reset Initiation + # This endpoint initiates a TOTP reset for an admin. This request does not accept a body. + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def admin_totpreset_begin_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.admin_totpreset_begin ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.admin_totpreset_begin" + end + # resource path + local_var_path = '/users/resettotp/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#admin_totpreset_begin\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get Organization Details + # This endpoint returns Organization Details. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + # @option opts [String] :sort_ignore_case Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. + # @return [Organizationslist] + def organization_list(opts = {}) + data, _status_code, _headers = organization_list_with_http_info(opts) + data + end + + # Get Organization Details + # This endpoint returns Organization Details. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + # @option opts [String] :sort_ignore_case Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. + # @return [Array<(Organizationslist, Integer, Hash)>] Organizationslist data, response status code and response headers + def organization_list_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.organization_list ...' + end + # resource path + local_var_path = '/organizations' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? + query_params[:'sortIgnoreCase'] = opts[:'sort_ignore_case'] if !opts[:'sort_ignore_case'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Organizationslist' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#organization_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update a user + # This endpoint allows you to update a user. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Userput] :body + # @option opts [String] :x_org_id + # @return [Userreturn] + def users_put(id, opts = {}) + data, _status_code, _headers = users_put_with_http_info(id, opts) + data + end + + # Update a user + # This endpoint allows you to update a user. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Userput] :body + # @option opts [String] :x_org_id + # @return [Array<(Userreturn, Integer, Hash)>] Userreturn data, response status code and response headers + def users_put_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.users_put ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.users_put" + end + # resource path + local_var_path = '/users/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Userreturn' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#users_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Administrator Password Reset Initiation + # This endpoint triggers the sending of a reactivation e-mail to an administrator. + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def users_reactivate_get(id, opts = {}) + users_reactivate_get_with_http_info(id, opts) + nil + end + + # Administrator Password Reset Initiation + # This endpoint triggers the sending of a reactivation e-mail to an administrator. + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def users_reactivate_get_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.users_reactivate_get ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.users_reactivate_get" + end + # resource path + local_var_path = '/users/reactivate/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#users_reactivate_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv1/lib/jcapiv1/api/organizations_api.rb b/jcapiv1/lib/jcapiv1/api/organizations_api.rb index 462f676..4937491 100644 --- a/jcapiv1/lib/jcapiv1/api/organizations_api.rb +++ b/jcapiv1/lib/jcapiv1/api/organizations_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv1 class OrganizationsApi attr_accessor :api_client @@ -19,88 +16,196 @@ class OrganizationsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Get Organization Details # This endpoint returns Organization Details. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. (default to ) - # @option opts [String] :search A nested object containing a string `searchTerm` and a list of `fields` to search on. + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + # @option opts [String] :sort_ignore_case Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. # @return [Organizationslist] - def organization_list(content_type, accept, opts = {}) - data, _status_code, _headers = organization_list_with_http_info(content_type, accept, opts) - return data + def organization_list(opts = {}) + data, _status_code, _headers = organization_list_with_http_info(opts) + data end # Get Organization Details - # This endpoint returns Organization Details. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns Organization Details. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :search A nested object containing a string `searchTerm` and a list of `fields` to search on. - # @return [Array<(Organizationslist, Fixnum, Hash)>] Organizationslist data, response status code and response headers - def organization_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :sort_ignore_case Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. + # @return [Array<(Organizationslist, Integer, Hash)>] Organizationslist data, response status code and response headers + def organization_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: OrganizationsApi.organization_list ..." + @api_client.config.logger.debug 'Calling API: OrganizationsApi.organization_list ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling OrganizationsApi.organization_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling OrganizationsApi.organization_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling OrganizationsApi.organization_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/organizations" + local_var_path = '/organizations' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? - query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil? + query_params[:'sortIgnoreCase'] = opts[:'sort_ignore_case'] if !opts[:'sort_ignore_case'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Organizationslist' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: OrganizationsApi#organization_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update an Organization + # This endpoint allows you to update an Organization. Note: `passwordPolicy` settings are only used when `passwordCompliance` is set to \"custom\". We discourage the use of non-custom passwordCompliance values. `emailDisclaimer` can only be modified by paying customers. `hasStripeCustomerId` is deprecated and will be removed. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/organizations/{OrganizationID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"settings\": { \"contactName\": \"Admin Name\", \"contactEmail\": \"admin@company.com\", \"systemUsersCanEdit\":true, \"passwordPolicy\": { \"enableMaxHistory\": true, \"maxHistory\": 3 } } }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [OrganizationsIdBody] :body + # @return [Organization] + def organization_put(id, opts = {}) + data, _status_code, _headers = organization_put_with_http_info(id, opts) + data + end + + # Update an Organization + # This endpoint allows you to update an Organization. Note: `passwordPolicy` settings are only used when `passwordCompliance` is set to \"custom\". We discourage the use of non-custom passwordCompliance values. `emailDisclaimer` can only be modified by paying customers. `hasStripeCustomerId` is deprecated and will be removed. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/organizations/{OrganizationID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"settings\": { \"contactName\": \"Admin Name\", \"contactEmail\": \"admin@company.com\", \"systemUsersCanEdit\":true, \"passwordPolicy\": { \"enableMaxHistory\": true, \"maxHistory\": 3 } } }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [OrganizationsIdBody] :body + # @return [Array<(Organization, Integer, Hash)>] Organization data, response status code and response headers + def organization_put_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: OrganizationsApi.organization_put ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling OrganizationsApi.organization_put" + end + # resource path + local_var_path = '/organizations/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Organization' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: OrganizationsApi#organization_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get an Organization + # This endpoint returns a particular Organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/organizations/{OrganizationID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @return [Organization] + def organizations_get(id, opts = {}) + data, _status_code, _headers = organizations_get_with_http_info(id, opts) + data + end + + # Get an Organization + # This endpoint returns a particular Organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/organizations/{OrganizationID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @return [Array<(Organization, Integer, Hash)>] Organization data, response status code and response headers + def organizations_get_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: OrganizationsApi.organizations_get ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling OrganizationsApi.organizations_get" + end + # resource path + local_var_path = '/organizations/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Organization' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Organizationslist') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: OrganizationsApi#organization_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: OrganizationsApi#organizations_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv1/lib/jcapiv1/api/radius_servers_api.rb b/jcapiv1/lib/jcapiv1/api/radius_servers_api.rb index 398dc10..2f827a6 100644 --- a/jcapiv1/lib/jcapiv1/api/radius_servers_api.rb +++ b/jcapiv1/lib/jcapiv1/api/radius_servers_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv1 class RadiusServersApi attr_accessor :api_client @@ -19,57 +16,158 @@ class RadiusServersApi def initialize(api_client = ApiClient.default) @api_client = api_client end + # Delete Radius Server + # This endpoint allows you to delete RADIUS servers in your organization. ``` curl -X DELETE https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [Radiusserverput] + def radius_servers_delete(id, opts = {}) + data, _status_code, _headers = radius_servers_delete_with_http_info(id, opts) + data + end + + # Delete Radius Server + # This endpoint allows you to delete RADIUS servers in your organization. ``` curl -X DELETE https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [Array<(Radiusserverput, Integer, Hash)>] Radiusserverput data, response status code and response headers + def radius_servers_delete_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: RadiusServersApi.radius_servers_delete ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling RadiusServersApi.radius_servers_delete" + end + # resource path + local_var_path = '/radiusservers/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Radiusserverput' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: RadiusServersApi#radius_servers_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get Radius Server + # This endpoint allows you to get a RADIUS server in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [Radiusserver] + def radius_servers_get(id, opts = {}) + data, _status_code, _headers = radius_servers_get_with_http_info(id, opts) + data + end + + # Get Radius Server + # This endpoint allows you to get a RADIUS server in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [Array<(Radiusserver, Integer, Hash)>] Radiusserver data, response status code and response headers + def radius_servers_get_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: RadiusServersApi.radius_servers_get ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling RadiusServersApi.radius_servers_get" + end + # resource path + local_var_path = '/radiusservers/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Radiusserver' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: RadiusServersApi#radius_servers_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # List Radius Servers # This endpoint allows you to get a list of all RADIUS servers in your organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. (default to ) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + # @option opts [String] :x_org_id # @return [Radiusserverslist] - def radius_servers_list(content_type, accept, opts = {}) - data, _status_code, _headers = radius_servers_list_with_http_info(content_type, accept, opts) - return data + def radius_servers_list(opts = {}) + data, _status_code, _headers = radius_servers_list_with_http_info(opts) + data end # List Radius Servers - # This endpoint allows you to get a list of all RADIUS servers in your organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` - # @param content_type - # @param accept + # This endpoint allows you to get a list of all RADIUS servers in your organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. # @option opts [String] :x_org_id - # @return [Array<(Radiusserverslist, Fixnum, Hash)>] Radiusserverslist data, response status code and response headers - def radius_servers_list_with_http_info(content_type, accept, opts = {}) + # @return [Array<(Radiusserverslist, Integer, Hash)>] Radiusserverslist data, response status code and response headers + def radius_servers_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: RadiusServersApi.radius_servers_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling RadiusServersApi.radius_servers_list" + @api_client.config.logger.debug 'Calling API: RadiusServersApi.radius_servers_list ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling RadiusServersApi.radius_servers_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling RadiusServersApi.radius_servers_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/radiusservers" + local_var_path = '/radiusservers' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -77,170 +175,148 @@ def radius_servers_list_with_http_info(content_type, accept, opts = {}) query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Radiusserverslist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Radiusserverslist') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: RadiusServersApi#radius_servers_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create a Radius Server # This endpoint allows you to create RADIUS servers in your organization. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{test_radius}\", \"networkSourceIp\": \"{0.0.0.0}\", \"sharedSecret\":\"{secretpassword}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Radiusserverpost] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id # @return [Radiusserver] - def radius_servers_post(content_type, accept, opts = {}) - data, _status_code, _headers = radius_servers_post_with_http_info(content_type, accept, opts) - return data + def radius_servers_post(opts = {}) + data, _status_code, _headers = radius_servers_post_with_http_info(opts) + data end # Create a Radius Server - # This endpoint allows you to create RADIUS servers in your organization. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{test_radius}\", \"networkSourceIp\": \"{0.0.0.0}\", \"sharedSecret\":\"{secretpassword}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create RADIUS servers in your organization. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{test_radius}\", \"networkSourceIp\": \"{0.0.0.0}\", \"sharedSecret\":\"{secretpassword}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Radiusserverpost] :body # @option opts [String] :x_org_id - # @return [Array<(Radiusserver, Fixnum, Hash)>] Radiusserver data, response status code and response headers - def radius_servers_post_with_http_info(content_type, accept, opts = {}) + # @return [Array<(Radiusserver, Integer, Hash)>] Radiusserver data, response status code and response headers + def radius_servers_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: RadiusServersApi.radius_servers_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling RadiusServersApi.radius_servers_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling RadiusServersApi.radius_servers_post" + @api_client.config.logger.debug 'Calling API: RadiusServersApi.radius_servers_post ...' end # resource path - local_var_path = "/radiusservers" + local_var_path = '/radiusservers' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Radiusserver' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Radiusserver') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: RadiusServersApi#radius_servers_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Update Radius Servers - # This endpoint allows you to update RADIUS servers in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{name_update}\", \"networkSourceIp\": \"{0.0.0.0}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` + # This endpoint allows you to update RADIUS servers in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{name_update}\", \"networkSourceIp\": \"{0.0.0.0}\", \"sharedSecret\": \"{secret_password}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Body] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [RadiusserversIdBody] :body + # @option opts [String] :x_org_id # @return [Radiusserverput] - def radius_servers_put(id, content_type, accept, opts = {}) - data, _status_code, _headers = radius_servers_put_with_http_info(id, content_type, accept, opts) - return data + def radius_servers_put(id, opts = {}) + data, _status_code, _headers = radius_servers_put_with_http_info(id, opts) + data end # Update Radius Servers - # This endpoint allows you to update RADIUS servers in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{name_update}\", \"networkSourceIp\": \"{0.0.0.0}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` + # This endpoint allows you to update RADIUS servers in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{name_update}\", \"networkSourceIp\": \"{0.0.0.0}\", \"sharedSecret\": \"{secret_password}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Body] :body + # @option opts [RadiusserversIdBody] :body # @option opts [String] :x_org_id - # @return [Array<(Radiusserverput, Fixnum, Hash)>] Radiusserverput data, response status code and response headers - def radius_servers_put_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Radiusserverput, Integer, Hash)>] Radiusserverput data, response status code and response headers + def radius_servers_put_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: RadiusServersApi.radius_servers_put ..." + @api_client.config.logger.debug 'Calling API: RadiusServersApi.radius_servers_put ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling RadiusServersApi.radius_servers_put" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling RadiusServersApi.radius_servers_put" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling RadiusServersApi.radius_servers_put" - end # resource path - local_var_path = "/radiusservers/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/radiusservers/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Radiusserverput' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Radiusserverput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: RadiusServersApi#radius_servers_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv1/lib/jcapiv1/api/search_api.rb b/jcapiv1/lib/jcapiv1/api/search_api.rb index fbbda73..042e1ad 100644 --- a/jcapiv1/lib/jcapiv1/api/search_api.rb +++ b/jcapiv1/lib/jcapiv1/api/search_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv1 class SearchApi attr_accessor :api_client @@ -19,250 +16,343 @@ class SearchApi def initialize(api_client = ApiClient.default) @api_client = api_client end + # Search Commands Results + # Return Command Results in multi-record format allowing for the passing of the `filter` parameter. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/commandresults route. The `filter` parameter must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. #### Sample Request Exact search for a specific command result ``` curl -X POST https://console.jumpcloud.com/api/search/commandresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : \"workflowInstanceId:$eq:62f3c599ec4e928499069c7f\", \"fields\" : \"name workflowId sudo\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [Search] :body + # @option opts [String] :x_org_id + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Commandresultslist] + def search_commandresults_post(opts = {}) + data, _status_code, _headers = search_commandresults_post_with_http_info(opts) + data + end + + # Search Commands Results + # Return Command Results in multi-record format allowing for the passing of the `filter` parameter. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/commandresults route. The `filter` parameter must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. #### Sample Request Exact search for a specific command result ``` curl -X POST https://console.jumpcloud.com/api/search/commandresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : \"workflowInstanceId:$eq:62f3c599ec4e928499069c7f\", \"fields\" : \"name workflowId sudo\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [Search] :body + # @option opts [String] :x_org_id + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Commandresultslist, Integer, Hash)>] Commandresultslist data, response status code and response headers + def search_commandresults_post_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SearchApi.search_commandresults_post ...' + end + # resource path + local_var_path = '/search/commandresults' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Commandresultslist' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SearchApi#search_commandresults_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Search Commands + # Return Commands in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new command. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of commands in a launchType ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"launchType\" : \"repeated\"}], \"fields\" : \"name launchType sudo\" }' ``` Text search for commands with name ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"List\", \"fields\": [\"name\"] }, \"fields\" : \"name launchType sudo\" }' ``` Text search for multiple commands ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": [\"List\", \"Log\"], \"fields\": [\"name\"] }, \"fields\" : \"name launchType sudo\" }' ``` Combining `filter` and `searchFilter` to text search for commands with name who are in a list of launchType ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"List\", \"fields\": [\"name\"] }, \"filter\": { \"or\": [ {\"launchType\" : \"repeated\"}, {\"launchType\" : \"one-time\"} ] }, \"fields\" : \"name launchType sudo\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [Search] :body + # @option opts [String] :x_org_id + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Commandslist] + def search_commands_post(opts = {}) + data, _status_code, _headers = search_commands_post_with_http_info(opts) + data + end + + # Search Commands + # Return Commands in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new command. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of commands in a launchType ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"launchType\" : \"repeated\"}], \"fields\" : \"name launchType sudo\" }' ``` Text search for commands with name ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"List\", \"fields\": [\"name\"] }, \"fields\" : \"name launchType sudo\" }' ``` Text search for multiple commands ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": [\"List\", \"Log\"], \"fields\": [\"name\"] }, \"fields\" : \"name launchType sudo\" }' ``` Combining `filter` and `searchFilter` to text search for commands with name who are in a list of launchType ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"List\", \"fields\": [\"name\"] }, \"filter\": { \"or\": [ {\"launchType\" : \"repeated\"}, {\"launchType\" : \"one-time\"} ] }, \"fields\" : \"name launchType sudo\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [Search] :body + # @option opts [String] :x_org_id + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Commandslist, Integer, Hash)>] Commandslist data, response status code and response headers + def search_commands_post_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SearchApi.search_commands_post ...' + end + # resource path + local_var_path = '/search/commands' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Commandslist' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SearchApi#search_commands_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # Search Organizations # This endpoint will return Organization data based on your search parameters. This endpoint WILL NOT allow you to add a new Organization. You can use the supported parameters and pass those in the body of request. The parameters must be passed as Content-Type application/json. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/search/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"search\":{ \"fields\" : [\"settings.name\"], \"searchTerm\": \"Second\" }, \"fields\": [\"_id\", \"displayName\", \"logoUrl\"], \"limit\" : 0, \"skip\" : 0 }' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Search] :body - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @return [Organizationslist] - def search_organizations_post(content_type, accept, opts = {}) - data, _status_code, _headers = search_organizations_post_with_http_info(content_type, accept, opts) - return data + def search_organizations_post(opts = {}) + data, _status_code, _headers = search_organizations_post_with_http_info(opts) + data end # Search Organizations - # This endpoint will return Organization data based on your search parameters. This endpoint WILL NOT allow you to add a new Organization. You can use the supported parameters and pass those in the body of request. The parameters must be passed as Content-Type application/json. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/search/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"search\":{ \"fields\" : [\"settings.name\"], \"searchTerm\": \"Second\" }, \"fields\": [\"_id\", \"displayName\", \"logoUrl\"], \"limit\" : 0, \"skip\" : 0 }' ``` - # @param content_type - # @param accept + # This endpoint will return Organization data based on your search parameters. This endpoint WILL NOT allow you to add a new Organization. You can use the supported parameters and pass those in the body of request. The parameters must be passed as Content-Type application/json. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/search/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"search\":{ \"fields\" : [\"settings.name\"], \"searchTerm\": \"Second\" }, \"fields\": [\"_id\", \"displayName\", \"logoUrl\"], \"limit\" : 0, \"skip\" : 0 }' ``` # @param [Hash] opts the optional parameters # @option opts [Search] :body # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @return [Array<(Organizationslist, Fixnum, Hash)>] Organizationslist data, response status code and response headers - def search_organizations_post_with_http_info(content_type, accept, opts = {}) + # @return [Array<(Organizationslist, Integer, Hash)>] Organizationslist data, response status code and response headers + def search_organizations_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SearchApi.search_organizations_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SearchApi.search_organizations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SearchApi.search_organizations_post" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SearchApi.search_organizations_post, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SearchApi.search_organizations_post ...' end - # resource path - local_var_path = "/search/organizations" + local_var_path = '/search/organizations' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Organizationslist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Organizationslist') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SearchApi#search_organizations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Search Systems - # Return Systems in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the`searchTerm` the record will be returned. #### Sample Request Exact search for a list of hostnames ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\": { \"or\": [ {\"hostname\" : \"my-hostname\"}, {\"hostname\" : \"other-hostname\"} ] }, \"fields\" : \"os hostname displayName\" }' ``` Text search for a hostname or display name ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"fields\": \"os hostname displayName\" }' ``` Combining `filter` and `searchFilter` to search for names that match a given OS ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"filter\": { \"or\": [ {\"os\" : \"Ubuntu\"}, {\"os\" : \"Mac OS X\"} ] }, \"fields\": \"os hostname displayName\" }' ``` - # @param content_type - # @param accept + # Return Systems in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of hostnames ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\": { \"or\": [ {\"hostname\" : \"my-hostname\"}, {\"hostname\" : \"other-hostname\"} ] }, \"fields\" : \"os hostname displayName\" }' ``` Text search for a hostname or display name ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"fields\": \"os hostname displayName\" }' ``` Text search for a multiple hostnames. ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": [\"my-host\", \"my-other-host\"], \"fields\": [\"hostname\"] }, \"fields\": \"os hostname displayName\" }' ``` Combining `filter` and `searchFilter` to search for names that match a given OS ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"filter\": { \"or\": [ {\"os\" : \"Ubuntu\"}, {\"os\" : \"Mac OS X\"} ] }, \"fields\": \"os hostname displayName\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Search] :body - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) + # @option opts [String] :x_org_id + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @return [Systemslist] - def search_systems_post(content_type, accept, opts = {}) - data, _status_code, _headers = search_systems_post_with_http_info(content_type, accept, opts) - return data + def search_systems_post(opts = {}) + data, _status_code, _headers = search_systems_post_with_http_info(opts) + data end # Search Systems - # Return Systems in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the`searchTerm` the record will be returned. #### Sample Request Exact search for a list of hostnames ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\": { \"or\": [ {\"hostname\" : \"my-hostname\"}, {\"hostname\" : \"other-hostname\"} ] }, \"fields\" : \"os hostname displayName\" }' ``` Text search for a hostname or display name ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"fields\": \"os hostname displayName\" }' ``` Combining `filter` and `searchFilter` to search for names that match a given OS ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"filter\": { \"or\": [ {\"os\" : \"Ubuntu\"}, {\"os\" : \"Mac OS X\"} ] }, \"fields\": \"os hostname displayName\" }' ``` - # @param content_type - # @param accept + # Return Systems in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of hostnames ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\": { \"or\": [ {\"hostname\" : \"my-hostname\"}, {\"hostname\" : \"other-hostname\"} ] }, \"fields\" : \"os hostname displayName\" }' ``` Text search for a hostname or display name ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"fields\": \"os hostname displayName\" }' ``` Text search for a multiple hostnames. ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": [\"my-host\", \"my-other-host\"], \"fields\": [\"hostname\"] }, \"fields\": \"os hostname displayName\" }' ``` Combining `filter` and `searchFilter` to search for names that match a given OS ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"filter\": { \"or\": [ {\"os\" : \"Ubuntu\"}, {\"os\" : \"Mac OS X\"} ] }, \"fields\": \"os hostname displayName\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Search] :body + # @option opts [String] :x_org_id # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :filter A filter to apply to the query. - # @return [Array<(Systemslist, Fixnum, Hash)>] Systemslist data, response status code and response headers - def search_systems_post_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @return [Array<(Systemslist, Integer, Hash)>] Systemslist data, response status code and response headers + def search_systems_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SearchApi.search_systems_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SearchApi.search_systems_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SearchApi.search_systems_post" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SearchApi.search_systems_post, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SearchApi.search_systems_post ...' end - # resource path - local_var_path = "/search/systems" + local_var_path = '/search/systems' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Systemslist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemslist') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SearchApi#search_systems_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Search System Users - # Return System Users in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system user. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the`searchTerm` the record will be returned. #### Sample Request Exact search for a list of system users in a department ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"department\" : \"IT\"}], \"fields\" : \"email username sudo\" }' ``` Text search for system users with and email on a domain ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"fields\" : \"email username sudo\" }' ``` Combining `filter` and `searchFilter` to text search for system users with and email on a domain who are in a list of departments ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"filter\": { \"or\": [ {\"department\" : \"IT\"}, {\"department\" : \"Sales\"} ] }, \"fields\" : \"email username sudo\" }' ``` - # @param content_type - # @param accept + # Return System Users in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system user. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of system users in a department ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"department\" : \"IT\"}], \"fields\" : \"email username sudo\" }' ``` Text search for system users with and email on a domain ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"fields\" : \"email username sudo\" }' ``` Text search for multiple system users ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": [\"john\", \"sarah\"], \"fields\": [\"username\"] }, \"fields\" : \"email username sudo\" }' ``` Combining `filter` and `searchFilter` to text search for system users with and email on a domain who are in a list of departments ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"filter\": { \"or\": [ {\"department\" : \"IT\"}, {\"department\" : \"Sales\"} ] }, \"fields\" : \"email username sudo\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Search] :body - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :x_org_id + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) # @return [Systemuserslist] - def search_systemusers_post(content_type, accept, opts = {}) - data, _status_code, _headers = search_systemusers_post_with_http_info(content_type, accept, opts) - return data + def search_systemusers_post(opts = {}) + data, _status_code, _headers = search_systemusers_post_with_http_info(opts) + data end # Search System Users - # Return System Users in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system user. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the`searchTerm` the record will be returned. #### Sample Request Exact search for a list of system users in a department ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"department\" : \"IT\"}], \"fields\" : \"email username sudo\" }' ``` Text search for system users with and email on a domain ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"fields\" : \"email username sudo\" }' ``` Combining `filter` and `searchFilter` to text search for system users with and email on a domain who are in a list of departments ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"filter\": { \"or\": [ {\"department\" : \"IT\"}, {\"department\" : \"Sales\"} ] }, \"fields\" : \"email username sudo\" }' ``` - # @param content_type - # @param accept + # Return System Users in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system user. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of system users in a department ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"department\" : \"IT\"}], \"fields\" : \"email username sudo\" }' ``` Text search for system users with and email on a domain ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"fields\" : \"email username sudo\" }' ``` Text search for multiple system users ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": [\"john\", \"sarah\"], \"fields\": [\"username\"] }, \"fields\" : \"email username sudo\" }' ``` Combining `filter` and `searchFilter` to text search for system users with and email on a domain who are in a list of departments ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"filter\": { \"or\": [ {\"department\" : \"IT\"}, {\"department\" : \"Sales\"} ] }, \"fields\" : \"email username sudo\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Search] :body + # @option opts [String] :x_org_id # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Systemuserslist, Fixnum, Hash)>] Systemuserslist data, response status code and response headers - def search_systemusers_post_with_http_info(content_type, accept, opts = {}) + # @return [Array<(Systemuserslist, Integer, Hash)>] Systemuserslist data, response status code and response headers + def search_systemusers_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SearchApi.search_systemusers_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SearchApi.search_systemusers_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SearchApi.search_systemusers_post" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SearchApi.search_systemusers_post, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SearchApi.search_systemusers_post ...' end - # resource path - local_var_path = "/search/systemusers" + local_var_path = '/search/systemusers' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Systemuserslist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemuserslist') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SearchApi#search_systemusers_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv1/lib/jcapiv1/api/systems_api.rb b/jcapiv1/lib/jcapiv1/api/systems_api.rb index 21fdeeb..6470ce9 100644 --- a/jcapiv1/lib/jcapiv1/api/systems_api.rb +++ b/jcapiv1/lib/jcapiv1/api/systems_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv1 class SystemsApi attr_accessor :api_client @@ -19,497 +16,515 @@ class SystemsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - - # Delete a System - # This endpoint allows you to delete a system. This command will cause the system to uninstall the JumpCloud agent from its self which can can take about a minute. If the system is not connected to JumpCloud the system record will simply be removed. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param id - # @param content_type - # @param accept + # Erase a System + # This endpoint allows you to run the erase command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/erase \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :date Current date header for the System Context API - # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id (default to ) - # @return [System] - def systems_delete(id, content_type, accept, opts = {}) - data, _status_code, _headers = systems_delete_with_http_info(id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id + # @return [nil] + def systems_command_builtin_erase(system_id, opts = {}) + systems_command_builtin_erase_with_http_info(system_id, opts) + nil end - # Delete a System - # This endpoint allows you to delete a system. This command will cause the system to uninstall the JumpCloud agent from its self which can can take about a minute. If the system is not connected to JumpCloud the system record will simply be removed. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param id - # @param content_type - # @param accept + # Erase a System + # This endpoint allows you to run the erase command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/erase \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :date Current date header for the System Context API - # @option opts [String] :authorization Authorization header for the System Context API # @option opts [String] :x_org_id - # @return [Array<(System, Fixnum, Hash)>] System data, response status code and response headers - def systems_delete_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def systems_command_builtin_erase_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.systems_delete ..." - end - # verify the required parameter 'id' is set - if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling SystemsApi.systems_delete" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.systems_delete" + @api_client.config.logger.debug 'Calling API: SystemsApi.systems_command_builtin_erase ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.systems_delete" + # verify the required parameter 'system_id' is set + if @api_client.config.client_side_validation && system_id.nil? + fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.systems_command_builtin_erase" end # resource path - local_var_path = "/systems/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systems/{system_id}/command/builtin/erase'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? - header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'System') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemsApi#systems_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemsApi#systems_command_builtin_erase\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List an individual system - # This endpoint returns an individual system. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param id - # @param content_type - # @param accept + # Lock a System + # This endpoint allows you to run the lock command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/lock \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :date Current date header for the System Context API - # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id (default to ) - # @return [System] - def systems_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = systems_get_with_http_info(id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id + # @return [nil] + def systems_command_builtin_lock(system_id, opts = {}) + systems_command_builtin_lock_with_http_info(system_id, opts) + nil end - # List an individual system - # This endpoint returns an individual system. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param id - # @param content_type - # @param accept + # Lock a System + # This endpoint allows you to run the lock command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/lock \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :date Current date header for the System Context API - # @option opts [String] :authorization Authorization header for the System Context API # @option opts [String] :x_org_id - # @return [Array<(System, Fixnum, Hash)>] System data, response status code and response headers - def systems_get_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def systems_command_builtin_lock_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.systems_get ..." - end - # verify the required parameter 'id' is set - if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling SystemsApi.systems_get" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.systems_get" + @api_client.config.logger.debug 'Calling API: SystemsApi.systems_command_builtin_lock ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.systems_get" + # verify the required parameter 'system_id' is set + if @api_client.config.client_side_validation && system_id.nil? + fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.systems_command_builtin_lock" end # resource path - local_var_path = "/systems/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systems/{system_id}/command/builtin/lock'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} - query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? - query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? - header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'System') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemsApi#systems_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemsApi#systems_command_builtin_lock\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List All Systems - # This endpoint returns all Systems. #### Sample Requests ``` curl -X GET https://console.jumpcloud.com/api/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # Restart a System + # This endpoint allows you to run the restart command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/restart \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) - # @option opts [String] :search A nested object containing a string `searchTerm` and a list of `fields` to search on. - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @return [Systemslist] - def systems_list(content_type, accept, opts = {}) - data, _status_code, _headers = systems_list_with_http_info(content_type, accept, opts) - return data + # @option opts [String] :x_org_id + # @return [nil] + def systems_command_builtin_restart(system_id, opts = {}) + systems_command_builtin_restart_with_http_info(system_id, opts) + nil end - # List All Systems - # This endpoint returns all Systems. #### Sample Requests ``` curl -X GET https://console.jumpcloud.com/api/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # Restart a System + # This endpoint allows you to run the restart command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/restart \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [String] :x_org_id - # @option opts [String] :search A nested object containing a string `searchTerm` and a list of `fields` to search on. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. - # @return [Array<(Systemslist, Fixnum, Hash)>] Systemslist data, response status code and response headers - def systems_list_with_http_info(content_type, accept, opts = {}) + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def systems_command_builtin_restart_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.systems_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.systems_list" + @api_client.config.logger.debug 'Calling API: SystemsApi.systems_command_builtin_restart ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.systems_list" + # verify the required parameter 'system_id' is set + if @api_client.config.client_side_validation && system_id.nil? + fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.systems_command_builtin_restart" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemsApi.systems_list, must be greater than or equal to 0.' + # resource path + local_var_path = '/systems/{system_id}/command/builtin/restart'.sub('{' + 'system_id' + '}', system_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemsApi#systems_command_builtin_restart\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end + return data, status_code, headers + end + # Shutdown a System + # This endpoint allows you to run the shutdown command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/shutdown \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [nil] + def systems_command_builtin_shutdown(system_id, opts = {}) + systems_command_builtin_shutdown_with_http_info(system_id, opts) + nil + end + # Shutdown a System + # This endpoint allows you to run the shutdown command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/shutdown \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def systems_command_builtin_shutdown_with_http_info(system_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemsApi.systems_command_builtin_shutdown ...' + end + # verify the required parameter 'system_id' is set + if @api_client.config.client_side_validation && system_id.nil? + fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.systems_command_builtin_shutdown" + end # resource path - local_var_path = "/systems" + local_var_path = '/systems/{system_id}/command/builtin/shutdown'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} - query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? - query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemslist') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemsApi#systems_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemsApi#systems_command_builtin_shutdown\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Update a system - # This endpoint allows you to update a system. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\":\"Name_Update\", \"allowSshPasswordAuthentication\":\"true\", \"allowSshRootLogin\":\"true\", \"allowMultiFactorAuthentication\":\"true\", \"allowPublicKeyAuthentication\":\"false\" }' ``` + # Delete a System + # This endpoint allows you to delete a system. This command will cause the system to uninstall the JumpCloud agent from its self which can can take about a minute. If the system is not connected to JumpCloud the system record will simply be removed. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Systemput] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id # @return [System] - def systems_put(id, content_type, accept, opts = {}) - data, _status_code, _headers = systems_put_with_http_info(id, content_type, accept, opts) - return data + def systems_delete(id, opts = {}) + data, _status_code, _headers = systems_delete_with_http_info(id, opts) + data end - # Update a system - # This endpoint allows you to update a system. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\":\"Name_Update\", \"allowSshPasswordAuthentication\":\"true\", \"allowSshRootLogin\":\"true\", \"allowMultiFactorAuthentication\":\"true\", \"allowPublicKeyAuthentication\":\"false\" }' ``` + # Delete a System + # This endpoint allows you to delete a system. This command will cause the system to uninstall the JumpCloud agent from its self which can can take about a minute. If the system is not connected to JumpCloud the system record will simply be removed. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Systemput] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API # @option opts [String] :x_org_id - # @return [Array<(System, Fixnum, Hash)>] System data, response status code and response headers - def systems_put_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(System, Integer, Hash)>] System data, response status code and response headers + def systems_delete_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.systems_put ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.systems_delete ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling SystemsApi.systems_put" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.systems_put" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.systems_put" + fail ArgumentError, "Missing the required parameter 'id' when calling SystemsApi.systems_delete" end # resource path - local_var_path = "/systems/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systems/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + post_body = opts[:body] + + return_type = opts[:return_type] || 'System' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'System') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemsApi#systems_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemsApi#systems_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List system user bindings - # Hidden as Tags is deprecated List system user bindings for a specific system in a system and user binding format. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). #### Sample Request *List system user bindings for specific system* ``` curl -X https://console.jumpcloud.com/api/systems/{SystemID}/systemusers\\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ \" ``` + # List an individual system + # This endpoint returns an individual system. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id (default to ) - # @return [Systemuserbinding] - def systems_systemusers_binding_list(id, content_type, accept, opts = {}) - data, _status_code, _headers = systems_systemusers_binding_list_with_http_info(id, content_type, accept, opts) - return data + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [String] :x_org_id + # @return [System] + def systems_get(id, opts = {}) + data, _status_code, _headers = systems_get_with_http_info(id, opts) + data end - # List system user bindings - # Hidden as Tags is deprecated List system user bindings for a specific system in a system and user binding format. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). #### Sample Request *List system user bindings for specific system* ``` curl -X https://console.jumpcloud.com/api/systems/{SystemID}/systemusers\\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ \" ``` + # List an individual system + # This endpoint returns an individual system. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API # @option opts [String] :x_org_id - # @return [Array<(Systemuserbinding, Fixnum, Hash)>] Systemuserbinding data, response status code and response headers - def systems_systemusers_binding_list_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(System, Integer, Hash)>] System data, response status code and response headers + def systems_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.systems_systemusers_binding_list ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.systems_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling SystemsApi.systems_systemusers_binding_list" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.systems_systemusers_binding_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.systems_systemusers_binding_list" + fail ArgumentError, "Missing the required parameter 'id' when calling SystemsApi.systems_get" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemsApi.systems_systemusers_binding_list, must be greater than or equal to 0.' + # resource path + local_var_path = '/systems/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? + header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'System' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemsApi#systems_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end + return data, status_code, headers + end + # List All Systems + # This endpoint returns all Systems. #### Sample Requests ``` curl -X GET https://console.jumpcloud.com/api/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @return [Systemslist] + def systems_list(opts = {}) + data, _status_code, _headers = systems_list_with_http_info(opts) + data + end + # List All Systems + # This endpoint returns all Systems. #### Sample Requests ``` curl -X GET https://console.jumpcloud.com/api/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @return [Array<(Systemslist, Integer, Hash)>] Systemslist data, response status code and response headers + def systems_list_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemsApi.systems_list ...' + end # resource path - local_var_path = "/systems/{id}/systemusers".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systems' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Systemslist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemuserbinding') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemsApi#systems_systemusers_binding_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemsApi#systems_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Update a system's or user's binding - # Hidden as Tags is deprecated Adds or removes a user binding for a system. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). #### Sample Request *Add (or remove) a system user to (from) a system* ``` curl \\ -d '{ \"add\": [\"[SYSTEM_USER_ID_TO_ADD_HERE]\"], \"remove\": [\"[SYSTEM_USER_ID_TO_REMOVE_HERE]\"] }' \\ -X PUT \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systems/[SYSTEM_ID_HERE]/systemusers + # Update a system + # This endpoint allows you to update a system. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\":\"Name_Update\", \"allowSshPasswordAuthentication\":\"true\", \"allowSshRootLogin\":\"true\", \"allowMultiFactorAuthentication\":\"true\", \"allowPublicKeyAuthentication\":\"false\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Systemuserbindingsput] :body - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def systems_systemusers_binding_put(id, content_type, accept, opts = {}) - systems_systemusers_binding_put_with_http_info(id, content_type, accept, opts) - return nil + # @option opts [Systemput] :body + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [String] :x_org_id + # @return [System] + def systems_put(id, opts = {}) + data, _status_code, _headers = systems_put_with_http_info(id, opts) + data end - # Update a system's or user's binding - # Hidden as Tags is deprecated Adds or removes a user binding for a system. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). #### Sample Request *Add (or remove) a system user to (from) a system* ``` curl \\ -d '{ \"add\": [\"[SYSTEM_USER_ID_TO_ADD_HERE]\"], \"remove\": [\"[SYSTEM_USER_ID_TO_REMOVE_HERE]\"] }' \\ -X PUT \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systems/[SYSTEM_ID_HERE]/systemusers + # Update a system + # This endpoint allows you to update a system. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\":\"Name_Update\", \"allowSshPasswordAuthentication\":\"true\", \"allowSshRootLogin\":\"true\", \"allowMultiFactorAuthentication\":\"true\", \"allowPublicKeyAuthentication\":\"false\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Systemuserbindingsput] :body + # @option opts [Systemput] :body + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def systems_systemusers_binding_put_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(System, Integer, Hash)>] System data, response status code and response headers + def systems_put_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.systems_systemusers_binding_put ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.systems_put ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling SystemsApi.systems_systemusers_binding_put" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.systems_systemusers_binding_put" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.systems_systemusers_binding_put" + fail ArgumentError, "Missing the required parameter 'id' when calling SystemsApi.systems_put" end # resource path - local_var_path = "/systems/{id}/systemusers".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systems/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept + header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? + header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'System' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemsApi#systems_systemusers_binding_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemsApi#systems_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv1/lib/jcapiv1/api/systemusers_api.rb b/jcapiv1/lib/jcapiv1/api/systemusers_api.rb index f934e6c..2866950 100644 --- a/jcapiv1/lib/jcapiv1/api/systemusers_api.rb +++ b/jcapiv1/lib/jcapiv1/api/systemusers_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv1 class SystemusersApi attr_accessor :api_client @@ -19,33 +16,28 @@ class SystemusersApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Delete a system user's Public SSH Keys # This endpoint will delete a specific System User's SSH Key. # @param systemuser_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def sshkey_delete(systemuser_id, id, content_type, accept, opts = {}) - sshkey_delete_with_http_info(systemuser_id, id, content_type, accept, opts) - return nil + # @option opts [String] :x_org_id + # @return [String] + def sshkey_delete(systemuser_id, id, opts = {}) + data, _status_code, _headers = sshkey_delete_with_http_info(systemuser_id, id, opts) + data end - # Delete a system user's Public SSH Keys - # This endpoint will delete a specific System User's SSH Key. + # Delete a system user's Public SSH Keys + # This endpoint will delete a specific System User's SSH Key. # @param systemuser_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def sshkey_delete_with_http_info(systemuser_id, id, content_type, accept, opts = {}) + # @return [Array<(String, Integer, Hash)>] String data, response status code and response headers + def sshkey_delete_with_http_info(systemuser_id, id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.sshkey_delete ..." + @api_client.config.logger.debug 'Calling API: SystemusersApi.sshkey_delete ...' end # verify the required parameter 'systemuser_id' is set if @api_client.config.client_side_validation && systemuser_id.nil? @@ -55,873 +47,837 @@ def sshkey_delete_with_http_info(systemuser_id, id, content_type, accept, opts = if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.sshkey_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.sshkey_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.sshkey_delete" - end # resource path - local_var_path = "/systemusers/{systemuser_id}/sshkeys/{id}".sub('{' + 'systemuser_id' + '}', systemuser_id.to_s).sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemusers/{systemuser_id}/sshkeys/{id}'.sub('{' + 'systemuser_id' + '}', systemuser_id.to_s).sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept + header_params['Accept'] = @api_client.select_header_accept(['application/json', 'text/plain']) header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'String' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemusersApi#sshkey_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List a system user's public SSH keys # This endpoint will return a specific System User's public SSH key. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id # @return [Array] - def sshkey_list(id, content_type, accept, opts = {}) - data, _status_code, _headers = sshkey_list_with_http_info(id, content_type, accept, opts) - return data + def sshkey_list(id, opts = {}) + data, _status_code, _headers = sshkey_list_with_http_info(id, opts) + data end - # List a system user's public SSH keys - # This endpoint will return a specific System User's public SSH key. + # List a system user's public SSH keys + # This endpoint will return a specific System User's public SSH key. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def sshkey_list_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def sshkey_list_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.sshkey_list ..." + @api_client.config.logger.debug 'Calling API: SystemusersApi.sshkey_list ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.sshkey_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.sshkey_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.sshkey_list" - end # resource path - local_var_path = "/systemusers/{id}/sshkeys".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemusers/{id}/sshkeys'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemusersApi#sshkey_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create a system user's Public SSH Key # This endpoint will create a specific System User's Public SSH Key. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Sshkeypost] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id # @return [Sshkeylist] - def sshkey_post(id, content_type, accept, opts = {}) - data, _status_code, _headers = sshkey_post_with_http_info(id, content_type, accept, opts) - return data + def sshkey_post(id, opts = {}) + data, _status_code, _headers = sshkey_post_with_http_info(id, opts) + data end - # Create a system user's Public SSH Key - # This endpoint will create a specific System User's Public SSH Key. + # Create a system user's Public SSH Key + # This endpoint will create a specific System User's Public SSH Key. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Sshkeypost] :body # @option opts [String] :x_org_id - # @return [Array<(Sshkeylist, Fixnum, Hash)>] Sshkeylist data, response status code and response headers - def sshkey_post_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Sshkeylist, Integer, Hash)>] Sshkeylist data, response status code and response headers + def sshkey_post_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.sshkey_post ..." + @api_client.config.logger.debug 'Calling API: SystemusersApi.sshkey_post ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.sshkey_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.sshkey_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.sshkey_post" - end # resource path - local_var_path = "/systemusers/{id}/sshkeys".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemusers/{id}/sshkeys'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Sshkeylist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Sshkeylist') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemusersApi#sshkey_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Delete a system user # This endpoint allows you to delete a particular system user. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id + # @option opts [String] :cascade_manager This is an optional flag that can be enabled on the DELETE call, DELETE /systemusers/{id}?cascade_manager=null. This parameter will clear the Manager attribute on all direct reports and then delete the account. # @return [Systemuserreturn] - def systemusers_delete(id, content_type, accept, opts = {}) - data, _status_code, _headers = systemusers_delete_with_http_info(id, content_type, accept, opts) - return data + def systemusers_delete(id, opts = {}) + data, _status_code, _headers = systemusers_delete_with_http_info(id, opts) + data end # Delete a system user - # This endpoint allows you to delete a particular system user. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a particular system user. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id - # @return [Array<(Systemuserreturn, Fixnum, Hash)>] Systemuserreturn data, response status code and response headers - def systemusers_delete_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :cascade_manager This is an optional flag that can be enabled on the DELETE call, DELETE /systemusers/{id}?cascade_manager=null. This parameter will clear the Manager attribute on all direct reports and then delete the account. + # @return [Array<(Systemuserreturn, Integer, Hash)>] Systemuserreturn data, response status code and response headers + def systemusers_delete_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.systemusers_delete ..." + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_delete ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.systemusers_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.systemusers_delete" - end # resource path - local_var_path = "/systemusers/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemusers/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} + query_params[:'cascade_manager'] = opts[:'cascade_manager'] if !opts[:'cascade_manager'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Systemuserreturn' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemuserreturn') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemusersApi#systemusers_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Expire a system user's password + # This endpoint allows you to expire a user's password. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [String] + def systemusers_expire(id, opts = {}) + data, _status_code, _headers = systemusers_expire_with_http_info(id, opts) + data + end + # Expire a system user's password + # This endpoint allows you to expire a user's password. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [Array<(String, Integer, Hash)>] String data, response status code and response headers + def systemusers_expire_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_expire ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_expire" + end + # resource path + local_var_path = '/systemusers/{id}/expire'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json', 'text/plain']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'String' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemusersApi#systemusers_expire\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # List a system user # This endpoint returns a particular System User. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [String] :x_org_id # @return [Systemuserreturn] - def systemusers_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = systemusers_get_with_http_info(id, content_type, accept, opts) - return data + def systemusers_get(id, opts = {}) + data, _status_code, _headers = systemusers_get_with_http_info(id, opts) + data end # List a system user - # This endpoint returns a particular System User. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a particular System User. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id - # @return [Array<(Systemuserreturn, Fixnum, Hash)>] Systemuserreturn data, response status code and response headers - def systemusers_get_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Systemuserreturn, Integer, Hash)>] Systemuserreturn data, response status code and response headers + def systemusers_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.systemusers_get ..." + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.systemusers_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.systemusers_get" - end # resource path - local_var_path = "/systemusers/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemusers/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Systemuserreturn' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemuserreturn') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemusersApi#systemusers_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List all system users # This endpoint returns all systemusers. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. (default to ) - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. (default to ) - # @option opts [String] :x_org_id (default to ) - # @option opts [String] :search A nested object containing a string `searchTerm` and a list of `fields` to search on. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [String] :x_org_id + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. # @return [Systemuserslist] - def systemusers_list(content_type, accept, opts = {}) - data, _status_code, _headers = systemusers_list_with_http_info(content_type, accept, opts) - return data + def systemusers_list(opts = {}) + data, _status_code, _headers = systemusers_list_with_http_info(opts) + data end # List all system users - # This endpoint returns all systemusers. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all systemusers. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id - # @option opts [String] :search A nested object containing a string `searchTerm` and a list of `fields` to search on. - # @option opts [String] :filter A filter to apply to the query. - # @return [Array<(Systemuserslist, Fixnum, Hash)>] Systemuserslist data, response status code and response headers - def systemusers_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. + # @return [Array<(Systemuserslist, Integer, Hash)>] Systemuserslist data, response status code and response headers + def systemusers_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.systemusers_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.systemusers_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.systemusers_list" + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_list ...' end # resource path - local_var_path = "/systemusers" + local_var_path = '/systemusers' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? - query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil? query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Systemuserslist' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemuserslist') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemusersApi#systemusers_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Sync a systemuser's mfa enrollment status + # This endpoint allows you to re-sync a user's mfa enrollment status #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/mfasync \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def systemusers_mfasync(id, opts = {}) + systemusers_mfasync_with_http_info(id, opts) + nil + end + # Sync a systemuser's mfa enrollment status + # This endpoint allows you to re-sync a user's mfa enrollment status #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/mfasync \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def systemusers_mfasync_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_mfasync ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_mfasync" + end + # resource path + local_var_path = '/systemusers/{id}/mfasync'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemusersApi#systemusers_mfasync\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # Create a system user - # This endpoint allows you to create a new system user. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"username\":\"{username}\", \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` - # @param content_type - # @param accept + # \"This endpoint allows you to create a new system user. #### Default User State The `state` of the user can be explicitly passed in or omitted. If `state` is omitted from the request, then the user will get created using the value returned from the [Get an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organizations_get) endpoint. The default user state for manually created users is stored in `settings.newSystemUserStateDefaults.manualEntry` These default state values can be changed in the admin portal settings or by using the [Update an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organization_put) endpoint. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"username\":\"{username}\", \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Systemuserputpost] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id + # @option opts [String] :full_validation_details Pass this query parameter when a client wants all validation errors to be returned with a detailed error response for the form field specified. The current form fields are allowed: * `password` #### Password validation flag Use the `password` validation flag to receive details on a possible bad request response ``` ?fullValidationDetails=password ``` Without the flag, default behavior will be a normal 400 with only a single validation string error #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [ {\"field\": \"password\", \"description\": \"specialCharacter\"} ], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` # @return [Systemuserreturn] - def systemusers_post(content_type, accept, opts = {}) - data, _status_code, _headers = systemusers_post_with_http_info(content_type, accept, opts) - return data + def systemusers_post(opts = {}) + data, _status_code, _headers = systemusers_post_with_http_info(opts) + data end # Create a system user - # This endpoint allows you to create a new system user. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"username\":\"{username}\", \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` - # @param content_type - # @param accept + # \"This endpoint allows you to create a new system user. #### Default User State The `state` of the user can be explicitly passed in or omitted. If `state` is omitted from the request, then the user will get created using the value returned from the [Get an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organizations_get) endpoint. The default user state for manually created users is stored in `settings.newSystemUserStateDefaults.manualEntry` These default state values can be changed in the admin portal settings or by using the [Update an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organization_put) endpoint. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"username\":\"{username}\", \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Systemuserputpost] :body # @option opts [String] :x_org_id - # @return [Array<(Systemuserreturn, Fixnum, Hash)>] Systemuserreturn data, response status code and response headers - def systemusers_post_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :full_validation_details Pass this query parameter when a client wants all validation errors to be returned with a detailed error response for the form field specified. The current form fields are allowed: * `password` #### Password validation flag Use the `password` validation flag to receive details on a possible bad request response ``` ?fullValidationDetails=password ``` Without the flag, default behavior will be a normal 400 with only a single validation string error #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [ {\"field\": \"password\", \"description\": \"specialCharacter\"} ], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` + # @return [Array<(Systemuserreturn, Integer, Hash)>] Systemuserreturn data, response status code and response headers + def systemusers_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.systemusers_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.systemusers_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.systemusers_post" + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_post ...' end # resource path - local_var_path = "/systemusers" + local_var_path = '/systemusers' # query parameters - query_params = {} + query_params = opts[:query_params] || {} + query_params[:'fullValidationDetails'] = opts[:'full_validation_details'] if !opts[:'full_validation_details'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Systemuserreturn' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemuserreturn') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemusersApi#systemusers_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Update a system user # This endpoint allows you to update a system user. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Systemuserput] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id + # @option opts [String] :full_validation_details This endpoint can take in a query when a client wants all validation errors to be returned with error response for the form field specified, i.e. 'password' #### Password validation flag Use the \"password\" validation flag to receive details on a possible bad request response Without the `password` flag, default behavior will be a normal 400 with only a validation string message ``` ?fullValidationDetails=password ``` #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [{ \"field\": \"password\", \"description\": \"passwordHistory\" }], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` # @return [Systemuserreturn] - def systemusers_put(id, content_type, accept, opts = {}) - data, _status_code, _headers = systemusers_put_with_http_info(id, content_type, accept, opts) - return data + def systemusers_put(id, opts = {}) + data, _status_code, _headers = systemusers_put_with_http_info(id, opts) + data end # Update a system user - # This endpoint allows you to update a system user. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` + # This endpoint allows you to update a system user. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Systemuserput] :body # @option opts [String] :x_org_id - # @return [Array<(Systemuserreturn, Fixnum, Hash)>] Systemuserreturn data, response status code and response headers - def systemusers_put_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :full_validation_details This endpoint can take in a query when a client wants all validation errors to be returned with error response for the form field specified, i.e. 'password' #### Password validation flag Use the \"password\" validation flag to receive details on a possible bad request response Without the `password` flag, default behavior will be a normal 400 with only a validation string message ``` ?fullValidationDetails=password ``` #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [{ \"field\": \"password\", \"description\": \"passwordHistory\" }], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` + # @return [Array<(Systemuserreturn, Integer, Hash)>] Systemuserreturn data, response status code and response headers + def systemusers_put_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.systemusers_put ..." + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_put ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_put" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.systemusers_put" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.systemusers_put" - end # resource path - local_var_path = "/systemusers/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemusers/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} + query_params[:'fullValidationDetails'] = opts[:'full_validation_details'] if !opts[:'full_validation_details'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Systemuserreturn' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemuserreturn') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemusersApi#systemusers_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Reset a system user's MFA token - # This endpoint allows you to reset the TOTP key for a specified system user and put them in an TOTP MFA enrollment period. This will result in the user being prompted to setup TOTP MFA when logging into userportal. Please be aware that if the user does not complete TOTP MFA setup before the `exclusionUntil` date, they will be locked out of any resources that require TOTP MFA. Please refer to our [Knowledge Base Article](https://support.jumpcloud.com/customer/en/portal/articles/2959138-using-multifactor-authentication-with-jumpcloud) on setting up MFA for more information. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/resetmfa \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"exclusion\": true, \"exclusionUntil\": \"{date-time}\"}' ``` + # This endpoint allows you to reset the TOTP key for a specified system user and put them in an TOTP MFA enrollment period. This will result in the user being prompted to setup TOTP MFA when logging into userportal. Please be aware that if the user does not complete TOTP MFA setup before the `exclusionUntil` date, they will be locked out of any resources that require TOTP MFA. Please refer to our [Knowledge Base Article](https://support.jumpcloud.com/customer/en/portal/articles/2959138-using-multifactor-authentication-with-jumpcloud) on setting up MFA for more information. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/resetmfa \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"exclusion\": true, \"exclusionUntil\": \"{date-time}\"}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Body1] :body - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def systemusers_resetmfa(id, content_type, accept, opts = {}) - systemusers_resetmfa_with_http_info(id, content_type, accept, opts) - return nil + # @option opts [IdResetmfaBody] :body + # @option opts [String] :x_org_id + # @return [String] + def systemusers_resetmfa(id, opts = {}) + data, _status_code, _headers = systemusers_resetmfa_with_http_info(id, opts) + data end - # Reset a system user's MFA token - # This endpoint allows you to reset the TOTP key for a specified system user and put them in an TOTP MFA enrollment period. This will result in the user being prompted to setup TOTP MFA when logging into userportal. Please be aware that if the user does not complete TOTP MFA setup before the `exclusionUntil` date, they will be locked out of any resources that require TOTP MFA. Please refer to our [Knowledge Base Article](https://support.jumpcloud.com/customer/en/portal/articles/2959138-using-multifactor-authentication-with-jumpcloud) on setting up MFA for more information. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/resetmfa \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"exclusion\": true, \"exclusionUntil\": \"{date-time}\"}' ``` + # Reset a system user's MFA token + # This endpoint allows you to reset the TOTP key for a specified system user and put them in an TOTP MFA enrollment period. This will result in the user being prompted to setup TOTP MFA when logging into userportal. Please be aware that if the user does not complete TOTP MFA setup before the `exclusionUntil` date, they will be locked out of any resources that require TOTP MFA. Please refer to our [Knowledge Base Article](https://support.jumpcloud.com/customer/en/portal/articles/2959138-using-multifactor-authentication-with-jumpcloud) on setting up MFA for more information. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/resetmfa \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"exclusion\": true, \"exclusionUntil\": \"{date-time}\"}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Body1] :body + # @option opts [IdResetmfaBody] :body # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def systemusers_resetmfa_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(String, Integer, Hash)>] String data, response status code and response headers + def systemusers_resetmfa_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.systemusers_resetmfa ..." + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_resetmfa ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_resetmfa" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.systemusers_resetmfa" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.systemusers_resetmfa" - end # resource path - local_var_path = "/systemusers/{id}/resetmfa".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemusers/{id}/resetmfa'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params['Accept'] = @api_client.select_header_accept(['application/json', 'text/plain']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'String' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemusersApi#systemusers_resetmfa\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List system user binding - # Hidden as Tags is deprecated Adds or removes a system binding for a user. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). List system bindings for a specific system user in a system and user binding format. ### Examples #### List system bindings for specific system user ``` curl \\ -H 'Content-Type: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systemusers/[SYSTEM_USER_ID_HERE]/systems\" ``` + # Activate System User + # This endpoint changes the state of a STAGED user to ACTIVATED. #### Email Flag Use the \"email\" flag to determine whether or not to send a Welcome or Activation email to the newly activated user. Sending an empty body without the `email` flag, will send an email with default behavior (see the \"Behavior\" section below) ``` {} ``` Sending `email=true` flag will send an email with default behavior (see `Behavior` below) ``` { \"email\": true } ``` Populated email will override the default behavior and send to the specified email value ``` { \"email\": \"example@example.com\" } ``` Sending `email=false` will suppress sending the email ``` { \"email\": false } ``` #### Behavior Users with a password will be sent a Welcome email to: - The address specified in `email` flag in the request - If no `email` flag, the user's primary email address (default behavior) Users without a password will be sent an Activation email to: - The address specified in `email` flag in the request - If no `email` flag, the user's alternate email address (default behavior) - If no alternate email address, the user's primary email address (default behavior) #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers/{id}/state/activate \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: ' \\ -d '{ \"email\": \"alternate-activation-email@email.com\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id (default to ) - # @return [Object] - def systemusers_systems_binding_list(id, content_type, accept, opts = {}) - data, _status_code, _headers = systemusers_systems_binding_list_with_http_info(id, content_type, accept, opts) - return data + # @option opts [StateActivateBody] :body + # @return [String] + def systemusers_state_activate(id, opts = {}) + data, _status_code, _headers = systemusers_state_activate_with_http_info(id, opts) + data end - # List system user binding - # Hidden as Tags is deprecated Adds or removes a system binding for a user. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). List system bindings for a specific system user in a system and user binding format. ### Examples #### List system bindings for specific system user ``` curl \\ -H 'Content-Type: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systemusers/[SYSTEM_USER_ID_HERE]/systems\" ``` + # Activate System User + # This endpoint changes the state of a STAGED user to ACTIVATED. #### Email Flag Use the \"email\" flag to determine whether or not to send a Welcome or Activation email to the newly activated user. Sending an empty body without the `email` flag, will send an email with default behavior (see the \"Behavior\" section below) ``` {} ``` Sending `email=true` flag will send an email with default behavior (see `Behavior` below) ``` { \"email\": true } ``` Populated email will override the default behavior and send to the specified email value ``` { \"email\": \"example@example.com\" } ``` Sending `email=false` will suppress sending the email ``` { \"email\": false } ``` #### Behavior Users with a password will be sent a Welcome email to: - The address specified in `email` flag in the request - If no `email` flag, the user's primary email address (default behavior) Users without a password will be sent an Activation email to: - The address specified in `email` flag in the request - If no `email` flag, the user's alternate email address (default behavior) - If no alternate email address, the user's primary email address (default behavior) #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers/{id}/state/activate \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: <api-key>' \\ -d '{ \"email\": \"alternate-activation-email@email.com\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id - # @return [Array<(Object, Fixnum, Hash)>] Object data, response status code and response headers - def systemusers_systems_binding_list_with_http_info(id, content_type, accept, opts = {}) + # @option opts [StateActivateBody] :body + # @return [Array<(String, Integer, Hash)>] String data, response status code and response headers + def systemusers_state_activate_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.systemusers_systems_binding_list ..." + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_state_activate ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_systems_binding_list" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.systemusers_systems_binding_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.systemusers_systems_binding_list" + fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_state_activate" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemusersApi.systemusers_systems_binding_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemusers/{id}/systems".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemusers/{id}/state/activate'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} - query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? - query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'String' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Object') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemusersApi#systemusers_systems_binding_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemusersApi#systemusers_state_activate\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Update a system user binding - # Hidden as Tags is deprecated Adds or removes a system binding for a user. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). ### Example #### Add (or remove) system to system user ``` curl \\ -d '{ \"add\": [\"[SYSTEM_ID_TO_ADD_HERE]\"], \"remove\": [\"[SYSTEM_ID_TO_REMOVE_HERE]\"] }' \\ -X PUT \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systemusers/[SYSTEM_USER_ID_HERE]/systems\" ``` + # Display info about a System User's TOTP enrollment. + # This endpoint will return info for a specific System User's TOTP enrollment. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Usersystembindingsput] :body - # @option opts [String] :x_org_id (default to ) - # @return [Usersystembinding] - def systemusers_systems_binding_put(id, content_type, accept, opts = {}) - data, _status_code, _headers = systemusers_systems_binding_put_with_http_info(id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id + # @return [Totpenrollmentinfo] + def systemusers_totp_info(id, opts = {}) + data, _status_code, _headers = systemusers_totp_info_with_http_info(id, opts) + data end - # Update a system user binding - # Hidden as Tags is deprecated Adds or removes a system binding for a user. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). ### Example #### Add (or remove) system to system user ``` curl \\ -d '{ \"add\": [\"[SYSTEM_ID_TO_ADD_HERE]\"], \"remove\": [\"[SYSTEM_ID_TO_REMOVE_HERE]\"] }' \\ -X PUT \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systemusers/[SYSTEM_USER_ID_HERE]/systems\" ``` + # Display info about a System User's TOTP enrollment. + # This endpoint will return info for a specific System User's TOTP enrollment. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Usersystembindingsput] :body # @option opts [String] :x_org_id - # @return [Array<(Usersystembinding, Fixnum, Hash)>] Usersystembinding data, response status code and response headers - def systemusers_systems_binding_put_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(Totpenrollmentinfo, Integer, Hash)>] Totpenrollmentinfo data, response status code and response headers + def systemusers_totp_info_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.systemusers_systems_binding_put ..." + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_totp_info ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_systems_binding_put" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.systemusers_systems_binding_put" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.systemusers_systems_binding_put" + fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_totp_info" end # resource path - local_var_path = "/systemusers/{id}/systems".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemusers/{id}/totpinfo'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + post_body = opts[:body] + + return_type = opts[:return_type] || 'Totpenrollmentinfo' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Usersystembinding') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemusersApi#systemusers_systems_binding_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemusersApi#systemusers_totp_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Unlock a system user # This endpoint allows you to unlock a user's account. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def systemusers_unlock(id, content_type, accept, opts = {}) - systemusers_unlock_with_http_info(id, content_type, accept, opts) - return nil + # @option opts [String] :x_org_id + # @return [String] + def systemusers_unlock(id, opts = {}) + data, _status_code, _headers = systemusers_unlock_with_http_info(id, opts) + data end # Unlock a system user - # This endpoint allows you to unlock a user's account. + # This endpoint allows you to unlock a user's account. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def systemusers_unlock_with_http_info(id, content_type, accept, opts = {}) + # @return [Array<(String, Integer, Hash)>] String data, response status code and response headers + def systemusers_unlock_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemusersApi.systemusers_unlock ..." + @api_client.config.logger.debug 'Calling API: SystemusersApi.systemusers_unlock ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling SystemusersApi.systemusers_unlock" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemusersApi.systemusers_unlock" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemusersApi.systemusers_unlock" - end # resource path - local_var_path = "/systemusers/{id}/unlock".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemusers/{id}/unlock'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept + header_params['Accept'] = @api_client.select_header_accept(['application/json', 'text/plain']) header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'String' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemusersApi#systemusers_unlock\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv1/lib/jcapiv1/api/tags_api.rb b/jcapiv1/lib/jcapiv1/api/tags_api.rb deleted file mode 100644 index 41b47d9..0000000 --- a/jcapiv1/lib/jcapiv1/api/tags_api.rb +++ /dev/null @@ -1,398 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require "uri" - -module JCAPIv1 - class TagsApi - attr_accessor :api_client - - def initialize(api_client = ApiClient.default) - @api_client = api_client - end - - # Delete a Tag - # Hidden as Tags is deprecated Delete a Tag. - # @param name - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @return [Tag] - def tags_delete(name, content_type, accept, opts = {}) - data, _status_code, _headers = tags_delete_with_http_info(name, content_type, accept, opts) - return data - end - - # Delete a Tag - # Hidden as Tags is deprecated Delete a Tag. - # @param name - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @return [Array<(Tag, Fixnum, Hash)>] Tag data, response status code and response headers - def tags_delete_with_http_info(name, content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: TagsApi.tags_delete ..." - end - # verify the required parameter 'name' is set - if @api_client.config.client_side_validation && name.nil? - fail ArgumentError, "Missing the required parameter 'name' when calling TagsApi.tags_delete" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling TagsApi.tags_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling TagsApi.tags_delete" - end - # resource path - local_var_path = "/tags/{name}".sub('{' + 'name' + '}', name.to_s) - - # query parameters - query_params = {} - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'Tag') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: TagsApi#tags_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - - # List a Tag - # Hidden as Tags is deprecated Returns a specific tag. - # @param name - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @return [Tag] - def tags_get(name, content_type, accept, opts = {}) - data, _status_code, _headers = tags_get_with_http_info(name, content_type, accept, opts) - return data - end - - # List a Tag - # Hidden as Tags is deprecated Returns a specific tag. - # @param name - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. - # @return [Array<(Tag, Fixnum, Hash)>] Tag data, response status code and response headers - def tags_get_with_http_info(name, content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: TagsApi.tags_get ..." - end - # verify the required parameter 'name' is set - if @api_client.config.client_side_validation && name.nil? - fail ArgumentError, "Missing the required parameter 'name' when calling TagsApi.tags_get" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling TagsApi.tags_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling TagsApi.tags_get" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling TagsApi.tags_get, must be greater than or equal to 0.' - end - - # resource path - local_var_path = "/Tags/{name}".sub('{' + 'name' + '}', name.to_s) - - # query parameters - query_params = {} - query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? - query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'Tag') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: TagsApi#tags_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - - # List All Tags - # Hidden as Tags is deprecated Returns all Tags. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. (default to ) - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. (default to ) - # @option opts [String] :filter A filter to apply to the query. - # @return [Tagslist] - def tags_list(content_type, accept, opts = {}) - data, _status_code, _headers = tags_list_with_http_info(content_type, accept, opts) - return data - end - - # List All Tags - # Hidden as Tags is deprecated Returns all Tags. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. - # @return [Array<(Tagslist, Fixnum, Hash)>] Tagslist data, response status code and response headers - def tags_list_with_http_info(content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: TagsApi.tags_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling TagsApi.tags_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling TagsApi.tags_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling TagsApi.tags_list, must be greater than or equal to 0.' - end - - # resource path - local_var_path = "/tags" - - # query parameters - query_params = {} - query_params[:'fields'] = opts[:'fields'] if !opts[:'fields'].nil? - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? - query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'Tagslist') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: TagsApi#tags_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - - # Create a Tag - # Hidden as Tags is deprecated Create a tag. ### Examples #### Create a new Tag ``` curl \\ -d '{\"name\" : \"Developers\"}' \\ -X 'POST' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/tags\" ``` - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Tagpost] :body - # @return [Tag] - def tags_post(content_type, accept, opts = {}) - data, _status_code, _headers = tags_post_with_http_info(content_type, accept, opts) - return data - end - - # Create a Tag - # Hidden as Tags is deprecated Create a tag. ### Examples #### Create a new Tag ``` curl \\ -d '{\"name\" : \"Developers\"}' \\ -X 'POST' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/tags\" ``` - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Tagpost] :body - # @return [Array<(Tag, Fixnum, Hash)>] Tag data, response status code and response headers - def tags_post_with_http_info(content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: TagsApi.tags_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling TagsApi.tags_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling TagsApi.tags_post" - end - # resource path - local_var_path = "/tags" - - # query parameters - query_params = {} - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - - # form parameters - form_params = {} - - # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:POST, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'Tag') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: TagsApi#tags_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - - # Update a Tag - # Hidden as Tags is deprecated Update a specific tag. - # @param name - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Tagput] :body - # @return [Tag] - def tags_put(name, content_type, accept, opts = {}) - data, _status_code, _headers = tags_put_with_http_info(name, content_type, accept, opts) - return data - end - - # Update a Tag - # Hidden as Tags is deprecated Update a specific tag. - # @param name - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Tagput] :body - # @return [Array<(Tag, Fixnum, Hash)>] Tag data, response status code and response headers - def tags_put_with_http_info(name, content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: TagsApi.tags_put ..." - end - # verify the required parameter 'name' is set - if @api_client.config.client_side_validation && name.nil? - fail ArgumentError, "Missing the required parameter 'name' when calling TagsApi.tags_put" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling TagsApi.tags_put" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling TagsApi.tags_put" - end - # resource path - local_var_path = "/Tag/{name}".sub('{' + 'name' + '}', name.to_s) - - # query parameters - query_params = {} - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - - # form parameters - form_params = {} - - # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PUT, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'Tag') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: TagsApi#tags_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - end -end diff --git a/jcapiv1/lib/jcapiv1/api/users_api.rb b/jcapiv1/lib/jcapiv1/api/users_api.rb new file mode 100644 index 0000000..d28cd3d --- /dev/null +++ b/jcapiv1/lib/jcapiv1/api/users_api.rb @@ -0,0 +1,195 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv1 + class UsersApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Administrator TOTP Reset Initiation + # This endpoint initiates a TOTP reset for an admin. This request does not accept a body. + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def admin_totpreset_begin(id, opts = {}) + admin_totpreset_begin_with_http_info(id, opts) + nil + end + + # Administrator TOTP Reset Initiation + # This endpoint initiates a TOTP reset for an admin. This request does not accept a body. + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def admin_totpreset_begin_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: UsersApi.admin_totpreset_begin ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling UsersApi.admin_totpreset_begin" + end + # resource path + local_var_path = '/users/resettotp/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: UsersApi#admin_totpreset_begin\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update a user + # This endpoint allows you to update a user. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Userput] :body + # @option opts [String] :x_org_id + # @return [Userreturn] + def users_put(id, opts = {}) + data, _status_code, _headers = users_put_with_http_info(id, opts) + data + end + + # Update a user + # This endpoint allows you to update a user. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Userput] :body + # @option opts [String] :x_org_id + # @return [Array<(Userreturn, Integer, Hash)>] Userreturn data, response status code and response headers + def users_put_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: UsersApi.users_put ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling UsersApi.users_put" + end + # resource path + local_var_path = '/users/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Userreturn' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: UsersApi#users_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Administrator Password Reset Initiation + # This endpoint triggers the sending of a reactivation e-mail to an administrator. + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def users_reactivate_get(id, opts = {}) + users_reactivate_get_with_http_info(id, opts) + nil + end + + # Administrator Password Reset Initiation + # This endpoint triggers the sending of a reactivation e-mail to an administrator. + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def users_reactivate_get_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: UsersApi.users_reactivate_get ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling UsersApi.users_reactivate_get" + end + # resource path + local_var_path = '/users/reactivate/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: UsersApi#users_reactivate_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv1/lib/jcapiv1/api_client.rb b/jcapiv1/lib/jcapiv1/api_client.rb index 90a6d66..05734ad 100644 --- a/jcapiv1/lib/jcapiv1/api_client.rb +++ b/jcapiv1/lib/jcapiv1/api_client.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' @@ -33,7 +32,7 @@ def initialize(config = Configuration.default) @config = config @user_agent = "Swagger-Codegen/#{VERSION}/ruby" @default_headers = { - 'Content-Type' => "application/json", + 'Content-Type' => 'application/json', 'User-Agent' => @user_agent } end @@ -44,7 +43,7 @@ def self.default # Call an API with given options. # - # @return [Array<(Object, Fixnum, Hash)>] an array of 3 elements: + # @return [Array<(Object, Integer, Hash)>] an array of 3 elements: # the data deserialized from response body (could be nil), response status code and response headers. def call_api(http_method, path, opts = {}) request = build_request(http_method, path, opts) @@ -128,6 +127,34 @@ def build_request(http_method, path, opts = {}) request end + # Builds the HTTP request body + # + # @param [Hash] header_params Header parameters + # @param [Hash] form_params Query parameters + # @param [Object] body HTTP body (JSON/XML) + # @return [String] HTTP body data in the form of string + def build_request_body(header_params, form_params, body) + # http form + if header_params['Content-Type'] == 'application/x-www-form-urlencoded' || + header_params['Content-Type'] == 'multipart/form-data' + data = {} + form_params.each do |key, value| + case value + when ::File, ::Array, nil + # let typhoeus handle File, Array and nil parameters + data[key] = value + else + data[key] = value.to_s + end + end + elsif body + data = body.is_a?(String) ? body : body.to_json + else + data = nil + end + data + end + # Check if the given MIME is a JSON MIME. # JSON MIME examples: # application/json @@ -137,13 +164,13 @@ def build_request(http_method, path, opts = {}) # @param [String] mime MIME # @return [Boolean] True if the MIME is application/json def json_mime?(mime) - (mime == "*/*") || !(mime =~ /Application\/.*json(?!p)(;.*)?/i).nil? + (mime == '*/*') || !(mime =~ /Application\/.*json(?!p)(;.*)?/i).nil? end # Deserialize the response to the given return type. # # @param [Response] response HTTP response - # @param [String] return_type some examples: "User", "Array[User]", "Hash[String,Integer]" + # @param [String] return_type some examples: "User", "Array", "Hash" def deserialize(response, return_type) body = response.body @@ -187,7 +214,7 @@ def convert_to_type(data, return_type) data.to_i when 'Float' data.to_f - when 'BOOLEAN' + when 'Boolean' data == true when 'DateTime' # parse date time (expecting ISO 8601 format) @@ -201,18 +228,16 @@ def convert_to_type(data, return_type) when /\AArray<(.+)>\z/ # e.g. Array sub_type = $1 - data.map {|item| convert_to_type(item, sub_type) } + data.map { |item| convert_to_type(item, sub_type) } when /\AHash\\z/ # e.g. Hash sub_type = $1 {}.tap do |hash| - data.each {|k, v| hash[k] = convert_to_type(v, sub_type) } + data.each { |k, v| hash[k] = convert_to_type(v, sub_type) } end else # models, e.g. Pet - JCAPIv1.const_get(return_type).new.tap do |model| - model.build_from_hash data - end + JCAPIv1.const_get(return_type).build_from_hash(data) end end @@ -228,7 +253,7 @@ def download_file(request) encoding = nil request.on_headers do |response| content_disposition = response.headers['Content-Disposition'] - if content_disposition and content_disposition =~ /filename=/i + if content_disposition && content_disposition =~ /filename=/i filename = content_disposition[/filename=['"]?([^'"\s]+)['"]?/, 1] prefix = sanitize_filename(filename) else @@ -244,11 +269,13 @@ def download_file(request) tempfile.write(chunk) end request.on_complete do |response| - tempfile.close - @config.logger.info "Temp file written to #{tempfile.path}, please copy the file to a proper folder "\ - "with e.g. `FileUtils.cp(tempfile.path, '/new/file/path')` otherwise the temp file "\ - "will be deleted automatically with GC. It's also recommended to delete the temp file "\ - "explicitly with `tempfile.delete`" + if tempfile + tempfile.close + @config.logger.info "Temp file written to #{tempfile.path}, please copy the file to a proper folder "\ + "with e.g. `FileUtils.cp(tempfile.path, '/new/file/path')` otherwise the temp file "\ + "will be deleted automatically with GC. It's also recommended to delete the temp file "\ + "explicitly with `tempfile.delete`" + end end end @@ -264,35 +291,7 @@ def sanitize_filename(filename) def build_request_url(path) # Add leading and trailing slashes to path path = "/#{path}".gsub(/\/+/, '/') - URI.encode(@config.base_url + path) - end - - # Builds the HTTP request body - # - # @param [Hash] header_params Header parameters - # @param [Hash] form_params Query parameters - # @param [Object] body HTTP body (JSON/XML) - # @return [String] HTTP body data in the form of string - def build_request_body(header_params, form_params, body) - # http form - if header_params['Content-Type'] == 'application/x-www-form-urlencoded' || - header_params['Content-Type'] == 'multipart/form-data' - data = {} - form_params.each do |key, value| - case value - when ::File, ::Array, nil - # let typhoeus handle File, Array and nil parameters - data[key] = value - else - data[key] = value.to_s - end - end - elsif body - data = body.is_a?(String) ? body : body.to_json - else - data = nil - end - data + @config.base_url + path end # Update hearder and query params based on authentication settings. @@ -327,7 +326,7 @@ def select_header_accept(accepts) return nil if accepts.nil? || accepts.empty? # use JSON when present, otherwise use all of the provided json_accept = accepts.find { |s| json_mime?(s) } - return json_accept || accepts.join(',') + json_accept || accepts.join(',') end # Return Content-Type header based on an array of content types provided. @@ -338,7 +337,7 @@ def select_header_content_type(content_types) return 'application/json' if content_types.nil? || content_types.empty? # use JSON when present, otherwise use the first one json_content_type = content_types.find { |s| json_mime?(s) } - return json_content_type || content_types.first + json_content_type || content_types.first end # Convert object (array, hash, object, etc) to JSON string. @@ -348,7 +347,7 @@ def object_to_http_body(model) return model if model.nil? || model.is_a?(String) local_body = nil if model.is_a?(Array) - local_body = model.map{|m| object_to_hash(m) } + local_body = model.map { |m| object_to_hash(m) } else local_body = object_to_hash(model) end diff --git a/jcapiv1/lib/jcapiv1/api_error.rb b/jcapiv1/lib/jcapiv1/api_error.rb index d8dbd8d..a01b007 100644 --- a/jcapiv1/lib/jcapiv1/api_error.rb +++ b/jcapiv1/lib/jcapiv1/api_error.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end module JCAPIv1 @@ -34,5 +33,25 @@ def initialize(arg = nil) super arg end end + + # Override to_s to display a friendly error message + def to_s + message + end + + def message + if @message.nil? + msg = "Error message: the server returns an error" + else + msg = @message + end + + msg += "\nHTTP status code: #{code}" if code + msg += "\nResponse headers: #{response_headers}" if response_headers + msg += "\nResponse body: #{response_body}" if response_body + + msg + end + end end diff --git a/jcapiv1/lib/jcapiv1/configuration.rb b/jcapiv1/lib/jcapiv1/configuration.rb index cc16ca8..540e1b5 100644 --- a/jcapiv1/lib/jcapiv1/configuration.rb +++ b/jcapiv1/lib/jcapiv1/configuration.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require 'uri' - module JCAPIv1 class Configuration # Defines url scheme @@ -130,7 +127,7 @@ class Configuration def initialize @scheme = 'https' @host = 'console.jumpcloud.com' - @base_path = '/api' + @base_path = 'https://console.jumpcloud.com/api' @api_key = {} @api_key_prefix = {} @timeout = 0 @@ -170,12 +167,11 @@ def host=(host) def base_path=(base_path) # Add leading and trailing slashes to base_path @base_path = "/#{base_path}".gsub(/\/+/, '/') - @base_path = "" if @base_path == "/" + @base_path = '' if @base_path == '/' end def base_url - url = "#{scheme}://#{[host, base_path].join('/').gsub(/\/+/, '/')}".sub(/\/+\z/, '') - URI.encode(url) + "#{scheme}://#{[host, base_path].join('/').gsub(/\/+/, '/')}".sub(/\/+\z/, '') end # Gets API key (with prefix if set). diff --git a/jcapiv1/lib/jcapiv1/models/application.rb b/jcapiv1/lib/jcapiv1/models/application.rb index 1d520d1..987d0ba 100644 --- a/jcapiv1/lib/jcapiv1/models/application.rb +++ b/jcapiv1/lib/jcapiv1/models/application.rb @@ -1,126 +1,242 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Application attr_accessor :_id + attr_accessor :active + attr_accessor :beta + attr_accessor :color + attr_accessor :config + attr_accessor :created + + attr_accessor :database_attributes + + attr_accessor :description + attr_accessor :display_label attr_accessor :display_name attr_accessor :learn_more + attr_accessor :logo + attr_accessor :name attr_accessor :organization + attr_accessor :sso + attr_accessor :sso_url + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'_id' => :'_id', + :'active' => :'active', :'beta' => :'beta', + :'color' => :'color', :'config' => :'config', + :'created' => :'created', + :'database_attributes' => :'databaseAttributes', + :'description' => :'description', :'display_label' => :'displayLabel', :'display_name' => :'displayName', :'learn_more' => :'learnMore', + :'logo' => :'logo', :'name' => :'name', :'organization' => :'organization', + :'sso' => :'sso', :'sso_url' => :'ssoUrl' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'beta' => :'BOOLEAN', - :'config' => :'ApplicationConfig', - :'display_label' => :'String', - :'display_name' => :'String', - :'learn_more' => :'String', - :'name' => :'String', - :'organization' => :'String', - :'sso_url' => :'String' + :'_id' => :'Object', + :'active' => :'Object', + :'beta' => :'Object', + :'color' => :'Object', + :'config' => :'Object', + :'created' => :'Object', + :'database_attributes' => :'Object', + :'description' => :'Object', + :'display_label' => :'Object', + :'display_name' => :'Object', + :'learn_more' => :'Object', + :'logo' => :'Object', + :'name' => :'Object', + :'organization' => :'Object', + :'sso' => :'Object', + :'sso_url' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Application` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Application`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'beta') + if attributes.key?(:'active') + self.active = attributes[:'active'] + end + + if attributes.key?(:'beta') self.beta = attributes[:'beta'] end - if attributes.has_key?(:'config') + if attributes.key?(:'color') + self.color = attributes[:'color'] + end + + if attributes.key?(:'config') self.config = attributes[:'config'] end - if attributes.has_key?(:'displayLabel') - self.display_label = attributes[:'displayLabel'] + if attributes.key?(:'created') + self.created = attributes[:'created'] + end + + if attributes.key?(:'database_attributes') + if (value = attributes[:'database_attributes']).is_a?(Array) + self.database_attributes = value + end + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'display_label') + self.display_label = attributes[:'display_label'] end - if attributes.has_key?(:'displayName') - self.display_name = attributes[:'displayName'] + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] end - if attributes.has_key?(:'learnMore') - self.learn_more = attributes[:'learnMore'] + if attributes.key?(:'learn_more') + self.learn_more = attributes[:'learn_more'] end - if attributes.has_key?(:'name') + if attributes.key?(:'logo') + self.logo = attributes[:'logo'] + end + + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'organization') + if attributes.key?(:'organization') self.organization = attributes[:'organization'] end - if attributes.has_key?(:'ssoUrl') - self.sso_url = attributes[:'ssoUrl'] + if attributes.key?(:'sso') + self.sso = attributes[:'sso'] end + if attributes.key?(:'sso_url') + self.sso_url = attributes[:'sso_url'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + if @config.nil? + invalid_properties.push('invalid value for "config", config cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @sso_url.nil? + invalid_properties.push('invalid value for "sso_url", sso_url cannot be nil.') + end + + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + color_validator = EnumAttributeValidator.new('Object', ['', '#202D38', '#005466', '#3E8696', '#006CAC', '#0617AC', '#7C6ADA', '#D5779D', '#9E2F00', '#FFB000', '#58C469', '#57C49F', '#FF6C03']) + return false unless color_validator.valid?(@color) + return false if @config.nil? + return false if @name.nil? + return false if @sso_url.nil? + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] color Object to be assigned + def color=(color) + validator = EnumAttributeValidator.new('Object', ['', '#202D38', '#005466', '#3E8696', '#006CAC', '#0617AC', '#7C6ADA', '#D5779D', '#9E2F00', '#FFB000', '#58C469', '#57C49F', '#FF6C03']) + unless validator.valid?(color) + fail ArgumentError, "invalid value for \"color\", must be one of #{validator.allowable_values}." + end + @color = color end # Checks equality by comparing each attribute. @@ -129,13 +245,20 @@ def ==(o) return true if self.equal?(o) self.class == o.class && _id == o._id && + active == o.active && beta == o.beta && + color == o.color && config == o.config && + created == o.created && + database_attributes == o.database_attributes && + description == o.description && display_label == o.display_label && display_name == o.display_name && learn_more == o.learn_more && + logo == o.logo && name == o.name && organization == o.organization && + sso == o.sso && sso_url == o.sso_url end @@ -146,9 +269,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [_id, beta, config, display_label, display_name, learn_more, name, organization, sso_url].hash + [_id, active, beta, color, config, created, database_attributes, description, display_label, display_name, learn_more, logo, name, organization, sso, sso_url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -156,16 +286,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -187,7 +319,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -208,8 +340,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -231,7 +362,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -243,7 +378,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -253,8 +388,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/application_config.rb b/jcapiv1/lib/jcapiv1/models/application_config.rb index 793d2f7..2730c07 100644 --- a/jcapiv1/lib/jcapiv1/models/application_config.rb +++ b/jcapiv1/lib/jcapiv1/models/application_config.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class ApplicationConfig attr_accessor :acs_url @@ -27,8 +25,11 @@ class ApplicationConfig attr_accessor :idp_private_key - attr_accessor :sp_entity_id + attr_accessor :sign_assertion + + attr_accessor :sign_response + attr_accessor :sp_entity_id # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map @@ -39,72 +40,96 @@ def self.attribute_map :'idp_certificate' => :'idpCertificate', :'idp_entity_id' => :'idpEntityId', :'idp_private_key' => :'idpPrivateKey', + :'sign_assertion' => :'signAssertion', + :'sign_response' => :'signResponse', :'sp_entity_id' => :'spEntityId' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'acs_url' => :'ApplicationConfigAcsUrl', - :'constant_attributes' => :'ApplicationConfigConstantAttributes', - :'database_attributes' => :'ApplicationConfigDatabaseAttributes', - :'idp_certificate' => :'ApplicationConfigAcsUrl', - :'idp_entity_id' => :'ApplicationConfigAcsUrl', - :'idp_private_key' => :'ApplicationConfigAcsUrl', - :'sp_entity_id' => :'ApplicationConfigAcsUrl' + :'acs_url' => :'Object', + :'constant_attributes' => :'Object', + :'database_attributes' => :'Object', + :'idp_certificate' => :'Object', + :'idp_entity_id' => :'Object', + :'idp_private_key' => :'Object', + :'sign_assertion' => :'Object', + :'sign_response' => :'Object', + :'sp_entity_id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationConfig` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationConfig`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'acs_url') + self.acs_url = attributes[:'acs_url'] + end - if attributes.has_key?(:'acsUrl') - self.acs_url = attributes[:'acsUrl'] + if attributes.key?(:'constant_attributes') + self.constant_attributes = attributes[:'constant_attributes'] end - if attributes.has_key?(:'constantAttributes') - self.constant_attributes = attributes[:'constantAttributes'] + if attributes.key?(:'database_attributes') + self.database_attributes = attributes[:'database_attributes'] end - if attributes.has_key?(:'databaseAttributes') - self.database_attributes = attributes[:'databaseAttributes'] + if attributes.key?(:'idp_certificate') + self.idp_certificate = attributes[:'idp_certificate'] end - if attributes.has_key?(:'idpCertificate') - self.idp_certificate = attributes[:'idpCertificate'] + if attributes.key?(:'idp_entity_id') + self.idp_entity_id = attributes[:'idp_entity_id'] end - if attributes.has_key?(:'idpEntityId') - self.idp_entity_id = attributes[:'idpEntityId'] + if attributes.key?(:'idp_private_key') + self.idp_private_key = attributes[:'idp_private_key'] end - if attributes.has_key?(:'idpPrivateKey') - self.idp_private_key = attributes[:'idpPrivateKey'] + if attributes.key?(:'sign_assertion') + self.sign_assertion = attributes[:'sign_assertion'] end - if attributes.has_key?(:'spEntityId') - self.sp_entity_id = attributes[:'spEntityId'] + if attributes.key?(:'sign_response') + self.sign_response = attributes[:'sign_response'] end + if attributes.key?(:'sp_entity_id') + self.sp_entity_id = attributes[:'sp_entity_id'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -118,6 +143,8 @@ def ==(o) idp_certificate == o.idp_certificate && idp_entity_id == o.idp_entity_id && idp_private_key == o.idp_private_key && + sign_assertion == o.sign_assertion && + sign_response == o.sign_response && sp_entity_id == o.sp_entity_id end @@ -128,9 +155,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [acs_url, constant_attributes, database_attributes, idp_certificate, idp_entity_id, idp_private_key, sp_entity_id].hash + [acs_url, constant_attributes, database_attributes, idp_certificate, idp_entity_id, idp_private_key, sign_assertion, sign_response, sp_entity_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -138,16 +172,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -169,7 +205,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -190,8 +226,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -213,7 +248,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -225,7 +264,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -235,8 +274,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/application_config_acs_url.rb b/jcapiv1/lib/jcapiv1/models/application_config_acs_url.rb index 4b0be24..d511e65 100644 --- a/jcapiv1/lib/jcapiv1/models/application_config_acs_url.rb +++ b/jcapiv1/lib/jcapiv1/models/application_config_acs_url.rb @@ -1,28 +1,30 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class ApplicationConfigAcsUrl attr_accessor :label + attr_accessor :options + attr_accessor :position attr_accessor :read_only attr_accessor :required + attr_accessor :toggle + attr_accessor :tooltip attr_accessor :type @@ -31,14 +33,15 @@ class ApplicationConfigAcsUrl attr_accessor :visible - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'label' => :'label', + :'options' => :'options', :'position' => :'position', :'read_only' => :'readOnly', :'required' => :'required', + :'toggle' => :'toggle', :'tooltip' => :'tooltip', :'type' => :'type', :'value' => :'value', @@ -47,72 +50,94 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'label' => :'String', - :'position' => :'Integer', - :'read_only' => :'BOOLEAN', - :'required' => :'BOOLEAN', - :'tooltip' => :'ApplicationConfigAcsUrlTooltip', - :'type' => :'String', - :'value' => :'String', - :'visible' => :'BOOLEAN' + :'label' => :'Object', + :'options' => :'Object', + :'position' => :'Object', + :'read_only' => :'Object', + :'required' => :'Object', + :'toggle' => :'Object', + :'tooltip' => :'Object', + :'type' => :'Object', + :'value' => :'Object', + :'visible' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationConfigAcsUrl` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationConfigAcsUrl`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'label') + if attributes.key?(:'label') self.label = attributes[:'label'] end - if attributes.has_key?(:'position') + if attributes.key?(:'options') + self.options = attributes[:'options'] + end + + if attributes.key?(:'position') self.position = attributes[:'position'] end - if attributes.has_key?(:'readOnly') - self.read_only = attributes[:'readOnly'] + if attributes.key?(:'read_only') + self.read_only = attributes[:'read_only'] end - if attributes.has_key?(:'required') + if attributes.key?(:'required') self.required = attributes[:'required'] end - if attributes.has_key?(:'tooltip') + if attributes.key?(:'toggle') + self.toggle = attributes[:'toggle'] + end + + if attributes.key?(:'tooltip') self.tooltip = attributes[:'tooltip'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - if attributes.has_key?(:'value') + if attributes.key?(:'value') self.value = attributes[:'value'] end - if attributes.has_key?(:'visible') + if attributes.key?(:'visible') self.visible = attributes[:'visible'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -121,9 +146,11 @@ def ==(o) return true if self.equal?(o) self.class == o.class && label == o.label && + options == o.options && position == o.position && read_only == o.read_only && required == o.required && + toggle == o.toggle && tooltip == o.tooltip && type == o.type && value == o.value && @@ -137,9 +164,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [label, position, read_only, required, tooltip, type, value, visible].hash + [label, options, position, read_only, required, toggle, tooltip, type, value, visible].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -147,16 +181,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -178,7 +214,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -199,8 +235,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -222,7 +257,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -234,7 +273,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -244,8 +283,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/application_config_acs_url_tooltip.rb b/jcapiv1/lib/jcapiv1/models/application_config_acs_url_tooltip.rb index fd956d0..a9692cd 100644 --- a/jcapiv1/lib/jcapiv1/models/application_config_acs_url_tooltip.rb +++ b/jcapiv1/lib/jcapiv1/models/application_config_acs_url_tooltip.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class ApplicationConfigAcsUrlTooltip attr_accessor :template attr_accessor :variables - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'template' => :'String', - :'variables' => :'ApplicationConfigAcsUrlTooltipVariables' + :'template' => :'Object', + :'variables' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationConfigAcsUrlTooltip` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationConfigAcsUrlTooltip`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'template') + if attributes.key?(:'template') self.template = attributes[:'template'] end - if attributes.has_key?(:'variables') + if attributes.key?(:'variables') self.variables = attributes[:'variables'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [template, variables].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/application_config_acs_url_tooltip_variables.rb b/jcapiv1/lib/jcapiv1/models/application_config_acs_url_tooltip_variables.rb index 4481baa..b82ef4e 100644 --- a/jcapiv1/lib/jcapiv1/models/application_config_acs_url_tooltip_variables.rb +++ b/jcapiv1/lib/jcapiv1/models/application_config_acs_url_tooltip_variables.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class ApplicationConfigAcsUrlTooltipVariables attr_accessor :icon attr_accessor :message - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'icon' => :'String', - :'message' => :'String' + :'icon' => :'Object', + :'message' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationConfigAcsUrlTooltipVariables` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationConfigAcsUrlTooltipVariables`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'icon') + if attributes.key?(:'icon') self.icon = attributes[:'icon'] end - if attributes.has_key?(:'message') + if attributes.key?(:'message') self.message = attributes[:'message'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [icon, message].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/application_config_constant_attributes.rb b/jcapiv1/lib/jcapiv1/models/application_config_constant_attributes.rb index 4ebfeea..e151754 100644 --- a/jcapiv1/lib/jcapiv1/models/application_config_constant_attributes.rb +++ b/jcapiv1/lib/jcapiv1/models/application_config_constant_attributes.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class ApplicationConfigConstantAttributes attr_accessor :label @@ -33,7 +31,6 @@ class ApplicationConfigConstantAttributes attr_accessor :visible - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -50,79 +47,91 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'label' => :'String', - :'mutable' => :'BOOLEAN', - :'position' => :'Integer', - :'read_only' => :'BOOLEAN', - :'required' => :'BOOLEAN', - :'tooltip' => :'ApplicationConfigAcsUrlTooltip', - :'type' => :'String', - :'value' => :'Array', - :'visible' => :'BOOLEAN' + :'label' => :'Object', + :'mutable' => :'Object', + :'position' => :'Object', + :'read_only' => :'Object', + :'required' => :'Object', + :'tooltip' => :'Object', + :'type' => :'Object', + :'value' => :'Object', + :'visible' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationConfigConstantAttributes` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationConfigConstantAttributes`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'label') + if attributes.key?(:'label') self.label = attributes[:'label'] end - if attributes.has_key?(:'mutable') + if attributes.key?(:'mutable') self.mutable = attributes[:'mutable'] end - if attributes.has_key?(:'position') + if attributes.key?(:'position') self.position = attributes[:'position'] end - if attributes.has_key?(:'readOnly') - self.read_only = attributes[:'readOnly'] + if attributes.key?(:'read_only') + self.read_only = attributes[:'read_only'] end - if attributes.has_key?(:'required') + if attributes.key?(:'required') self.required = attributes[:'required'] end - if attributes.has_key?(:'tooltip') + if attributes.key?(:'tooltip') self.tooltip = attributes[:'tooltip'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - if attributes.has_key?(:'value') + if attributes.key?(:'value') if (value = attributes[:'value']).is_a?(Array) self.value = value end end - if attributes.has_key?(:'visible') + if attributes.key?(:'visible') self.visible = attributes[:'visible'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -148,26 +157,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [label, mutable, position, read_only, required, tooltip, type, value, visible].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -189,7 +207,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -210,8 +228,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -233,7 +250,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -245,7 +266,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -255,8 +276,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/application_config_constant_attributes_value.rb b/jcapiv1/lib/jcapiv1/models/application_config_constant_attributes_value.rb index c52cd88..f5da6cb 100644 --- a/jcapiv1/lib/jcapiv1/models/application_config_constant_attributes_value.rb +++ b/jcapiv1/lib/jcapiv1/models/application_config_constant_attributes_value.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class ApplicationConfigConstantAttributesValue attr_accessor :name @@ -25,7 +23,6 @@ class ApplicationConfigConstantAttributesValue attr_accessor :visible - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -38,57 +35,69 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'name' => :'String', - :'read_only' => :'BOOLEAN', - :'required' => :'BOOLEAN', - :'value' => :'String', - :'visible' => :'BOOLEAN' + :'name' => :'Object', + :'read_only' => :'Object', + :'required' => :'Object', + :'value' => :'Object', + :'visible' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationConfigConstantAttributesValue` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationConfigConstantAttributesValue`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'readOnly') - self.read_only = attributes[:'readOnly'] + if attributes.key?(:'read_only') + self.read_only = attributes[:'read_only'] end - if attributes.has_key?(:'required') + if attributes.key?(:'required') self.required = attributes[:'required'] end - if attributes.has_key?(:'value') + if attributes.key?(:'value') self.value = attributes[:'value'] end - if attributes.has_key?(:'visible') + if attributes.key?(:'visible') self.visible = attributes[:'visible'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -110,26 +119,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [name, read_only, required, value, visible].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -151,7 +169,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -172,8 +190,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -195,7 +212,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -207,7 +228,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -217,8 +238,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/application_config_database_attributes.rb b/jcapiv1/lib/jcapiv1/models/application_config_database_attributes.rb index 43d2d84..a10b0a4 100644 --- a/jcapiv1/lib/jcapiv1/models/application_config_database_attributes.rb +++ b/jcapiv1/lib/jcapiv1/models/application_config_database_attributes.rb @@ -1,23 +1,20 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class ApplicationConfigDatabaseAttributes attr_accessor :position - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -26,37 +23,49 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'position' => :'Integer' + :'position' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationConfigDatabaseAttributes` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationConfigDatabaseAttributes`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'position') + if attributes.key?(:'position') self.position = attributes[:'position'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -74,26 +83,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [position].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -115,7 +133,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -136,8 +154,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -159,7 +176,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -171,7 +192,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -181,8 +202,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/application_config_sign_assertion.rb b/jcapiv1/lib/jcapiv1/models/application_config_sign_assertion.rb new file mode 100644 index 0000000..60f3a73 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/application_config_sign_assertion.rb @@ -0,0 +1,269 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class ApplicationConfigSignAssertion + attr_accessor :label + + attr_accessor :position + + attr_accessor :read_only + + attr_accessor :required + + attr_accessor :tooltip + + attr_accessor :type + + attr_accessor :value + + attr_accessor :visible + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'label' => :'label', + :'position' => :'position', + :'read_only' => :'readOnly', + :'required' => :'required', + :'tooltip' => :'tooltip', + :'type' => :'type', + :'value' => :'value', + :'visible' => :'visible' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'label' => :'Object', + :'position' => :'Object', + :'read_only' => :'Object', + :'required' => :'Object', + :'tooltip' => :'Object', + :'type' => :'Object', + :'value' => :'Object', + :'visible' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationConfigSignAssertion` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationConfigSignAssertion`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'label') + self.label = attributes[:'label'] + end + + if attributes.key?(:'position') + self.position = attributes[:'position'] + end + + if attributes.key?(:'read_only') + self.read_only = attributes[:'read_only'] + end + + if attributes.key?(:'required') + self.required = attributes[:'required'] + end + + if attributes.key?(:'tooltip') + self.tooltip = attributes[:'tooltip'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + + if attributes.key?(:'visible') + self.visible = attributes[:'visible'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + label == o.label && + position == o.position && + read_only == o.read_only && + required == o.required && + tooltip == o.tooltip && + type == o.type && + value == o.value && + visible == o.visible + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [label, position, read_only, required, tooltip, type, value, visible].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/application_logo.rb b/jcapiv1/lib/jcapiv1/models/application_logo.rb new file mode 100644 index 0000000..cac038f --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/application_logo.rb @@ -0,0 +1,249 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class ApplicationLogo + attr_accessor :color + + attr_accessor :url + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'color' => :'color', + :'url' => :'url' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'color' => :'Object', + :'url' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationLogo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationLogo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'color') + self.color = attributes[:'color'] + end + + if attributes.key?(:'url') + self.url = attributes[:'url'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + color_validator = EnumAttributeValidator.new('Object', ['', '#202D38', '#005466', '#3E8696', '#006CAC', '#0617AC', '#7C6ADA', '#D5779D', '#9E2F00', '#FFB000', '#58C469', '#57C49F', '#FF6C03']) + return false unless color_validator.valid?(@color) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] color Object to be assigned + def color=(color) + validator = EnumAttributeValidator.new('Object', ['', '#202D38', '#005466', '#3E8696', '#006CAC', '#0617AC', '#7C6ADA', '#D5779D', '#9E2F00', '#FFB000', '#58C469', '#57C49F', '#FF6C03']) + unless validator.valid?(color) + fail ArgumentError, "invalid value for \"color\", must be one of #{validator.allowable_values}." + end + @color = color + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + color == o.color && + url == o.url + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [color, url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/applicationslist.rb b/jcapiv1/lib/jcapiv1/models/applicationslist.rb index 04c05b0..d5df20e 100644 --- a/jcapiv1/lib/jcapiv1/models/applicationslist.rb +++ b/jcapiv1/lib/jcapiv1/models/applicationslist.rb @@ -1,74 +1,91 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Applicationslist + attr_accessor :name + # The list of applications. attr_accessor :results # The total number of applications. attr_accessor :total_count - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'name' => :'name', :'results' => :'results', :'total_count' => :'totalCount' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'results' => :'Array', - :'total_count' => :'Integer' + :'name' => :'Object', + :'results' => :'Object', + :'total_count' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Applicationslist` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Applicationslist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'name') + self.name = attributes[:'name'] + end - if attributes.has_key?(:'results') + if attributes.key?(:'results') if (value = attributes[:'results']).is_a?(Array) self.results = value end end - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -76,6 +93,7 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && + name == o.name && results == o.results && total_count == o.total_count end @@ -87,9 +105,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [results, total_count].hash + [name, results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -97,16 +122,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -128,7 +155,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -149,8 +176,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -172,7 +198,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -184,7 +214,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -194,8 +224,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/applicationtemplate.rb b/jcapiv1/lib/jcapiv1/models/applicationtemplate.rb index 6ccd95a..a309c96 100644 --- a/jcapiv1/lib/jcapiv1/models/applicationtemplate.rb +++ b/jcapiv1/lib/jcapiv1/models/applicationtemplate.rb @@ -1,22 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Applicationtemplate attr_accessor :_id + attr_accessor :active + attr_accessor :beta attr_accessor :color @@ -31,17 +31,53 @@ class Applicationtemplate attr_accessor :jit + attr_accessor :keywords + attr_accessor :learn_more + attr_accessor :logo + attr_accessor :name + attr_accessor :oidc + + attr_accessor :provision + + attr_accessor :sso + attr_accessor :sso_url + attr_accessor :status + + attr_accessor :test + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'_id' => :'_id', + :'active' => :'active', :'beta' => :'beta', :'color' => :'color', :'config' => :'config', @@ -49,94 +85,179 @@ def self.attribute_map :'display_name' => :'displayName', :'is_configured' => :'isConfigured', :'jit' => :'jit', + :'keywords' => :'keywords', :'learn_more' => :'learnMore', + :'logo' => :'logo', :'name' => :'name', - :'sso_url' => :'ssoUrl' + :'oidc' => :'oidc', + :'provision' => :'provision', + :'sso' => :'sso', + :'sso_url' => :'ssoUrl', + :'status' => :'status', + :'test' => :'test' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'beta' => :'BOOLEAN', - :'color' => :'String', - :'config' => :'ApplicationConfig', - :'display_label' => :'String', - :'display_name' => :'String', - :'is_configured' => :'BOOLEAN', - :'jit' => :'ApplicationtemplateJit', - :'learn_more' => :'String', - :'name' => :'String', - :'sso_url' => :'String' + :'_id' => :'Object', + :'active' => :'Object', + :'beta' => :'Object', + :'color' => :'Object', + :'config' => :'Object', + :'display_label' => :'Object', + :'display_name' => :'Object', + :'is_configured' => :'Object', + :'jit' => :'Object', + :'keywords' => :'Object', + :'learn_more' => :'Object', + :'logo' => :'Object', + :'name' => :'Object', + :'oidc' => :'Object', + :'provision' => :'Object', + :'sso' => :'Object', + :'sso_url' => :'Object', + :'status' => :'Object', + :'test' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Applicationtemplate` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Applicationtemplate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'beta') + if attributes.key?(:'active') + self.active = attributes[:'active'] + end + + if attributes.key?(:'beta') self.beta = attributes[:'beta'] end - if attributes.has_key?(:'color') + if attributes.key?(:'color') self.color = attributes[:'color'] end - if attributes.has_key?(:'config') + if attributes.key?(:'config') self.config = attributes[:'config'] end - if attributes.has_key?(:'displayLabel') - self.display_label = attributes[:'displayLabel'] + if attributes.key?(:'display_label') + self.display_label = attributes[:'display_label'] end - if attributes.has_key?(:'displayName') - self.display_name = attributes[:'displayName'] + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] end - if attributes.has_key?(:'isConfigured') - self.is_configured = attributes[:'isConfigured'] + if attributes.key?(:'is_configured') + self.is_configured = attributes[:'is_configured'] end - if attributes.has_key?(:'jit') + if attributes.key?(:'jit') self.jit = attributes[:'jit'] end - if attributes.has_key?(:'learnMore') - self.learn_more = attributes[:'learnMore'] + if attributes.key?(:'keywords') + if (value = attributes[:'keywords']).is_a?(Array) + self.keywords = value + end end - if attributes.has_key?(:'name') + if attributes.key?(:'learn_more') + self.learn_more = attributes[:'learn_more'] + end + + if attributes.key?(:'logo') + self.logo = attributes[:'logo'] + end + + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'ssoUrl') - self.sso_url = attributes[:'ssoUrl'] + if attributes.key?(:'oidc') + self.oidc = attributes[:'oidc'] + end + + if attributes.key?(:'provision') + self.provision = attributes[:'provision'] + end + + if attributes.key?(:'sso') + self.sso = attributes[:'sso'] + end + + if attributes.key?(:'sso_url') + self.sso_url = attributes[:'sso_url'] end + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'test') + self.test = attributes[:'test'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + color_validator = EnumAttributeValidator.new('Object', ['', '#202D38', '#005466', '#3E8696', '#006CAC', '#0617AC', '#7C6ADA', '#D5779D', '#9E2F00', '#FFB000', '#58C469', '#57C49F', '#FF6C03']) + return false unless color_validator.valid?(@color) + status_validator = EnumAttributeValidator.new('Object', ['', 'end_of_life', 'end_of_support', 'beta']) + return false unless status_validator.valid?(@status) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] color Object to be assigned + def color=(color) + validator = EnumAttributeValidator.new('Object', ['', '#202D38', '#005466', '#3E8696', '#006CAC', '#0617AC', '#7C6ADA', '#D5779D', '#9E2F00', '#FFB000', '#58C469', '#57C49F', '#FF6C03']) + unless validator.valid?(color) + fail ArgumentError, "invalid value for \"color\", must be one of #{validator.allowable_values}." + end + @color = color + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] status Object to be assigned + def status=(status) + validator = EnumAttributeValidator.new('Object', ['', 'end_of_life', 'end_of_support', 'beta']) + unless validator.valid?(status) + fail ArgumentError, "invalid value for \"status\", must be one of #{validator.allowable_values}." + end + @status = status end # Checks equality by comparing each attribute. @@ -145,6 +266,7 @@ def ==(o) return true if self.equal?(o) self.class == o.class && _id == o._id && + active == o.active && beta == o.beta && color == o.color && config == o.config && @@ -152,9 +274,16 @@ def ==(o) display_name == o.display_name && is_configured == o.is_configured && jit == o.jit && + keywords == o.keywords && learn_more == o.learn_more && + logo == o.logo && name == o.name && - sso_url == o.sso_url + oidc == o.oidc && + provision == o.provision && + sso == o.sso && + sso_url == o.sso_url && + status == o.status && + test == o.test end # @see the `==` method @@ -164,9 +293,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [_id, beta, color, config, display_label, display_name, is_configured, jit, learn_more, name, sso_url].hash + [_id, active, beta, color, config, display_label, display_name, is_configured, jit, keywords, learn_more, logo, name, oidc, provision, sso, sso_url, status, test].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -174,16 +310,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -205,7 +343,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -226,8 +364,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -249,7 +386,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -261,7 +402,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -271,8 +412,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/applicationtemplate_jit.rb b/jcapiv1/lib/jcapiv1/models/applicationtemplate_jit.rb index f8edd2f..0065955 100644 --- a/jcapiv1/lib/jcapiv1/models/applicationtemplate_jit.rb +++ b/jcapiv1/lib/jcapiv1/models/applicationtemplate_jit.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class ApplicationtemplateJit attr_accessor :attributes attr_accessor :create_only - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { :'attributes' => :'Object', - :'create_only' => :'BOOLEAN' + :'create_only' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationtemplateJit` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationtemplateJit`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'attributes') + if attributes.key?(:'attributes') self.attributes = attributes[:'attributes'] end - if attributes.has_key?(:'createOnly') - self.create_only = attributes[:'createOnly'] + if attributes.key?(:'create_only') + self.create_only = attributes[:'create_only'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [attributes, create_only].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/applicationtemplate_logo.rb b/jcapiv1/lib/jcapiv1/models/applicationtemplate_logo.rb new file mode 100644 index 0000000..b54ad3c --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/applicationtemplate_logo.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class ApplicationtemplateLogo + attr_accessor :url + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'url' => :'url' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'url' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationtemplateLogo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationtemplateLogo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'url') + self.url = attributes[:'url'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + url == o.url + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/applicationtemplate_oidc.rb b/jcapiv1/lib/jcapiv1/models/applicationtemplate_oidc.rb new file mode 100644 index 0000000..128a01a --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/applicationtemplate_oidc.rb @@ -0,0 +1,275 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class ApplicationtemplateOidc + # The grant types allowed. + attr_accessor :grant_types + + # List of allowed redirectUris + attr_accessor :redirect_uris + + # The relying party url to trigger an oidc login. + attr_accessor :sso_url + + # Method that the client uses to authenticate when requesting a token. If 'none', then the client must use PKCE. If 'client_secret_post', then the secret is passed in the post body when requesting the token. + attr_accessor :token_endpoint_auth_method + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'grant_types' => :'grantTypes', + :'redirect_uris' => :'redirectUris', + :'sso_url' => :'ssoUrl', + :'token_endpoint_auth_method' => :'tokenEndpointAuthMethod' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'grant_types' => :'Object', + :'redirect_uris' => :'Object', + :'sso_url' => :'Object', + :'token_endpoint_auth_method' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationtemplateOidc` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationtemplateOidc`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'grant_types') + if (value = attributes[:'grant_types']).is_a?(Array) + self.grant_types = value + end + end + + if attributes.key?(:'redirect_uris') + if (value = attributes[:'redirect_uris']).is_a?(Array) + self.redirect_uris = value + end + end + + if attributes.key?(:'sso_url') + self.sso_url = attributes[:'sso_url'] + end + + if attributes.key?(:'token_endpoint_auth_method') + self.token_endpoint_auth_method = attributes[:'token_endpoint_auth_method'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + token_endpoint_auth_method_validator = EnumAttributeValidator.new('Object', ['client_secret_basic', 'client_secret_post', 'none']) + return false unless token_endpoint_auth_method_validator.valid?(@token_endpoint_auth_method) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] token_endpoint_auth_method Object to be assigned + def token_endpoint_auth_method=(token_endpoint_auth_method) + validator = EnumAttributeValidator.new('Object', ['client_secret_basic', 'client_secret_post', 'none']) + unless validator.valid?(token_endpoint_auth_method) + fail ArgumentError, "invalid value for \"token_endpoint_auth_method\", must be one of #{validator.allowable_values}." + end + @token_endpoint_auth_method = token_endpoint_auth_method + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + grant_types == o.grant_types && + redirect_uris == o.redirect_uris && + sso_url == o.sso_url && + token_endpoint_auth_method == o.token_endpoint_auth_method + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [grant_types, redirect_uris, sso_url, token_endpoint_auth_method].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/applicationtemplate_provision.rb b/jcapiv1/lib/jcapiv1/models/applicationtemplate_provision.rb new file mode 100644 index 0000000..e91c2ca --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/applicationtemplate_provision.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class ApplicationtemplateProvision + attr_accessor :beta + + attr_accessor :groups_supported + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'beta' => :'beta', + :'groups_supported' => :'groups_supported', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'beta' => :'Object', + :'groups_supported' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ApplicationtemplateProvision` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ApplicationtemplateProvision`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'beta') + self.beta = attributes[:'beta'] + end + + if attributes.key?(:'groups_supported') + self.groups_supported = attributes[:'groups_supported'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + beta == o.beta && + groups_supported == o.groups_supported && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [beta, groups_supported, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/applicationtemplateslist.rb b/jcapiv1/lib/jcapiv1/models/applicationtemplateslist.rb index 3faa25e..15f9e1b 100644 --- a/jcapiv1/lib/jcapiv1/models/applicationtemplateslist.rb +++ b/jcapiv1/lib/jcapiv1/models/applicationtemplateslist.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Applicationtemplateslist # The list of applications. attr_accessor :results @@ -21,7 +19,6 @@ class Applicationtemplateslist # The total number of applications. attr_accessor :total_count - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -31,44 +28,56 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'results' => :'Array', - :'total_count' => :'Integer' + :'results' => :'Object', + :'total_count' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Applicationtemplateslist` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Applicationtemplateslist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'results') + if attributes.key?(:'results') if (value = attributes[:'results']).is_a?(Array) self.results = value end end - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -87,26 +96,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [results, total_count].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -128,7 +146,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -149,8 +167,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -172,7 +189,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -184,7 +205,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -194,8 +215,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/body.rb b/jcapiv1/lib/jcapiv1/models/body.rb deleted file mode 100644 index 2e33c13..0000000 --- a/jcapiv1/lib/jcapiv1/models/body.rb +++ /dev/null @@ -1,278 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Body - attr_accessor :mfa - - attr_accessor :name - - attr_accessor :network_source_ip - - attr_accessor :tags - - attr_accessor :user_lockout_action - - attr_accessor :user_password_expiration_action - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'mfa' => :'mfa', - :'name' => :'name', - :'network_source_ip' => :'networkSourceIp', - :'tags' => :'tags', - :'user_lockout_action' => :'userLockoutAction', - :'user_password_expiration_action' => :'userPasswordExpirationAction' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'mfa' => :'String', - :'name' => :'String', - :'network_source_ip' => :'String', - :'tags' => :'Array', - :'user_lockout_action' => :'String', - :'user_password_expiration_action' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'mfa') - self.mfa = attributes[:'mfa'] - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'networkSourceIp') - self.network_source_ip = attributes[:'networkSourceIp'] - end - - if attributes.has_key?(:'tags') - if (value = attributes[:'tags']).is_a?(Array) - self.tags = value - end - end - - if attributes.has_key?(:'userLockoutAction') - self.user_lockout_action = attributes[:'userLockoutAction'] - end - - if attributes.has_key?(:'userPasswordExpirationAction') - self.user_password_expiration_action = attributes[:'userPasswordExpirationAction'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") - end - - if @network_source_ip.nil? - invalid_properties.push("invalid value for 'network_source_ip', network_source_ip cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - mfa_validator = EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) - return false unless mfa_validator.valid?(@mfa) - return false if @name.nil? - return false if @network_source_ip.nil? - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] mfa Object to be assigned - def mfa=(mfa) - validator = EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) - unless validator.valid?(mfa) - fail ArgumentError, "invalid value for 'mfa', must be one of #{validator.allowable_values}." - end - @mfa = mfa - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - mfa == o.mfa && - name == o.name && - network_source_ip == o.network_source_ip && - tags == o.tags && - user_lockout_action == o.user_lockout_action && - user_password_expiration_action == o.user_password_expiration_action - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [mfa, name, network_source_ip, tags, user_lockout_action, user_password_expiration_action].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/body_1.rb b/jcapiv1/lib/jcapiv1/models/body_1.rb deleted file mode 100644 index e6e9173..0000000 --- a/jcapiv1/lib/jcapiv1/models/body_1.rb +++ /dev/null @@ -1,197 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Body1 - attr_accessor :exclusion - - attr_accessor :exclusion_until - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'exclusion' => :'exclusion', - :'exclusion_until' => :'exclusionUntil' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'exclusion' => :'BOOLEAN', - :'exclusion_until' => :'DateTime' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'exclusion') - self.exclusion = attributes[:'exclusion'] - end - - if attributes.has_key?(:'exclusionUntil') - self.exclusion_until = attributes[:'exclusionUntil'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - exclusion == o.exclusion && - exclusion_until == o.exclusion_until - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [exclusion, exclusion_until].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/command.rb b/jcapiv1/lib/jcapiv1/models/command.rb index 1b5bd27..e29dc3b 100644 --- a/jcapiv1/lib/jcapiv1/models/command.rb +++ b/jcapiv1/lib/jcapiv1/models/command.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Command # The command to execute on the server. attr_accessor :command @@ -30,7 +28,6 @@ class Command # How the command will execute. attr_accessor :launch_type - # attr_accessor :listens_to attr_accessor :name @@ -44,12 +41,23 @@ class Command # When the command will repeat. attr_accessor :schedule_repeat_type - # + # The year that a scheduled command will launch in. + attr_accessor :schedule_year + + # The shell used to run the command. + attr_accessor :shell + attr_accessor :sudo - # An array of system IDs to run the command on. Not available if you are using Groups. + # Not used. Use /api/v2/commands/{id}/associations to bind commands to systems. attr_accessor :systems + # The template this command was created from + attr_accessor :template + + # Time in seconds a command can wait in the queue to be run before timing out + attr_accessor :time_to_live_seconds + # The time in seconds to allow the command to run for. attr_accessor :timeout @@ -59,7 +67,6 @@ class Command # The ID of the system user to run the command as. This field is required when creating a command with a commandType of \"mac\" or \"linux\". attr_accessor :user - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -73,8 +80,12 @@ def self.attribute_map :'organization' => :'organization', :'schedule' => :'schedule', :'schedule_repeat_type' => :'scheduleRepeatType', + :'schedule_year' => :'scheduleYear', + :'shell' => :'shell', :'sudo' => :'sudo', :'systems' => :'systems', + :'template' => :'template', + :'time_to_live_seconds' => :'timeToLiveSeconds', :'timeout' => :'timeout', :'trigger' => :'trigger', :'user' => :'user' @@ -82,100 +93,134 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'command' => :'String', - :'command_runners' => :'Array', - :'command_type' => :'String', - :'files' => :'Array', - :'launch_type' => :'String', - :'listens_to' => :'String', - :'name' => :'String', - :'organization' => :'String', - :'schedule' => :'String', - :'schedule_repeat_type' => :'String', - :'sudo' => :'BOOLEAN', - :'systems' => :'Array', - :'timeout' => :'String', - :'trigger' => :'String', - :'user' => :'String' + :'command' => :'Object', + :'command_runners' => :'Object', + :'command_type' => :'Object', + :'files' => :'Object', + :'launch_type' => :'Object', + :'listens_to' => :'Object', + :'name' => :'Object', + :'organization' => :'Object', + :'schedule' => :'Object', + :'schedule_repeat_type' => :'Object', + :'schedule_year' => :'Object', + :'shell' => :'Object', + :'sudo' => :'Object', + :'systems' => :'Object', + :'template' => :'Object', + :'time_to_live_seconds' => :'Object', + :'timeout' => :'Object', + :'trigger' => :'Object', + :'user' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Command` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Command`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'command') + if attributes.key?(:'command') self.command = attributes[:'command'] end - if attributes.has_key?(:'commandRunners') - if (value = attributes[:'commandRunners']).is_a?(Array) + if attributes.key?(:'command_runners') + if (value = attributes[:'command_runners']).is_a?(Array) self.command_runners = value end end - if attributes.has_key?(:'commandType') - self.command_type = attributes[:'commandType'] + if attributes.key?(:'command_type') + self.command_type = attributes[:'command_type'] + else + self.command_type = 'linux' end - if attributes.has_key?(:'files') + if attributes.key?(:'files') if (value = attributes[:'files']).is_a?(Array) self.files = value end end - if attributes.has_key?(:'launchType') - self.launch_type = attributes[:'launchType'] + if attributes.key?(:'launch_type') + self.launch_type = attributes[:'launch_type'] end - if attributes.has_key?(:'listensTo') - self.listens_to = attributes[:'listensTo'] + if attributes.key?(:'listens_to') + self.listens_to = attributes[:'listens_to'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'organization') + if attributes.key?(:'organization') self.organization = attributes[:'organization'] end - if attributes.has_key?(:'schedule') + if attributes.key?(:'schedule') self.schedule = attributes[:'schedule'] end - if attributes.has_key?(:'scheduleRepeatType') - self.schedule_repeat_type = attributes[:'scheduleRepeatType'] + if attributes.key?(:'schedule_repeat_type') + self.schedule_repeat_type = attributes[:'schedule_repeat_type'] + end + + if attributes.key?(:'schedule_year') + self.schedule_year = attributes[:'schedule_year'] end - if attributes.has_key?(:'sudo') + if attributes.key?(:'shell') + self.shell = attributes[:'shell'] + end + + if attributes.key?(:'sudo') self.sudo = attributes[:'sudo'] end - if attributes.has_key?(:'systems') + if attributes.key?(:'systems') if (value = attributes[:'systems']).is_a?(Array) self.systems = value end end - if attributes.has_key?(:'timeout') + if attributes.key?(:'template') + self.template = attributes[:'template'] + end + + if attributes.key?(:'time_to_live_seconds') + self.time_to_live_seconds = attributes[:'time_to_live_seconds'] + end + + if attributes.key?(:'timeout') self.timeout = attributes[:'timeout'] end - if attributes.has_key?(:'trigger') + if attributes.key?(:'trigger') self.trigger = attributes[:'trigger'] end - if attributes.has_key?(:'user') + if attributes.key?(:'user') self.user = attributes[:'user'] end - end # Show invalid properties with the reasons. Usually used together with valid? @@ -183,17 +228,27 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @command.nil? - invalid_properties.push("invalid value for 'command', command cannot be nil.") + invalid_properties.push('invalid value for "command", command cannot be nil.') + end + + if @command_type.nil? + invalid_properties.push('invalid value for "command_type", command_type cannot be nil.') end - return invalid_properties + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? return false if @command.nil? - return true + return false if @command_type.nil? + return false if @name.nil? + true end # Checks equality by comparing each attribute. @@ -211,8 +266,12 @@ def ==(o) organization == o.organization && schedule == o.schedule && schedule_repeat_type == o.schedule_repeat_type && + schedule_year == o.schedule_year && + shell == o.shell && sudo == o.sudo && systems == o.systems && + template == o.template && + time_to_live_seconds == o.time_to_live_seconds && timeout == o.timeout && trigger == o.trigger && user == o.user @@ -225,9 +284,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [command, command_runners, command_type, files, launch_type, listens_to, name, organization, schedule, schedule_repeat_type, sudo, systems, timeout, trigger, user].hash + [command, command_runners, command_type, files, launch_type, listens_to, name, organization, schedule, schedule_repeat_type, schedule_year, shell, sudo, systems, template, time_to_live_seconds, timeout, trigger, user].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -235,16 +301,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -266,7 +334,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -287,8 +355,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -310,7 +377,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -322,7 +393,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -332,8 +403,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/commandfilereturn.rb b/jcapiv1/lib/jcapiv1/models/commandfilereturn.rb index f78efff..11863df 100644 --- a/jcapiv1/lib/jcapiv1/models/commandfilereturn.rb +++ b/jcapiv1/lib/jcapiv1/models/commandfilereturn.rb @@ -1,26 +1,23 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Commandfilereturn attr_accessor :results # The total number of commands files attr_accessor :total_count - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -30,42 +27,56 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'results' => :'CommandfilereturnResults', - :'total_count' => :'Integer' + :'results' => :'Object', + :'total_count' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Commandfilereturn` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Commandfilereturn`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'results') - self.results = attributes[:'results'] + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end end - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -84,26 +95,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [results, total_count].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -125,7 +145,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -146,8 +166,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -169,7 +188,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -181,7 +204,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -191,8 +214,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/commandfilereturn_results.rb b/jcapiv1/lib/jcapiv1/models/commandfilereturn_results.rb index ac42af0..550285f 100644 --- a/jcapiv1/lib/jcapiv1/models/commandfilereturn_results.rb +++ b/jcapiv1/lib/jcapiv1/models/commandfilereturn_results.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class CommandfilereturnResults # The ID of the file. attr_accessor :_id @@ -24,7 +22,6 @@ class CommandfilereturnResults # The file name. attr_accessor :name - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -35,47 +32,59 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'destination' => :'String', - :'name' => :'String' + :'_id' => :'Object', + :'destination' => :'Object', + :'name' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::CommandfilereturnResults` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::CommandfilereturnResults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'destination') + if attributes.key?(:'destination') self.destination = attributes[:'destination'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -95,26 +104,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [_id, destination, name].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -136,7 +154,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -157,8 +175,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -180,7 +197,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -192,7 +213,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -202,8 +223,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/commandresult.rb b/jcapiv1/lib/jcapiv1/models/commandresult.rb index fadc5cb..ea6445e 100644 --- a/jcapiv1/lib/jcapiv1/models/commandresult.rb +++ b/jcapiv1/lib/jcapiv1/models/commandresult.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Commandresult # The ID of the command. attr_accessor :_id @@ -54,7 +52,6 @@ class Commandresult attr_accessor :workflow_instance_id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -76,104 +73,116 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'command' => :'String', - :'files' => :'Array', - :'name' => :'String', - :'organization' => :'String', - :'request_time' => :'String', - :'response' => :'CommandresultResponse', - :'response_time' => :'String', - :'sudo' => :'BOOLEAN', - :'system' => :'String', - :'system_id' => :'String', - :'user' => :'String', - :'workflow_id' => :'String', - :'workflow_instance_id' => :'String' + :'_id' => :'Object', + :'command' => :'Object', + :'files' => :'Object', + :'name' => :'Object', + :'organization' => :'Object', + :'request_time' => :'Object', + :'response' => :'Object', + :'response_time' => :'Object', + :'sudo' => :'Object', + :'system' => :'Object', + :'system_id' => :'Object', + :'user' => :'Object', + :'workflow_id' => :'Object', + :'workflow_instance_id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Commandresult` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Commandresult`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'command') + if attributes.key?(:'command') self.command = attributes[:'command'] end - if attributes.has_key?(:'files') + if attributes.key?(:'files') if (value = attributes[:'files']).is_a?(Array) self.files = value end end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'organization') + if attributes.key?(:'organization') self.organization = attributes[:'organization'] end - if attributes.has_key?(:'requestTime') - self.request_time = attributes[:'requestTime'] + if attributes.key?(:'request_time') + self.request_time = attributes[:'request_time'] end - if attributes.has_key?(:'response') + if attributes.key?(:'response') self.response = attributes[:'response'] end - if attributes.has_key?(:'responseTime') - self.response_time = attributes[:'responseTime'] + if attributes.key?(:'response_time') + self.response_time = attributes[:'response_time'] end - if attributes.has_key?(:'sudo') + if attributes.key?(:'sudo') self.sudo = attributes[:'sudo'] end - if attributes.has_key?(:'system') + if attributes.key?(:'system') self.system = attributes[:'system'] end - if attributes.has_key?(:'systemId') - self.system_id = attributes[:'systemId'] + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'user') + if attributes.key?(:'user') self.user = attributes[:'user'] end - if attributes.has_key?(:'workflowId') - self.workflow_id = attributes[:'workflowId'] + if attributes.key?(:'workflow_id') + self.workflow_id = attributes[:'workflow_id'] end - if attributes.has_key?(:'workflowInstanceId') - self.workflow_instance_id = attributes[:'workflowInstanceId'] + if attributes.key?(:'workflow_instance_id') + self.workflow_instance_id = attributes[:'workflow_instance_id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -204,26 +213,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [_id, command, files, name, organization, request_time, response, response_time, sudo, system, system_id, user, workflow_id, workflow_instance_id].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -245,7 +263,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -266,8 +284,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -289,7 +306,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -301,7 +322,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -311,8 +332,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/commandresult_response.rb b/jcapiv1/lib/jcapiv1/models/commandresult_response.rb index d0a2081..974c520 100644 --- a/jcapiv1/lib/jcapiv1/models/commandresult_response.rb +++ b/jcapiv1/lib/jcapiv1/models/commandresult_response.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class CommandresultResponse attr_accessor :data @@ -23,7 +21,6 @@ class CommandresultResponse # ID of the response. attr_accessor :id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -34,47 +31,59 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'data' => :'CommandresultResponseData', - :'error' => :'String', - :'id' => :'String' + :'data' => :'Object', + :'error' => :'Object', + :'id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::CommandresultResponse` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::CommandresultResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'data') + if attributes.key?(:'data') self.data = attributes[:'data'] end - if attributes.has_key?(:'error') + if attributes.key?(:'error') self.error = attributes[:'error'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -94,26 +103,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [data, error, id].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -135,7 +153,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -156,8 +174,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -179,7 +196,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -191,7 +212,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -201,8 +222,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/commandresult_response_data.rb b/jcapiv1/lib/jcapiv1/models/commandresult_response_data.rb index 4d96bcd..ad1bd66 100644 --- a/jcapiv1/lib/jcapiv1/models/commandresult_response_data.rb +++ b/jcapiv1/lib/jcapiv1/models/commandresult_response_data.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class CommandresultResponseData # The stderr output from the command that ran. attr_accessor :exit_code @@ -21,7 +19,6 @@ class CommandresultResponseData # The output of the command that was executed. attr_accessor :output - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -31,42 +28,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'exit_code' => :'Integer', - :'output' => :'String' + :'exit_code' => :'Object', + :'output' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::CommandresultResponseData` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::CommandresultResponseData`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'exitCode') - self.exit_code = attributes[:'exitCode'] + if attributes.key?(:'exit_code') + self.exit_code = attributes[:'exit_code'] end - if attributes.has_key?(:'output') + if attributes.key?(:'output') self.output = attributes[:'output'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -85,26 +94,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [exit_code, output].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -126,7 +144,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -147,8 +165,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -170,7 +187,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -182,7 +203,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -192,8 +213,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/commandresultslist.rb b/jcapiv1/lib/jcapiv1/models/commandresultslist.rb index 777572f..81ead9e 100644 --- a/jcapiv1/lib/jcapiv1/models/commandresultslist.rb +++ b/jcapiv1/lib/jcapiv1/models/commandresultslist.rb @@ -1,27 +1,23 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Commandresultslist - # The list of command results attr_accessor :results - # The total number of command results + # The total number of command results. attr_accessor :total_count - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -31,44 +27,56 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'results' => :'Array', - :'total_count' => :'Integer' + :'results' => :'Object', + :'total_count' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Commandresultslist` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Commandresultslist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'results') + if attributes.key?(:'results') if (value = attributes[:'results']).is_a?(Array) self.results = value end end - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -87,26 +95,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [results, total_count].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -128,7 +145,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -149,8 +166,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -172,7 +188,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -184,7 +204,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -194,8 +214,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/commandresultslist_results.rb b/jcapiv1/lib/jcapiv1/models/commandresultslist_results.rb new file mode 100644 index 0000000..4662a2d --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/commandresultslist_results.rb @@ -0,0 +1,307 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class CommandresultslistResults + # The ID of the command result. + attr_accessor :_id + + # The command that was executed on the system. + attr_accessor :command + + # The stderr output from the command that ran. + attr_accessor :exit_code + + # The name of the command. + attr_accessor :name + + # The time (UTC) that the command was sent. + attr_accessor :request_time + + # The time (UTC) that the command was completed. + attr_accessor :response_time + + # If the user had sudo rights. + attr_accessor :sudo + + # The display name of the system the command was executed on. + attr_accessor :system + + # The id of the system the command was executed on. + attr_accessor :system_id + + # The user the command ran as. + attr_accessor :user + + # The id for the command that ran on the system. + attr_accessor :workflow_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'_id' => :'_id', + :'command' => :'command', + :'exit_code' => :'exitCode', + :'name' => :'name', + :'request_time' => :'requestTime', + :'response_time' => :'responseTime', + :'sudo' => :'sudo', + :'system' => :'system', + :'system_id' => :'systemId', + :'user' => :'user', + :'workflow_id' => :'workflowId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'_id' => :'Object', + :'command' => :'Object', + :'exit_code' => :'Object', + :'name' => :'Object', + :'request_time' => :'Object', + :'response_time' => :'Object', + :'sudo' => :'Object', + :'system' => :'Object', + :'system_id' => :'Object', + :'user' => :'Object', + :'workflow_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::CommandresultslistResults` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::CommandresultslistResults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'_id') + self._id = attributes[:'_id'] + end + + if attributes.key?(:'command') + self.command = attributes[:'command'] + end + + if attributes.key?(:'exit_code') + self.exit_code = attributes[:'exit_code'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'request_time') + self.request_time = attributes[:'request_time'] + end + + if attributes.key?(:'response_time') + self.response_time = attributes[:'response_time'] + end + + if attributes.key?(:'sudo') + self.sudo = attributes[:'sudo'] + end + + if attributes.key?(:'system') + self.system = attributes[:'system'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'user') + self.user = attributes[:'user'] + end + + if attributes.key?(:'workflow_id') + self.workflow_id = attributes[:'workflow_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + _id == o._id && + command == o.command && + exit_code == o.exit_code && + name == o.name && + request_time == o.request_time && + response_time == o.response_time && + sudo == o.sudo && + system == o.system && + system_id == o.system_id && + user == o.user && + workflow_id == o.workflow_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [_id, command, exit_code, name, request_time, response_time, sudo, system, system_id, user, workflow_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/commandslist.rb b/jcapiv1/lib/jcapiv1/models/commandslist.rb index ef0331c..d5d060b 100644 --- a/jcapiv1/lib/jcapiv1/models/commandslist.rb +++ b/jcapiv1/lib/jcapiv1/models/commandslist.rb @@ -1,26 +1,23 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Commandslist attr_accessor :results # The total number of commands attr_accessor :total_count - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -30,44 +27,56 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'results' => :'Array', - :'total_count' => :'Integer' + :'results' => :'Object', + :'total_count' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Commandslist` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Commandslist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'results') + if attributes.key?(:'results') if (value = attributes[:'results']).is_a?(Array) self.results = value end end - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -86,26 +95,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [results, total_count].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -127,7 +145,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -148,8 +166,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -171,7 +188,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -183,7 +204,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -193,8 +214,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/commandslist_results.rb b/jcapiv1/lib/jcapiv1/models/commandslist_results.rb index 991dc48..79bad95 100644 --- a/jcapiv1/lib/jcapiv1/models/commandslist_results.rb +++ b/jcapiv1/lib/jcapiv1/models/commandslist_results.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class CommandslistResults # The ID of the command. attr_accessor :_id @@ -44,7 +42,6 @@ class CommandslistResults # Trigger to execute command. attr_accessor :trigger - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -62,82 +59,94 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'command' => :'String', - :'command_type' => :'String', - :'launch_type' => :'String', - :'listens_to' => :'String', - :'name' => :'String', - :'organization' => :'String', - :'schedule' => :'String', - :'schedule_repeat_type' => :'String', - :'trigger' => :'String' + :'_id' => :'Object', + :'command' => :'Object', + :'command_type' => :'Object', + :'launch_type' => :'Object', + :'listens_to' => :'Object', + :'name' => :'Object', + :'organization' => :'Object', + :'schedule' => :'Object', + :'schedule_repeat_type' => :'Object', + :'trigger' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::CommandslistResults` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::CommandslistResults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'command') + if attributes.key?(:'command') self.command = attributes[:'command'] end - if attributes.has_key?(:'commandType') - self.command_type = attributes[:'commandType'] + if attributes.key?(:'command_type') + self.command_type = attributes[:'command_type'] end - if attributes.has_key?(:'launchType') - self.launch_type = attributes[:'launchType'] + if attributes.key?(:'launch_type') + self.launch_type = attributes[:'launch_type'] end - if attributes.has_key?(:'listensTo') - self.listens_to = attributes[:'listensTo'] + if attributes.key?(:'listens_to') + self.listens_to = attributes[:'listens_to'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'organization') + if attributes.key?(:'organization') self.organization = attributes[:'organization'] end - if attributes.has_key?(:'schedule') + if attributes.key?(:'schedule') self.schedule = attributes[:'schedule'] end - if attributes.has_key?(:'scheduleRepeatType') - self.schedule_repeat_type = attributes[:'scheduleRepeatType'] + if attributes.key?(:'schedule_repeat_type') + self.schedule_repeat_type = attributes[:'schedule_repeat_type'] end - if attributes.has_key?(:'trigger') + if attributes.key?(:'trigger') self.trigger = attributes[:'trigger'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -164,26 +173,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [_id, command, command_type, launch_type, listens_to, name, organization, schedule, schedule_repeat_type, trigger].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -205,7 +223,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -226,8 +244,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -249,7 +266,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -261,7 +282,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -271,8 +292,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/error.rb b/jcapiv1/lib/jcapiv1/models/error.rb new file mode 100644 index 0000000..b092335 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/error.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class Error + # HTTP status code + attr_accessor :code + + # Error message + attr_accessor :message + + # HTTP status description + attr_accessor :status + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'code' => :'code', + :'message' => :'message', + :'status' => :'status' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'code' => :'Object', + :'message' => :'Object', + :'status' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Error` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Error`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'code') + self.code = attributes[:'code'] + end + + if attributes.key?(:'message') + self.message = attributes[:'message'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + code == o.code && + message == o.message && + status == o.status + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [code, message, status].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/error_details.rb b/jcapiv1/lib/jcapiv1/models/error_details.rb new file mode 100644 index 0000000..bf5bab1 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/error_details.rb @@ -0,0 +1,243 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class ErrorDetails + # HTTP status code + attr_accessor :code + + # Error message + attr_accessor :message + + # HTTP status description + attr_accessor :status + + # Describes a list of objects with more detailed information of the given error. Each detail schema is according to one of the messages defined in Google's API: https://github.com/googleapis/googleapis/blob/master/google/rpc/error_details.proto\" + attr_accessor :details + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'code' => :'code', + :'message' => :'message', + :'status' => :'status', + :'details' => :'details' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'code' => :'', + :'message' => :'', + :'status' => :'', + :'details' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::ErrorDetails` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::ErrorDetails`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'code') + self.code = attributes[:'code'] + end + + if attributes.key?(:'message') + self.message = attributes[:'message'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'details') + if (value = attributes[:'details']).is_a?(Array) + self.details = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + code == o.code && + message == o.message && + status == o.status && + details == o.details && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [code, message, status, details].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/errorresponse.rb b/jcapiv1/lib/jcapiv1/models/errorresponse.rb deleted file mode 100644 index 15391f6..0000000 --- a/jcapiv1/lib/jcapiv1/models/errorresponse.rb +++ /dev/null @@ -1,188 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Errorresponse - attr_accessor :message - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'message' => :'message' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'message' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'message') - self.message = attributes[:'message'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - message == o.message - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [message].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/fde.rb b/jcapiv1/lib/jcapiv1/models/fde.rb index 16cb284..5ec3a03 100644 --- a/jcapiv1/lib/jcapiv1/models/fde.rb +++ b/jcapiv1/lib/jcapiv1/models/fde.rb @@ -1,25 +1,23 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - + # Indicates if the Full Disk Encryption is active in the system class Fde attr_accessor :active attr_accessor :key_present - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +27,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'active' => :'BOOLEAN', - :'key_present' => :'BOOLEAN' + :'active' => :'Object', + :'key_present' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Fde` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Fde`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'active') + if attributes.key?(:'active') self.active = attributes[:'active'] end - if attributes.has_key?(:'keyPresent') - self.key_present = attributes[:'keyPresent'] + if attributes.key?(:'key_present') + self.key_present = attributes[:'key_present'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +93,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [active, key_present].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +143,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +164,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -168,7 +186,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +202,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +212,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/id_resetmfa_body.rb b/jcapiv1/lib/jcapiv1/models/id_resetmfa_body.rb new file mode 100644 index 0000000..8891634 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/id_resetmfa_body.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class IdResetmfaBody + attr_accessor :exclusion + + attr_accessor :exclusion_days + + attr_accessor :exclusion_until + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'exclusion' => :'exclusion', + :'exclusion_days' => :'exclusionDays', + :'exclusion_until' => :'exclusionUntil' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'exclusion' => :'Object', + :'exclusion_days' => :'Object', + :'exclusion_until' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::IdResetmfaBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::IdResetmfaBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'exclusion') + self.exclusion = attributes[:'exclusion'] + end + + if attributes.key?(:'exclusion_days') + self.exclusion_days = attributes[:'exclusion_days'] + end + + if attributes.key?(:'exclusion_until') + self.exclusion_until = attributes[:'exclusion_until'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + exclusion == o.exclusion && + exclusion_days == o.exclusion_days && + exclusion_until == o.exclusion_until + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [exclusion, exclusion_days, exclusion_until].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/inline_response_200.rb b/jcapiv1/lib/jcapiv1/models/inline_response_200.rb new file mode 100644 index 0000000..6672d16 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/inline_response_200.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class InlineResponse200 + attr_accessor :queue_ids + + attr_accessor :workflow_instance_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'queue_ids' => :'queueIds', + :'workflow_instance_id' => :'workflowInstanceId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'queue_ids' => :'Object', + :'workflow_instance_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::InlineResponse200` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::InlineResponse200`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'queue_ids') + if (value = attributes[:'queue_ids']).is_a?(Array) + self.queue_ids = value + end + end + + if attributes.key?(:'workflow_instance_id') + self.workflow_instance_id = attributes[:'workflow_instance_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + queue_ids == o.queue_ids && + workflow_instance_id == o.workflow_instance_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [queue_ids, workflow_instance_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/inline_response_412.rb b/jcapiv1/lib/jcapiv1/models/inline_response_412.rb new file mode 100644 index 0000000..ad48a6f --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/inline_response_412.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class InlineResponse412 + # mesasge containing what error occured + attr_accessor :error + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'error' => :'error' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'error' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::InlineResponse412` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::InlineResponse412`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'error') + self.error = attributes[:'error'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + error == o.error + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [error].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/mfa.rb b/jcapiv1/lib/jcapiv1/models/mfa.rb index 82b93d7..dc4defe 100644 --- a/jcapiv1/lib/jcapiv1/models/mfa.rb +++ b/jcapiv1/lib/jcapiv1/models/mfa.rb @@ -1,78 +1,95 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Mfa attr_accessor :configured attr_accessor :exclusion - attr_accessor :exclusion_until + attr_accessor :exclusion_days + attr_accessor :exclusion_until # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'configured' => :'configured', :'exclusion' => :'exclusion', + :'exclusion_days' => :'exclusionDays', :'exclusion_until' => :'exclusionUntil' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'configured' => :'BOOLEAN', - :'exclusion' => :'BOOLEAN', - :'exclusion_until' => :'DateTime' + :'configured' => :'Object', + :'exclusion' => :'Object', + :'exclusion_days' => :'Object', + :'exclusion_until' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Mfa` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Mfa`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'configured') + if attributes.key?(:'configured') self.configured = attributes[:'configured'] end - if attributes.has_key?(:'exclusion') + if attributes.key?(:'exclusion') self.exclusion = attributes[:'exclusion'] end - if attributes.has_key?(:'exclusionUntil') - self.exclusion_until = attributes[:'exclusionUntil'] + if attributes.key?(:'exclusion_days') + self.exclusion_days = attributes[:'exclusion_days'] end + if attributes.key?(:'exclusion_until') + self.exclusion_until = attributes[:'exclusion_until'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -82,6 +99,7 @@ def ==(o) self.class == o.class && configured == o.configured && exclusion == o.exclusion && + exclusion_days == o.exclusion_days && exclusion_until == o.exclusion_until end @@ -92,9 +110,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [configured, exclusion, exclusion_until].hash + [configured, exclusion, exclusion_days, exclusion_until].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -102,16 +127,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -133,7 +160,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -154,8 +181,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -177,7 +203,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -189,7 +219,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -199,8 +229,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/mfa_enrollment.rb b/jcapiv1/lib/jcapiv1/models/mfa_enrollment.rb new file mode 100644 index 0000000..dd33499 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/mfa_enrollment.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class MfaEnrollment + attr_accessor :overall_status + + attr_accessor :push_status + + attr_accessor :totp_status + + attr_accessor :web_authn_status + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'overall_status' => :'overallStatus', + :'push_status' => :'pushStatus', + :'totp_status' => :'totpStatus', + :'web_authn_status' => :'webAuthnStatus' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'overall_status' => :'Object', + :'push_status' => :'Object', + :'totp_status' => :'Object', + :'web_authn_status' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::MfaEnrollment` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::MfaEnrollment`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'overall_status') + self.overall_status = attributes[:'overall_status'] + end + + if attributes.key?(:'push_status') + self.push_status = attributes[:'push_status'] + end + + if attributes.key?(:'totp_status') + self.totp_status = attributes[:'totp_status'] + end + + if attributes.key?(:'web_authn_status') + self.web_authn_status = attributes[:'web_authn_status'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + overall_status == o.overall_status && + push_status == o.push_status && + totp_status == o.totp_status && + web_authn_status == o.web_authn_status + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [overall_status, push_status, totp_status, web_authn_status].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/mfa_enrollment_status.rb b/jcapiv1/lib/jcapiv1/models/mfa_enrollment_status.rb new file mode 100644 index 0000000..3f48be3 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/mfa_enrollment_status.rb @@ -0,0 +1,33 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class MfaEnrollmentStatus + NOT_ENROLLED = 'NOT_ENROLLED'.freeze + DISABLED = 'DISABLED'.freeze + PENDING_ACTIVATION = 'PENDING_ACTIVATION'.freeze + ENROLLMENT_EXPIRED = 'ENROLLMENT_EXPIRED'.freeze + IN_ENROLLMENT = 'IN_ENROLLMENT'.freeze + PRE_ENROLLMENT = 'PRE_ENROLLMENT'.freeze + ENROLLED = 'ENROLLED'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = MfaEnrollmentStatus.constants.select { |c| MfaEnrollmentStatus::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #MfaEnrollmentStatus" if constantValues.empty? + value + end + end +end diff --git a/jcapiv1/lib/jcapiv1/models/organization.rb b/jcapiv1/lib/jcapiv1/models/organization.rb new file mode 100644 index 0000000..c0718eb --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organization.rb @@ -0,0 +1,314 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class Organization + attr_accessor :_id + + attr_accessor :accounts_receivable + + attr_accessor :created + + attr_accessor :display_name + + attr_accessor :entitlement + + attr_accessor :has_credit_card + + attr_accessor :has_stripe_customer_id + + attr_accessor :last_estimate_calculation_time_stamp + + attr_accessor :last_sfdc_sync_status + + attr_accessor :logo_url + + attr_accessor :provider + + attr_accessor :settings + + attr_accessor :total_billing_estimate + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'_id' => :'_id', + :'accounts_receivable' => :'accountsReceivable', + :'created' => :'created', + :'display_name' => :'displayName', + :'entitlement' => :'entitlement', + :'has_credit_card' => :'hasCreditCard', + :'has_stripe_customer_id' => :'hasStripeCustomerId', + :'last_estimate_calculation_time_stamp' => :'lastEstimateCalculationTimeStamp', + :'last_sfdc_sync_status' => :'lastSfdcSyncStatus', + :'logo_url' => :'logoUrl', + :'provider' => :'provider', + :'settings' => :'settings', + :'total_billing_estimate' => :'totalBillingEstimate' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'_id' => :'Object', + :'accounts_receivable' => :'Object', + :'created' => :'Object', + :'display_name' => :'Object', + :'entitlement' => :'Object', + :'has_credit_card' => :'Object', + :'has_stripe_customer_id' => :'Object', + :'last_estimate_calculation_time_stamp' => :'Object', + :'last_sfdc_sync_status' => :'Object', + :'logo_url' => :'Object', + :'provider' => :'Object', + :'settings' => :'Object', + :'total_billing_estimate' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Organization` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Organization`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'_id') + self._id = attributes[:'_id'] + end + + if attributes.key?(:'accounts_receivable') + self.accounts_receivable = attributes[:'accounts_receivable'] + end + + if attributes.key?(:'created') + self.created = attributes[:'created'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'entitlement') + self.entitlement = attributes[:'entitlement'] + end + + if attributes.key?(:'has_credit_card') + self.has_credit_card = attributes[:'has_credit_card'] + end + + if attributes.key?(:'has_stripe_customer_id') + self.has_stripe_customer_id = attributes[:'has_stripe_customer_id'] + end + + if attributes.key?(:'last_estimate_calculation_time_stamp') + self.last_estimate_calculation_time_stamp = attributes[:'last_estimate_calculation_time_stamp'] + end + + if attributes.key?(:'last_sfdc_sync_status') + self.last_sfdc_sync_status = attributes[:'last_sfdc_sync_status'] + end + + if attributes.key?(:'logo_url') + self.logo_url = attributes[:'logo_url'] + end + + if attributes.key?(:'provider') + self.provider = attributes[:'provider'] + end + + if attributes.key?(:'settings') + self.settings = attributes[:'settings'] + end + + if attributes.key?(:'total_billing_estimate') + self.total_billing_estimate = attributes[:'total_billing_estimate'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + _id == o._id && + accounts_receivable == o.accounts_receivable && + created == o.created && + display_name == o.display_name && + entitlement == o.entitlement && + has_credit_card == o.has_credit_card && + has_stripe_customer_id == o.has_stripe_customer_id && + last_estimate_calculation_time_stamp == o.last_estimate_calculation_time_stamp && + last_sfdc_sync_status == o.last_sfdc_sync_status && + logo_url == o.logo_url && + provider == o.provider && + settings == o.settings && + total_billing_estimate == o.total_billing_estimate + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [_id, accounts_receivable, created, display_name, entitlement, has_credit_card, has_stripe_customer_id, last_estimate_calculation_time_stamp, last_sfdc_sync_status, logo_url, provider, settings, total_billing_estimate].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationentitlement.rb b/jcapiv1/lib/jcapiv1/models/organizationentitlement.rb new file mode 100644 index 0000000..46915b6 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationentitlement.rb @@ -0,0 +1,235 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class Organizationentitlement + attr_accessor :billing_model + + attr_accessor :entitlement_products + + attr_accessor :is_manually_billed + + attr_accessor :price_per_user_sum + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'billing_model' => :'billingModel', + :'entitlement_products' => :'entitlementProducts', + :'is_manually_billed' => :'isManuallyBilled', + :'price_per_user_sum' => :'pricePerUserSum' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'billing_model' => :'Object', + :'entitlement_products' => :'Object', + :'is_manually_billed' => :'Object', + :'price_per_user_sum' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Organizationentitlement` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Organizationentitlement`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'billing_model') + self.billing_model = attributes[:'billing_model'] + end + + if attributes.key?(:'entitlement_products') + if (value = attributes[:'entitlement_products']).is_a?(Array) + self.entitlement_products = value + end + end + + if attributes.key?(:'is_manually_billed') + self.is_manually_billed = attributes[:'is_manually_billed'] + end + + if attributes.key?(:'price_per_user_sum') + self.price_per_user_sum = attributes[:'price_per_user_sum'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + billing_model == o.billing_model && + entitlement_products == o.entitlement_products && + is_manually_billed == o.is_manually_billed && + price_per_user_sum == o.price_per_user_sum + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [billing_model, entitlement_products, is_manually_billed, price_per_user_sum].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationentitlement_entitlement_products.rb b/jcapiv1/lib/jcapiv1/models/organizationentitlement_entitlement_products.rb new file mode 100644 index 0000000..c8134d0 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationentitlement_entitlement_products.rb @@ -0,0 +1,269 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationentitlementEntitlementProducts + attr_accessor :committed_users + + attr_accessor :contract_type + + attr_accessor :max_user_count + + attr_accessor :name + + attr_accessor :price_per_user + + attr_accessor :product_category + + attr_accessor :product_code + + attr_accessor :uncommitted_users + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'committed_users' => :'committedUsers', + :'contract_type' => :'contractType', + :'max_user_count' => :'maxUserCount', + :'name' => :'name', + :'price_per_user' => :'pricePerUser', + :'product_category' => :'productCategory', + :'product_code' => :'productCode', + :'uncommitted_users' => :'uncommittedUsers' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'committed_users' => :'Object', + :'contract_type' => :'Object', + :'max_user_count' => :'Object', + :'name' => :'Object', + :'price_per_user' => :'Object', + :'product_category' => :'Object', + :'product_code' => :'Object', + :'uncommitted_users' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationentitlementEntitlementProducts` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationentitlementEntitlementProducts`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'committed_users') + self.committed_users = attributes[:'committed_users'] + end + + if attributes.key?(:'contract_type') + self.contract_type = attributes[:'contract_type'] + end + + if attributes.key?(:'max_user_count') + self.max_user_count = attributes[:'max_user_count'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'price_per_user') + self.price_per_user = attributes[:'price_per_user'] + end + + if attributes.key?(:'product_category') + self.product_category = attributes[:'product_category'] + end + + if attributes.key?(:'product_code') + self.product_code = attributes[:'product_code'] + end + + if attributes.key?(:'uncommitted_users') + self.uncommitted_users = attributes[:'uncommitted_users'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + committed_users == o.committed_users && + contract_type == o.contract_type && + max_user_count == o.max_user_count && + name == o.name && + price_per_user == o.price_per_user && + product_category == o.product_category && + product_code == o.product_code && + uncommitted_users == o.uncommitted_users + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [committed_users, contract_type, max_user_count, name, price_per_user, product_category, product_code, uncommitted_users].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizations_id_body.rb b/jcapiv1/lib/jcapiv1/models/organizations_id_body.rb new file mode 100644 index 0000000..1d39adb --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizations_id_body.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsIdBody + attr_accessor :settings + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'settings' => :'settings' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'settings' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsIdBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsIdBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'settings') + self.settings = attributes[:'settings'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + settings == o.settings + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [settings].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettings.rb b/jcapiv1/lib/jcapiv1/models/organizationsettings.rb new file mode 100644 index 0000000..9d51326 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettings.rb @@ -0,0 +1,502 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class Organizationsettings + attr_accessor :agent_version + + attr_accessor :beta_features + + attr_accessor :contact_email + + attr_accessor :contact_name + + attr_accessor :device_identification_enabled + + attr_accessor :disable_command_runner + + attr_accessor :disable_google_login + + attr_accessor :disable_ldap + + attr_accessor :disable_um + + attr_accessor :duplicate_ldap_groups + + attr_accessor :email_disclaimer + + attr_accessor :enable_google_apps + + attr_accessor :enable_managed_uid + + attr_accessor :enable_o365 + + attr_accessor :enable_user_portal_agent_install + + attr_accessor :features + + # Object containing Optimizely experimentIds and states corresponding to them + attr_accessor :growth_data + + attr_accessor :logo + + attr_accessor :max_system_users + + attr_accessor :name + + attr_accessor :new_system_user_state_defaults + + attr_accessor :password_compliance + + attr_accessor :password_policy + + attr_accessor :pending_delete + + attr_accessor :show_intro + + attr_accessor :system_user_password_expiration_in_days + + attr_accessor :system_users_can_edit + + attr_accessor :trusted_app_config + + attr_accessor :user_portal + + attr_accessor :windows_mdm + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'agent_version' => :'agentVersion', + :'beta_features' => :'betaFeatures', + :'contact_email' => :'contactEmail', + :'contact_name' => :'contactName', + :'device_identification_enabled' => :'deviceIdentificationEnabled', + :'disable_command_runner' => :'disableCommandRunner', + :'disable_google_login' => :'disableGoogleLogin', + :'disable_ldap' => :'disableLdap', + :'disable_um' => :'disableUM', + :'duplicate_ldap_groups' => :'duplicateLDAPGroups', + :'email_disclaimer' => :'emailDisclaimer', + :'enable_google_apps' => :'enableGoogleApps', + :'enable_managed_uid' => :'enableManagedUID', + :'enable_o365' => :'enableO365', + :'enable_user_portal_agent_install' => :'enableUserPortalAgentInstall', + :'features' => :'features', + :'growth_data' => :'growthData', + :'logo' => :'logo', + :'max_system_users' => :'maxSystemUsers', + :'name' => :'name', + :'new_system_user_state_defaults' => :'newSystemUserStateDefaults', + :'password_compliance' => :'passwordCompliance', + :'password_policy' => :'passwordPolicy', + :'pending_delete' => :'pendingDelete', + :'show_intro' => :'showIntro', + :'system_user_password_expiration_in_days' => :'systemUserPasswordExpirationInDays', + :'system_users_can_edit' => :'systemUsersCanEdit', + :'trusted_app_config' => :'trustedAppConfig', + :'user_portal' => :'userPortal', + :'windows_mdm' => :'windowsMDM' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'agent_version' => :'Object', + :'beta_features' => :'Object', + :'contact_email' => :'Object', + :'contact_name' => :'Object', + :'device_identification_enabled' => :'Object', + :'disable_command_runner' => :'Object', + :'disable_google_login' => :'Object', + :'disable_ldap' => :'Object', + :'disable_um' => :'Object', + :'duplicate_ldap_groups' => :'Object', + :'email_disclaimer' => :'Object', + :'enable_google_apps' => :'Object', + :'enable_managed_uid' => :'Object', + :'enable_o365' => :'Object', + :'enable_user_portal_agent_install' => :'Object', + :'features' => :'Object', + :'growth_data' => :'Object', + :'logo' => :'Object', + :'max_system_users' => :'Object', + :'name' => :'Object', + :'new_system_user_state_defaults' => :'Object', + :'password_compliance' => :'Object', + :'password_policy' => :'Object', + :'pending_delete' => :'Object', + :'show_intro' => :'Object', + :'system_user_password_expiration_in_days' => :'Object', + :'system_users_can_edit' => :'Object', + :'trusted_app_config' => :'Object', + :'user_portal' => :'Object', + :'windows_mdm' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Organizationsettings` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Organizationsettings`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'agent_version') + self.agent_version = attributes[:'agent_version'] + end + + if attributes.key?(:'beta_features') + self.beta_features = attributes[:'beta_features'] + end + + if attributes.key?(:'contact_email') + self.contact_email = attributes[:'contact_email'] + end + + if attributes.key?(:'contact_name') + self.contact_name = attributes[:'contact_name'] + end + + if attributes.key?(:'device_identification_enabled') + self.device_identification_enabled = attributes[:'device_identification_enabled'] + end + + if attributes.key?(:'disable_command_runner') + self.disable_command_runner = attributes[:'disable_command_runner'] + end + + if attributes.key?(:'disable_google_login') + self.disable_google_login = attributes[:'disable_google_login'] + end + + if attributes.key?(:'disable_ldap') + self.disable_ldap = attributes[:'disable_ldap'] + end + + if attributes.key?(:'disable_um') + self.disable_um = attributes[:'disable_um'] + end + + if attributes.key?(:'duplicate_ldap_groups') + self.duplicate_ldap_groups = attributes[:'duplicate_ldap_groups'] + end + + if attributes.key?(:'email_disclaimer') + self.email_disclaimer = attributes[:'email_disclaimer'] + end + + if attributes.key?(:'enable_google_apps') + self.enable_google_apps = attributes[:'enable_google_apps'] + end + + if attributes.key?(:'enable_managed_uid') + self.enable_managed_uid = attributes[:'enable_managed_uid'] + end + + if attributes.key?(:'enable_o365') + self.enable_o365 = attributes[:'enable_o365'] + end + + if attributes.key?(:'enable_user_portal_agent_install') + self.enable_user_portal_agent_install = attributes[:'enable_user_portal_agent_install'] + end + + if attributes.key?(:'features') + self.features = attributes[:'features'] + end + + if attributes.key?(:'growth_data') + self.growth_data = attributes[:'growth_data'] + end + + if attributes.key?(:'logo') + self.logo = attributes[:'logo'] + end + + if attributes.key?(:'max_system_users') + self.max_system_users = attributes[:'max_system_users'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'new_system_user_state_defaults') + self.new_system_user_state_defaults = attributes[:'new_system_user_state_defaults'] + end + + if attributes.key?(:'password_compliance') + self.password_compliance = attributes[:'password_compliance'] + end + + if attributes.key?(:'password_policy') + self.password_policy = attributes[:'password_policy'] + end + + if attributes.key?(:'pending_delete') + self.pending_delete = attributes[:'pending_delete'] + end + + if attributes.key?(:'show_intro') + self.show_intro = attributes[:'show_intro'] + end + + if attributes.key?(:'system_user_password_expiration_in_days') + self.system_user_password_expiration_in_days = attributes[:'system_user_password_expiration_in_days'] + end + + if attributes.key?(:'system_users_can_edit') + self.system_users_can_edit = attributes[:'system_users_can_edit'] + end + + if attributes.key?(:'trusted_app_config') + self.trusted_app_config = attributes[:'trusted_app_config'] + end + + if attributes.key?(:'user_portal') + self.user_portal = attributes[:'user_portal'] + end + + if attributes.key?(:'windows_mdm') + self.windows_mdm = attributes[:'windows_mdm'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + password_compliance_validator = EnumAttributeValidator.new('Object', ['custom', 'pci3', 'windows']) + return false unless password_compliance_validator.valid?(@password_compliance) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] password_compliance Object to be assigned + def password_compliance=(password_compliance) + validator = EnumAttributeValidator.new('Object', ['custom', 'pci3', 'windows']) + unless validator.valid?(password_compliance) + fail ArgumentError, "invalid value for \"password_compliance\", must be one of #{validator.allowable_values}." + end + @password_compliance = password_compliance + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + agent_version == o.agent_version && + beta_features == o.beta_features && + contact_email == o.contact_email && + contact_name == o.contact_name && + device_identification_enabled == o.device_identification_enabled && + disable_command_runner == o.disable_command_runner && + disable_google_login == o.disable_google_login && + disable_ldap == o.disable_ldap && + disable_um == o.disable_um && + duplicate_ldap_groups == o.duplicate_ldap_groups && + email_disclaimer == o.email_disclaimer && + enable_google_apps == o.enable_google_apps && + enable_managed_uid == o.enable_managed_uid && + enable_o365 == o.enable_o365 && + enable_user_portal_agent_install == o.enable_user_portal_agent_install && + features == o.features && + growth_data == o.growth_data && + logo == o.logo && + max_system_users == o.max_system_users && + name == o.name && + new_system_user_state_defaults == o.new_system_user_state_defaults && + password_compliance == o.password_compliance && + password_policy == o.password_policy && + pending_delete == o.pending_delete && + show_intro == o.show_intro && + system_user_password_expiration_in_days == o.system_user_password_expiration_in_days && + system_users_can_edit == o.system_users_can_edit && + trusted_app_config == o.trusted_app_config && + user_portal == o.user_portal && + windows_mdm == o.windows_mdm + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [agent_version, beta_features, contact_email, contact_name, device_identification_enabled, disable_command_runner, disable_google_login, disable_ldap, disable_um, duplicate_ldap_groups, email_disclaimer, enable_google_apps, enable_managed_uid, enable_o365, enable_user_portal_agent_install, features, growth_data, logo, max_system_users, name, new_system_user_state_defaults, password_compliance, password_policy, pending_delete, show_intro, system_user_password_expiration_in_days, system_users_can_edit, trusted_app_config, user_portal, windows_mdm].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettings_features.rb b/jcapiv1/lib/jcapiv1/models/organizationsettings_features.rb new file mode 100644 index 0000000..41ba276 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettings_features.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsettingsFeatures + attr_accessor :directory_insights + + attr_accessor :directory_insights_premium + + attr_accessor :system_insights + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'directory_insights' => :'directoryInsights', + :'directory_insights_premium' => :'directoryInsightsPremium', + :'system_insights' => :'systemInsights' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'directory_insights' => :'Object', + :'directory_insights_premium' => :'Object', + :'system_insights' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsettingsFeatures` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsettingsFeatures`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'directory_insights') + self.directory_insights = attributes[:'directory_insights'] + end + + if attributes.key?(:'directory_insights_premium') + self.directory_insights_premium = attributes[:'directory_insights_premium'] + end + + if attributes.key?(:'system_insights') + self.system_insights = attributes[:'system_insights'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + directory_insights == o.directory_insights && + directory_insights_premium == o.directory_insights_premium && + system_insights == o.system_insights + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [directory_insights, directory_insights_premium, system_insights].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettings_features_directory_insights.rb b/jcapiv1/lib/jcapiv1/models/organizationsettings_features_directory_insights.rb new file mode 100644 index 0000000..ef738e2 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettings_features_directory_insights.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsettingsFeaturesDirectoryInsights + attr_accessor :enabled + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'enabled' => :'enabled' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'enabled' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsettingsFeaturesDirectoryInsights` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsettingsFeaturesDirectoryInsights`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enabled == o.enabled + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [enabled].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettings_features_directory_insights_premium.rb b/jcapiv1/lib/jcapiv1/models/organizationsettings_features_directory_insights_premium.rb new file mode 100644 index 0000000..e20592b --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettings_features_directory_insights_premium.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsettingsFeaturesDirectoryInsightsPremium + attr_accessor :created_at + + attr_accessor :enabled + + attr_accessor :updated_at + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'created_at' => :'createdAt', + :'enabled' => :'enabled', + :'updated_at' => :'updatedAt' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'created_at' => :'Object', + :'enabled' => :'Object', + :'updated_at' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsettingsFeaturesDirectoryInsightsPremium` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsettingsFeaturesDirectoryInsightsPremium`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'created_at') + self.created_at = attributes[:'created_at'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'updated_at') + self.updated_at = attributes[:'updated_at'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + created_at == o.created_at && + enabled == o.enabled && + updated_at == o.updated_at + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [created_at, enabled, updated_at].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettings_features_system_insights.rb b/jcapiv1/lib/jcapiv1/models/organizationsettings_features_system_insights.rb new file mode 100644 index 0000000..7871288 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettings_features_system_insights.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsettingsFeaturesSystemInsights + attr_accessor :created_at + + attr_accessor :enable_new_darwin + + attr_accessor :enable_new_linux + + attr_accessor :enable_new_windows + + attr_accessor :enabled + + attr_accessor :updated_at + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'created_at' => :'createdAt', + :'enable_new_darwin' => :'enableNewDarwin', + :'enable_new_linux' => :'enableNewLinux', + :'enable_new_windows' => :'enableNewWindows', + :'enabled' => :'enabled', + :'updated_at' => :'updatedAt' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'created_at' => :'Object', + :'enable_new_darwin' => :'Object', + :'enable_new_linux' => :'Object', + :'enable_new_windows' => :'Object', + :'enabled' => :'Object', + :'updated_at' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsettingsFeaturesSystemInsights` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsettingsFeaturesSystemInsights`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'created_at') + self.created_at = attributes[:'created_at'] + end + + if attributes.key?(:'enable_new_darwin') + self.enable_new_darwin = attributes[:'enable_new_darwin'] + end + + if attributes.key?(:'enable_new_linux') + self.enable_new_linux = attributes[:'enable_new_linux'] + end + + if attributes.key?(:'enable_new_windows') + self.enable_new_windows = attributes[:'enable_new_windows'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'updated_at') + self.updated_at = attributes[:'updated_at'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + created_at == o.created_at && + enable_new_darwin == o.enable_new_darwin && + enable_new_linux == o.enable_new_linux && + enable_new_windows == o.enable_new_windows && + enabled == o.enabled && + updated_at == o.updated_at + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [created_at, enable_new_darwin, enable_new_linux, enable_new_windows, enabled, updated_at].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettings_new_system_user_state_defaults.rb b/jcapiv1/lib/jcapiv1/models/organizationsettings_new_system_user_state_defaults.rb new file mode 100644 index 0000000..35fad4a --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettings_new_system_user_state_defaults.rb @@ -0,0 +1,285 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsettingsNewSystemUserStateDefaults + # The default user state for a user created using the [Bulk Users Create](https://docs.jumpcloud.com/api/2.0/index.html#operation/bulk_usersCreate) endpoint. See endpoint documentation for more details. + attr_accessor :application_import + + # The default user state for a user created using the [Bulk Users Create](https://docs.jumpcloud.com/api/2.0/index.html#operation/bulk_usersCreate) endpoint. See endpoint documentation for more details. + attr_accessor :csv_import + + # The default state for a user that is created using the [Create a system user](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_post) endpoint. See endpoint documentation for more details. + attr_accessor :manual_entry + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'application_import' => :'applicationImport', + :'csv_import' => :'csvImport', + :'manual_entry' => :'manualEntry' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'application_import' => :'Object', + :'csv_import' => :'Object', + :'manual_entry' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsettingsNewSystemUserStateDefaults` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsettingsNewSystemUserStateDefaults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'application_import') + self.application_import = attributes[:'application_import'] + end + + if attributes.key?(:'csv_import') + self.csv_import = attributes[:'csv_import'] + end + + if attributes.key?(:'manual_entry') + self.manual_entry = attributes[:'manual_entry'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + application_import_validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + return false unless application_import_validator.valid?(@application_import) + csv_import_validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + return false unless csv_import_validator.valid?(@csv_import) + manual_entry_validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + return false unless manual_entry_validator.valid?(@manual_entry) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] application_import Object to be assigned + def application_import=(application_import) + validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + unless validator.valid?(application_import) + fail ArgumentError, "invalid value for \"application_import\", must be one of #{validator.allowable_values}." + end + @application_import = application_import + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] csv_import Object to be assigned + def csv_import=(csv_import) + validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + unless validator.valid?(csv_import) + fail ArgumentError, "invalid value for \"csv_import\", must be one of #{validator.allowable_values}." + end + @csv_import = csv_import + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] manual_entry Object to be assigned + def manual_entry=(manual_entry) + validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + unless validator.valid?(manual_entry) + fail ArgumentError, "invalid value for \"manual_entry\", must be one of #{validator.allowable_values}." + end + @manual_entry = manual_entry + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + application_import == o.application_import && + csv_import == o.csv_import && + manual_entry == o.manual_entry + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [application_import, csv_import, manual_entry].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettings_password_policy.rb b/jcapiv1/lib/jcapiv1/models/organizationsettings_password_policy.rb new file mode 100644 index 0000000..2a80dad --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettings_password_policy.rb @@ -0,0 +1,432 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsettingsPasswordPolicy + attr_accessor :allow_username_substring + + # Deprecated field used for the legacy grace period feature. + attr_accessor :days_after_expiration_to_self_recover + + attr_accessor :days_before_expiration_to_force_reset + + attr_accessor :effective_date + + attr_accessor :enable_days_after_expiration_to_self_recover + + attr_accessor :enable_days_before_expiration_to_force_reset + + attr_accessor :enable_lockout_time_in_seconds + + attr_accessor :enable_max_history + + attr_accessor :enable_max_login_attempts + + attr_accessor :enable_min_change_period_in_days + + attr_accessor :enable_min_length + + attr_accessor :enable_password_expiration_in_days + + attr_accessor :enable_recovery_email + + attr_accessor :enable_reset_lockout_counter + + attr_accessor :grace_period_date + + attr_accessor :lockout_time_in_seconds + + attr_accessor :max_history + + attr_accessor :max_login_attempts + + attr_accessor :min_change_period_in_days + + attr_accessor :min_length + + attr_accessor :needs_lowercase + + attr_accessor :needs_numeric + + attr_accessor :needs_symbolic + + attr_accessor :needs_uppercase + + attr_accessor :password_expiration_in_days + + attr_accessor :reset_lockout_counter_minutes + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'allow_username_substring' => :'allowUsernameSubstring', + :'days_after_expiration_to_self_recover' => :'daysAfterExpirationToSelfRecover', + :'days_before_expiration_to_force_reset' => :'daysBeforeExpirationToForceReset', + :'effective_date' => :'effectiveDate', + :'enable_days_after_expiration_to_self_recover' => :'enableDaysAfterExpirationToSelfRecover', + :'enable_days_before_expiration_to_force_reset' => :'enableDaysBeforeExpirationToForceReset', + :'enable_lockout_time_in_seconds' => :'enableLockoutTimeInSeconds', + :'enable_max_history' => :'enableMaxHistory', + :'enable_max_login_attempts' => :'enableMaxLoginAttempts', + :'enable_min_change_period_in_days' => :'enableMinChangePeriodInDays', + :'enable_min_length' => :'enableMinLength', + :'enable_password_expiration_in_days' => :'enablePasswordExpirationInDays', + :'enable_recovery_email' => :'enableRecoveryEmail', + :'enable_reset_lockout_counter' => :'enableResetLockoutCounter', + :'grace_period_date' => :'gracePeriodDate', + :'lockout_time_in_seconds' => :'lockoutTimeInSeconds', + :'max_history' => :'maxHistory', + :'max_login_attempts' => :'maxLoginAttempts', + :'min_change_period_in_days' => :'minChangePeriodInDays', + :'min_length' => :'minLength', + :'needs_lowercase' => :'needsLowercase', + :'needs_numeric' => :'needsNumeric', + :'needs_symbolic' => :'needsSymbolic', + :'needs_uppercase' => :'needsUppercase', + :'password_expiration_in_days' => :'passwordExpirationInDays', + :'reset_lockout_counter_minutes' => :'resetLockoutCounterMinutes' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'allow_username_substring' => :'Object', + :'days_after_expiration_to_self_recover' => :'Object', + :'days_before_expiration_to_force_reset' => :'Object', + :'effective_date' => :'Object', + :'enable_days_after_expiration_to_self_recover' => :'Object', + :'enable_days_before_expiration_to_force_reset' => :'Object', + :'enable_lockout_time_in_seconds' => :'Object', + :'enable_max_history' => :'Object', + :'enable_max_login_attempts' => :'Object', + :'enable_min_change_period_in_days' => :'Object', + :'enable_min_length' => :'Object', + :'enable_password_expiration_in_days' => :'Object', + :'enable_recovery_email' => :'Object', + :'enable_reset_lockout_counter' => :'Object', + :'grace_period_date' => :'Object', + :'lockout_time_in_seconds' => :'Object', + :'max_history' => :'Object', + :'max_login_attempts' => :'Object', + :'min_change_period_in_days' => :'Object', + :'min_length' => :'Object', + :'needs_lowercase' => :'Object', + :'needs_numeric' => :'Object', + :'needs_symbolic' => :'Object', + :'needs_uppercase' => :'Object', + :'password_expiration_in_days' => :'Object', + :'reset_lockout_counter_minutes' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsettingsPasswordPolicy` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsettingsPasswordPolicy`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'allow_username_substring') + self.allow_username_substring = attributes[:'allow_username_substring'] + end + + if attributes.key?(:'days_after_expiration_to_self_recover') + self.days_after_expiration_to_self_recover = attributes[:'days_after_expiration_to_self_recover'] + end + + if attributes.key?(:'days_before_expiration_to_force_reset') + self.days_before_expiration_to_force_reset = attributes[:'days_before_expiration_to_force_reset'] + end + + if attributes.key?(:'effective_date') + self.effective_date = attributes[:'effective_date'] + end + + if attributes.key?(:'enable_days_after_expiration_to_self_recover') + self.enable_days_after_expiration_to_self_recover = attributes[:'enable_days_after_expiration_to_self_recover'] + end + + if attributes.key?(:'enable_days_before_expiration_to_force_reset') + self.enable_days_before_expiration_to_force_reset = attributes[:'enable_days_before_expiration_to_force_reset'] + end + + if attributes.key?(:'enable_lockout_time_in_seconds') + self.enable_lockout_time_in_seconds = attributes[:'enable_lockout_time_in_seconds'] + end + + if attributes.key?(:'enable_max_history') + self.enable_max_history = attributes[:'enable_max_history'] + end + + if attributes.key?(:'enable_max_login_attempts') + self.enable_max_login_attempts = attributes[:'enable_max_login_attempts'] + end + + if attributes.key?(:'enable_min_change_period_in_days') + self.enable_min_change_period_in_days = attributes[:'enable_min_change_period_in_days'] + end + + if attributes.key?(:'enable_min_length') + self.enable_min_length = attributes[:'enable_min_length'] + end + + if attributes.key?(:'enable_password_expiration_in_days') + self.enable_password_expiration_in_days = attributes[:'enable_password_expiration_in_days'] + end + + if attributes.key?(:'enable_recovery_email') + self.enable_recovery_email = attributes[:'enable_recovery_email'] + end + + if attributes.key?(:'enable_reset_lockout_counter') + self.enable_reset_lockout_counter = attributes[:'enable_reset_lockout_counter'] + end + + if attributes.key?(:'grace_period_date') + self.grace_period_date = attributes[:'grace_period_date'] + end + + if attributes.key?(:'lockout_time_in_seconds') + self.lockout_time_in_seconds = attributes[:'lockout_time_in_seconds'] + end + + if attributes.key?(:'max_history') + self.max_history = attributes[:'max_history'] + end + + if attributes.key?(:'max_login_attempts') + self.max_login_attempts = attributes[:'max_login_attempts'] + end + + if attributes.key?(:'min_change_period_in_days') + self.min_change_period_in_days = attributes[:'min_change_period_in_days'] + end + + if attributes.key?(:'min_length') + self.min_length = attributes[:'min_length'] + end + + if attributes.key?(:'needs_lowercase') + self.needs_lowercase = attributes[:'needs_lowercase'] + end + + if attributes.key?(:'needs_numeric') + self.needs_numeric = attributes[:'needs_numeric'] + end + + if attributes.key?(:'needs_symbolic') + self.needs_symbolic = attributes[:'needs_symbolic'] + end + + if attributes.key?(:'needs_uppercase') + self.needs_uppercase = attributes[:'needs_uppercase'] + end + + if attributes.key?(:'password_expiration_in_days') + self.password_expiration_in_days = attributes[:'password_expiration_in_days'] + end + + if attributes.key?(:'reset_lockout_counter_minutes') + self.reset_lockout_counter_minutes = attributes[:'reset_lockout_counter_minutes'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + allow_username_substring == o.allow_username_substring && + days_after_expiration_to_self_recover == o.days_after_expiration_to_self_recover && + days_before_expiration_to_force_reset == o.days_before_expiration_to_force_reset && + effective_date == o.effective_date && + enable_days_after_expiration_to_self_recover == o.enable_days_after_expiration_to_self_recover && + enable_days_before_expiration_to_force_reset == o.enable_days_before_expiration_to_force_reset && + enable_lockout_time_in_seconds == o.enable_lockout_time_in_seconds && + enable_max_history == o.enable_max_history && + enable_max_login_attempts == o.enable_max_login_attempts && + enable_min_change_period_in_days == o.enable_min_change_period_in_days && + enable_min_length == o.enable_min_length && + enable_password_expiration_in_days == o.enable_password_expiration_in_days && + enable_recovery_email == o.enable_recovery_email && + enable_reset_lockout_counter == o.enable_reset_lockout_counter && + grace_period_date == o.grace_period_date && + lockout_time_in_seconds == o.lockout_time_in_seconds && + max_history == o.max_history && + max_login_attempts == o.max_login_attempts && + min_change_period_in_days == o.min_change_period_in_days && + min_length == o.min_length && + needs_lowercase == o.needs_lowercase && + needs_numeric == o.needs_numeric && + needs_symbolic == o.needs_symbolic && + needs_uppercase == o.needs_uppercase && + password_expiration_in_days == o.password_expiration_in_days && + reset_lockout_counter_minutes == o.reset_lockout_counter_minutes + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [allow_username_substring, days_after_expiration_to_self_recover, days_before_expiration_to_force_reset, effective_date, enable_days_after_expiration_to_self_recover, enable_days_before_expiration_to_force_reset, enable_lockout_time_in_seconds, enable_max_history, enable_max_login_attempts, enable_min_change_period_in_days, enable_min_length, enable_password_expiration_in_days, enable_recovery_email, enable_reset_lockout_counter, grace_period_date, lockout_time_in_seconds, max_history, max_login_attempts, min_change_period_in_days, min_length, needs_lowercase, needs_numeric, needs_symbolic, needs_uppercase, password_expiration_in_days, reset_lockout_counter_minutes].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettings_user_portal.rb b/jcapiv1/lib/jcapiv1/models/organizationsettings_user_portal.rb new file mode 100644 index 0000000..1b97528 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettings_user_portal.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsettingsUserPortal + attr_accessor :idle_session_duration_minutes + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'idle_session_duration_minutes' => :'idleSessionDurationMinutes' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'idle_session_duration_minutes' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsettingsUserPortal` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsettingsUserPortal`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'idle_session_duration_minutes') + self.idle_session_duration_minutes = attributes[:'idle_session_duration_minutes'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + idle_session_duration_minutes == o.idle_session_duration_minutes + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [idle_session_duration_minutes].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettings_windows_mdm.rb b/jcapiv1/lib/jcapiv1/models/organizationsettings_windows_mdm.rb new file mode 100644 index 0000000..c3f4e35 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettings_windows_mdm.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsettingsWindowsMDM + # Indicates if MDM Auto Enroll is active. + attr_accessor :auto_enroll + + # Indicates if the Windows MDM is active. + attr_accessor :enabled + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'auto_enroll' => :'autoEnroll', + :'enabled' => :'enabled' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'auto_enroll' => :'Object', + :'enabled' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsettingsWindowsMDM` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsettingsWindowsMDM`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'auto_enroll') + self.auto_enroll = attributes[:'auto_enroll'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + auto_enroll == o.auto_enroll && + enabled == o.enabled + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [auto_enroll, enabled].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettingsput.rb b/jcapiv1/lib/jcapiv1/models/organizationsettingsput.rb new file mode 100644 index 0000000..098620e --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettingsput.rb @@ -0,0 +1,430 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class Organizationsettingsput + attr_accessor :contact_email + + attr_accessor :contact_name + + attr_accessor :device_identification_enabled + + attr_accessor :disable_google_login + + attr_accessor :disable_ldap + + attr_accessor :disable_um + + attr_accessor :duplicate_ldap_groups + + attr_accessor :email_disclaimer + + attr_accessor :enable_managed_uid + + attr_accessor :features + + # Object containing Optimizely experimentIds and states corresponding to them + attr_accessor :growth_data + + attr_accessor :logo + + attr_accessor :max_system_users + + attr_accessor :name + + attr_accessor :new_system_user_state_defaults + + attr_accessor :password_compliance + + attr_accessor :password_policy + + attr_accessor :show_intro + + attr_accessor :system_user_password_expiration_in_days + + attr_accessor :system_users_can_edit + + attr_accessor :trusted_app_config + + attr_accessor :user_portal + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'contact_email' => :'contactEmail', + :'contact_name' => :'contactName', + :'device_identification_enabled' => :'deviceIdentificationEnabled', + :'disable_google_login' => :'disableGoogleLogin', + :'disable_ldap' => :'disableLdap', + :'disable_um' => :'disableUM', + :'duplicate_ldap_groups' => :'duplicateLDAPGroups', + :'email_disclaimer' => :'emailDisclaimer', + :'enable_managed_uid' => :'enableManagedUID', + :'features' => :'features', + :'growth_data' => :'growthData', + :'logo' => :'logo', + :'max_system_users' => :'maxSystemUsers', + :'name' => :'name', + :'new_system_user_state_defaults' => :'newSystemUserStateDefaults', + :'password_compliance' => :'passwordCompliance', + :'password_policy' => :'passwordPolicy', + :'show_intro' => :'showIntro', + :'system_user_password_expiration_in_days' => :'systemUserPasswordExpirationInDays', + :'system_users_can_edit' => :'systemUsersCanEdit', + :'trusted_app_config' => :'trustedAppConfig', + :'user_portal' => :'userPortal' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'contact_email' => :'Object', + :'contact_name' => :'Object', + :'device_identification_enabled' => :'Object', + :'disable_google_login' => :'Object', + :'disable_ldap' => :'Object', + :'disable_um' => :'Object', + :'duplicate_ldap_groups' => :'Object', + :'email_disclaimer' => :'Object', + :'enable_managed_uid' => :'Object', + :'features' => :'Object', + :'growth_data' => :'Object', + :'logo' => :'Object', + :'max_system_users' => :'Object', + :'name' => :'Object', + :'new_system_user_state_defaults' => :'Object', + :'password_compliance' => :'Object', + :'password_policy' => :'Object', + :'show_intro' => :'Object', + :'system_user_password_expiration_in_days' => :'Object', + :'system_users_can_edit' => :'Object', + :'trusted_app_config' => :'Object', + :'user_portal' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Organizationsettingsput` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Organizationsettingsput`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'contact_email') + self.contact_email = attributes[:'contact_email'] + end + + if attributes.key?(:'contact_name') + self.contact_name = attributes[:'contact_name'] + end + + if attributes.key?(:'device_identification_enabled') + self.device_identification_enabled = attributes[:'device_identification_enabled'] + end + + if attributes.key?(:'disable_google_login') + self.disable_google_login = attributes[:'disable_google_login'] + end + + if attributes.key?(:'disable_ldap') + self.disable_ldap = attributes[:'disable_ldap'] + end + + if attributes.key?(:'disable_um') + self.disable_um = attributes[:'disable_um'] + end + + if attributes.key?(:'duplicate_ldap_groups') + self.duplicate_ldap_groups = attributes[:'duplicate_ldap_groups'] + end + + if attributes.key?(:'email_disclaimer') + self.email_disclaimer = attributes[:'email_disclaimer'] + end + + if attributes.key?(:'enable_managed_uid') + self.enable_managed_uid = attributes[:'enable_managed_uid'] + end + + if attributes.key?(:'features') + self.features = attributes[:'features'] + end + + if attributes.key?(:'growth_data') + self.growth_data = attributes[:'growth_data'] + end + + if attributes.key?(:'logo') + self.logo = attributes[:'logo'] + end + + if attributes.key?(:'max_system_users') + self.max_system_users = attributes[:'max_system_users'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'new_system_user_state_defaults') + self.new_system_user_state_defaults = attributes[:'new_system_user_state_defaults'] + end + + if attributes.key?(:'password_compliance') + self.password_compliance = attributes[:'password_compliance'] + end + + if attributes.key?(:'password_policy') + self.password_policy = attributes[:'password_policy'] + end + + if attributes.key?(:'show_intro') + self.show_intro = attributes[:'show_intro'] + end + + if attributes.key?(:'system_user_password_expiration_in_days') + self.system_user_password_expiration_in_days = attributes[:'system_user_password_expiration_in_days'] + end + + if attributes.key?(:'system_users_can_edit') + self.system_users_can_edit = attributes[:'system_users_can_edit'] + end + + if attributes.key?(:'trusted_app_config') + self.trusted_app_config = attributes[:'trusted_app_config'] + end + + if attributes.key?(:'user_portal') + self.user_portal = attributes[:'user_portal'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + password_compliance_validator = EnumAttributeValidator.new('Object', ['custom', 'pci3', 'windows']) + return false unless password_compliance_validator.valid?(@password_compliance) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] password_compliance Object to be assigned + def password_compliance=(password_compliance) + validator = EnumAttributeValidator.new('Object', ['custom', 'pci3', 'windows']) + unless validator.valid?(password_compliance) + fail ArgumentError, "invalid value for \"password_compliance\", must be one of #{validator.allowable_values}." + end + @password_compliance = password_compliance + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + contact_email == o.contact_email && + contact_name == o.contact_name && + device_identification_enabled == o.device_identification_enabled && + disable_google_login == o.disable_google_login && + disable_ldap == o.disable_ldap && + disable_um == o.disable_um && + duplicate_ldap_groups == o.duplicate_ldap_groups && + email_disclaimer == o.email_disclaimer && + enable_managed_uid == o.enable_managed_uid && + features == o.features && + growth_data == o.growth_data && + logo == o.logo && + max_system_users == o.max_system_users && + name == o.name && + new_system_user_state_defaults == o.new_system_user_state_defaults && + password_compliance == o.password_compliance && + password_policy == o.password_policy && + show_intro == o.show_intro && + system_user_password_expiration_in_days == o.system_user_password_expiration_in_days && + system_users_can_edit == o.system_users_can_edit && + trusted_app_config == o.trusted_app_config && + user_portal == o.user_portal + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [contact_email, contact_name, device_identification_enabled, disable_google_login, disable_ldap, disable_um, duplicate_ldap_groups, email_disclaimer, enable_managed_uid, features, growth_data, logo, max_system_users, name, new_system_user_state_defaults, password_compliance, password_policy, show_intro, system_user_password_expiration_in_days, system_users_can_edit, trusted_app_config, user_portal].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettingsput_new_system_user_state_defaults.rb b/jcapiv1/lib/jcapiv1/models/organizationsettingsput_new_system_user_state_defaults.rb new file mode 100644 index 0000000..2c6ecd3 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettingsput_new_system_user_state_defaults.rb @@ -0,0 +1,282 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsettingsputNewSystemUserStateDefaults + attr_accessor :application_import + + attr_accessor :csv_import + + attr_accessor :manual_entry + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'application_import' => :'applicationImport', + :'csv_import' => :'csvImport', + :'manual_entry' => :'manualEntry' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'application_import' => :'Object', + :'csv_import' => :'Object', + :'manual_entry' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsettingsputNewSystemUserStateDefaults` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsettingsputNewSystemUserStateDefaults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'application_import') + self.application_import = attributes[:'application_import'] + end + + if attributes.key?(:'csv_import') + self.csv_import = attributes[:'csv_import'] + end + + if attributes.key?(:'manual_entry') + self.manual_entry = attributes[:'manual_entry'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + application_import_validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + return false unless application_import_validator.valid?(@application_import) + csv_import_validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + return false unless csv_import_validator.valid?(@csv_import) + manual_entry_validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + return false unless manual_entry_validator.valid?(@manual_entry) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] application_import Object to be assigned + def application_import=(application_import) + validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + unless validator.valid?(application_import) + fail ArgumentError, "invalid value for \"application_import\", must be one of #{validator.allowable_values}." + end + @application_import = application_import + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] csv_import Object to be assigned + def csv_import=(csv_import) + validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + unless validator.valid?(csv_import) + fail ArgumentError, "invalid value for \"csv_import\", must be one of #{validator.allowable_values}." + end + @csv_import = csv_import + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] manual_entry Object to be assigned + def manual_entry=(manual_entry) + validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'STAGED']) + unless validator.valid?(manual_entry) + fail ArgumentError, "invalid value for \"manual_entry\", must be one of #{validator.allowable_values}." + end + @manual_entry = manual_entry + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + application_import == o.application_import && + csv_import == o.csv_import && + manual_entry == o.manual_entry + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [application_import, csv_import, manual_entry].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationsettingsput_password_policy.rb b/jcapiv1/lib/jcapiv1/models/organizationsettingsput_password_policy.rb new file mode 100644 index 0000000..ce716e4 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/organizationsettingsput_password_policy.rb @@ -0,0 +1,405 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class OrganizationsettingsputPasswordPolicy + attr_accessor :allow_username_substring + + # Deprecated field used for the legacy grace period feature. + attr_accessor :days_after_expiration_to_self_recover + + attr_accessor :days_before_expiration_to_force_reset + + attr_accessor :effective_date + + attr_accessor :enable_days_after_expiration_to_self_recover + + attr_accessor :enable_days_before_expiration_to_force_reset + + attr_accessor :enable_lockout_time_in_seconds + + attr_accessor :enable_max_history + + attr_accessor :enable_max_login_attempts + + attr_accessor :enable_min_change_period_in_days + + attr_accessor :enable_min_length + + attr_accessor :enable_password_expiration_in_days + + attr_accessor :grace_period_date + + attr_accessor :lockout_time_in_seconds + + attr_accessor :max_history + + attr_accessor :max_login_attempts + + attr_accessor :min_change_period_in_days + + attr_accessor :min_length + + attr_accessor :needs_lowercase + + attr_accessor :needs_numeric + + attr_accessor :needs_symbolic + + attr_accessor :needs_uppercase + + attr_accessor :password_expiration_in_days + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'allow_username_substring' => :'allowUsernameSubstring', + :'days_after_expiration_to_self_recover' => :'daysAfterExpirationToSelfRecover', + :'days_before_expiration_to_force_reset' => :'daysBeforeExpirationToForceReset', + :'effective_date' => :'effectiveDate', + :'enable_days_after_expiration_to_self_recover' => :'enableDaysAfterExpirationToSelfRecover', + :'enable_days_before_expiration_to_force_reset' => :'enableDaysBeforeExpirationToForceReset', + :'enable_lockout_time_in_seconds' => :'enableLockoutTimeInSeconds', + :'enable_max_history' => :'enableMaxHistory', + :'enable_max_login_attempts' => :'enableMaxLoginAttempts', + :'enable_min_change_period_in_days' => :'enableMinChangePeriodInDays', + :'enable_min_length' => :'enableMinLength', + :'enable_password_expiration_in_days' => :'enablePasswordExpirationInDays', + :'grace_period_date' => :'gracePeriodDate', + :'lockout_time_in_seconds' => :'lockoutTimeInSeconds', + :'max_history' => :'maxHistory', + :'max_login_attempts' => :'maxLoginAttempts', + :'min_change_period_in_days' => :'minChangePeriodInDays', + :'min_length' => :'minLength', + :'needs_lowercase' => :'needsLowercase', + :'needs_numeric' => :'needsNumeric', + :'needs_symbolic' => :'needsSymbolic', + :'needs_uppercase' => :'needsUppercase', + :'password_expiration_in_days' => :'passwordExpirationInDays' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'allow_username_substring' => :'Object', + :'days_after_expiration_to_self_recover' => :'Object', + :'days_before_expiration_to_force_reset' => :'Object', + :'effective_date' => :'Object', + :'enable_days_after_expiration_to_self_recover' => :'Object', + :'enable_days_before_expiration_to_force_reset' => :'Object', + :'enable_lockout_time_in_seconds' => :'Object', + :'enable_max_history' => :'Object', + :'enable_max_login_attempts' => :'Object', + :'enable_min_change_period_in_days' => :'Object', + :'enable_min_length' => :'Object', + :'enable_password_expiration_in_days' => :'Object', + :'grace_period_date' => :'Object', + :'lockout_time_in_seconds' => :'Object', + :'max_history' => :'Object', + :'max_login_attempts' => :'Object', + :'min_change_period_in_days' => :'Object', + :'min_length' => :'Object', + :'needs_lowercase' => :'Object', + :'needs_numeric' => :'Object', + :'needs_symbolic' => :'Object', + :'needs_uppercase' => :'Object', + :'password_expiration_in_days' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationsettingsputPasswordPolicy` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationsettingsputPasswordPolicy`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'allow_username_substring') + self.allow_username_substring = attributes[:'allow_username_substring'] + end + + if attributes.key?(:'days_after_expiration_to_self_recover') + self.days_after_expiration_to_self_recover = attributes[:'days_after_expiration_to_self_recover'] + end + + if attributes.key?(:'days_before_expiration_to_force_reset') + self.days_before_expiration_to_force_reset = attributes[:'days_before_expiration_to_force_reset'] + end + + if attributes.key?(:'effective_date') + self.effective_date = attributes[:'effective_date'] + end + + if attributes.key?(:'enable_days_after_expiration_to_self_recover') + self.enable_days_after_expiration_to_self_recover = attributes[:'enable_days_after_expiration_to_self_recover'] + end + + if attributes.key?(:'enable_days_before_expiration_to_force_reset') + self.enable_days_before_expiration_to_force_reset = attributes[:'enable_days_before_expiration_to_force_reset'] + end + + if attributes.key?(:'enable_lockout_time_in_seconds') + self.enable_lockout_time_in_seconds = attributes[:'enable_lockout_time_in_seconds'] + end + + if attributes.key?(:'enable_max_history') + self.enable_max_history = attributes[:'enable_max_history'] + end + + if attributes.key?(:'enable_max_login_attempts') + self.enable_max_login_attempts = attributes[:'enable_max_login_attempts'] + end + + if attributes.key?(:'enable_min_change_period_in_days') + self.enable_min_change_period_in_days = attributes[:'enable_min_change_period_in_days'] + end + + if attributes.key?(:'enable_min_length') + self.enable_min_length = attributes[:'enable_min_length'] + end + + if attributes.key?(:'enable_password_expiration_in_days') + self.enable_password_expiration_in_days = attributes[:'enable_password_expiration_in_days'] + end + + if attributes.key?(:'grace_period_date') + self.grace_period_date = attributes[:'grace_period_date'] + end + + if attributes.key?(:'lockout_time_in_seconds') + self.lockout_time_in_seconds = attributes[:'lockout_time_in_seconds'] + end + + if attributes.key?(:'max_history') + self.max_history = attributes[:'max_history'] + end + + if attributes.key?(:'max_login_attempts') + self.max_login_attempts = attributes[:'max_login_attempts'] + end + + if attributes.key?(:'min_change_period_in_days') + self.min_change_period_in_days = attributes[:'min_change_period_in_days'] + end + + if attributes.key?(:'min_length') + self.min_length = attributes[:'min_length'] + end + + if attributes.key?(:'needs_lowercase') + self.needs_lowercase = attributes[:'needs_lowercase'] + end + + if attributes.key?(:'needs_numeric') + self.needs_numeric = attributes[:'needs_numeric'] + end + + if attributes.key?(:'needs_symbolic') + self.needs_symbolic = attributes[:'needs_symbolic'] + end + + if attributes.key?(:'needs_uppercase') + self.needs_uppercase = attributes[:'needs_uppercase'] + end + + if attributes.key?(:'password_expiration_in_days') + self.password_expiration_in_days = attributes[:'password_expiration_in_days'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + allow_username_substring == o.allow_username_substring && + days_after_expiration_to_self_recover == o.days_after_expiration_to_self_recover && + days_before_expiration_to_force_reset == o.days_before_expiration_to_force_reset && + effective_date == o.effective_date && + enable_days_after_expiration_to_self_recover == o.enable_days_after_expiration_to_self_recover && + enable_days_before_expiration_to_force_reset == o.enable_days_before_expiration_to_force_reset && + enable_lockout_time_in_seconds == o.enable_lockout_time_in_seconds && + enable_max_history == o.enable_max_history && + enable_max_login_attempts == o.enable_max_login_attempts && + enable_min_change_period_in_days == o.enable_min_change_period_in_days && + enable_min_length == o.enable_min_length && + enable_password_expiration_in_days == o.enable_password_expiration_in_days && + grace_period_date == o.grace_period_date && + lockout_time_in_seconds == o.lockout_time_in_seconds && + max_history == o.max_history && + max_login_attempts == o.max_login_attempts && + min_change_period_in_days == o.min_change_period_in_days && + min_length == o.min_length && + needs_lowercase == o.needs_lowercase && + needs_numeric == o.needs_numeric && + needs_symbolic == o.needs_symbolic && + needs_uppercase == o.needs_uppercase && + password_expiration_in_days == o.password_expiration_in_days + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [allow_username_substring, days_after_expiration_to_self_recover, days_before_expiration_to_force_reset, effective_date, enable_days_after_expiration_to_self_recover, enable_days_before_expiration_to_force_reset, enable_lockout_time_in_seconds, enable_max_history, enable_max_login_attempts, enable_min_change_period_in_days, enable_min_length, enable_password_expiration_in_days, grace_period_date, lockout_time_in_seconds, max_history, max_login_attempts, min_change_period_in_days, min_length, needs_lowercase, needs_numeric, needs_symbolic, needs_uppercase, password_expiration_in_days].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/organizationslist.rb b/jcapiv1/lib/jcapiv1/models/organizationslist.rb index 360b32a..579cd9e 100644 --- a/jcapiv1/lib/jcapiv1/models/organizationslist.rb +++ b/jcapiv1/lib/jcapiv1/models/organizationslist.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Organizationslist # The list of organizations. attr_accessor :results @@ -21,7 +19,6 @@ class Organizationslist # The total number of organizations. attr_accessor :total_count - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -31,44 +28,56 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'results' => :'Array', - :'total_count' => :'Integer' + :'results' => :'Object', + :'total_count' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Organizationslist` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Organizationslist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'results') + if attributes.key?(:'results') if (value = attributes[:'results']).is_a?(Array) self.results = value end end - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -87,26 +96,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [results, total_count].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -128,7 +146,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -149,8 +167,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -172,7 +189,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -184,7 +205,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -194,8 +215,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/organizationslist_results.rb b/jcapiv1/lib/jcapiv1/models/organizationslist_results.rb index 3e73dd9..4de648d 100644 --- a/jcapiv1/lib/jcapiv1/models/organizationslist_results.rb +++ b/jcapiv1/lib/jcapiv1/models/organizationslist_results.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class OrganizationslistResults # The ID of the organization. attr_accessor :_id @@ -24,7 +22,6 @@ class OrganizationslistResults # The organization logo image URL. attr_accessor :logo_url - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -35,47 +32,59 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'display_name' => :'String', - :'logo_url' => :'String' + :'_id' => :'Object', + :'display_name' => :'Object', + :'logo_url' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::OrganizationslistResults` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::OrganizationslistResults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'displayName') - self.display_name = attributes[:'displayName'] + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] end - if attributes.has_key?(:'logoUrl') - self.logo_url = attributes[:'logoUrl'] + if attributes.key?(:'logo_url') + self.logo_url = attributes[:'logo_url'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -95,26 +104,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [_id, display_name, logo_url].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -136,7 +154,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -157,8 +175,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -180,7 +197,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -192,7 +213,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -202,8 +223,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/radiusserver.rb b/jcapiv1/lib/jcapiv1/models/radiusserver.rb index 7c4c7f5..bb8c02c 100644 --- a/jcapiv1/lib/jcapiv1/models/radiusserver.rb +++ b/jcapiv1/lib/jcapiv1/models/radiusserver.rb @@ -1,22 +1,26 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Radiusserver attr_accessor :_id + attr_accessor :auth_idp + + attr_accessor :ca_cert + + attr_accessor :device_cert_enabled + attr_accessor :mfa attr_accessor :name @@ -31,8 +35,12 @@ class Radiusserver attr_accessor :tags + attr_accessor :user_cert_enabled + attr_accessor :user_lockout_action + attr_accessor :user_password_enabled + attr_accessor :user_password_expiration_action class EnumAttributeValidator @@ -61,6 +69,9 @@ def valid?(value) def self.attribute_map { :'_id' => :'_id', + :'auth_idp' => :'authIdp', + :'ca_cert' => :'caCert', + :'device_cert_enabled' => :'deviceCertEnabled', :'mfa' => :'mfa', :'name' => :'name', :'network_source_ip' => :'networkSourceIp', @@ -68,102 +79,153 @@ def self.attribute_map :'shared_secret' => :'sharedSecret', :'tag_names' => :'tagNames', :'tags' => :'tags', + :'user_cert_enabled' => :'userCertEnabled', :'user_lockout_action' => :'userLockoutAction', + :'user_password_enabled' => :'userPasswordEnabled', :'user_password_expiration_action' => :'userPasswordExpirationAction' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'mfa' => :'String', - :'name' => :'String', - :'network_source_ip' => :'String', - :'organization' => :'String', - :'shared_secret' => :'String', - :'tag_names' => :'Array', - :'tags' => :'Array', - :'user_lockout_action' => :'String', - :'user_password_expiration_action' => :'String' + :'_id' => :'Object', + :'auth_idp' => :'Object', + :'ca_cert' => :'Object', + :'device_cert_enabled' => :'Object', + :'mfa' => :'Object', + :'name' => :'Object', + :'network_source_ip' => :'Object', + :'organization' => :'Object', + :'shared_secret' => :'Object', + :'tag_names' => :'Object', + :'tags' => :'Object', + :'user_cert_enabled' => :'Object', + :'user_lockout_action' => :'Object', + :'user_password_enabled' => :'Object', + :'user_password_expiration_action' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Radiusserver` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Radiusserver`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'mfa') + if attributes.key?(:'auth_idp') + self.auth_idp = attributes[:'auth_idp'] + end + + if attributes.key?(:'ca_cert') + self.ca_cert = attributes[:'ca_cert'] + end + + if attributes.key?(:'device_cert_enabled') + self.device_cert_enabled = attributes[:'device_cert_enabled'] + end + + if attributes.key?(:'mfa') self.mfa = attributes[:'mfa'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'networkSourceIp') - self.network_source_ip = attributes[:'networkSourceIp'] + if attributes.key?(:'network_source_ip') + self.network_source_ip = attributes[:'network_source_ip'] end - if attributes.has_key?(:'organization') + if attributes.key?(:'organization') self.organization = attributes[:'organization'] end - if attributes.has_key?(:'sharedSecret') - self.shared_secret = attributes[:'sharedSecret'] + if attributes.key?(:'shared_secret') + self.shared_secret = attributes[:'shared_secret'] end - if attributes.has_key?(:'tagNames') - if (value = attributes[:'tagNames']).is_a?(Array) + if attributes.key?(:'tag_names') + if (value = attributes[:'tag_names']).is_a?(Array) self.tag_names = value end end - if attributes.has_key?(:'tags') + if attributes.key?(:'tags') if (value = attributes[:'tags']).is_a?(Array) self.tags = value end end - if attributes.has_key?(:'userLockoutAction') - self.user_lockout_action = attributes[:'userLockoutAction'] + if attributes.key?(:'user_cert_enabled') + self.user_cert_enabled = attributes[:'user_cert_enabled'] end - if attributes.has_key?(:'userPasswordExpirationAction') - self.user_password_expiration_action = attributes[:'userPasswordExpirationAction'] + if attributes.key?(:'user_lockout_action') + self.user_lockout_action = attributes[:'user_lockout_action'] end + if attributes.key?(:'user_password_enabled') + self.user_password_enabled = attributes[:'user_password_enabled'] + end + + if attributes.key?(:'user_password_expiration_action') + self.user_password_expiration_action = attributes[:'user_password_expiration_action'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - mfa_validator = EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) + auth_idp_validator = EnumAttributeValidator.new('Object', ['JUMPCLOUD', 'AZURE']) + return false unless auth_idp_validator.valid?(@auth_idp) + mfa_validator = EnumAttributeValidator.new('Object', ['DISABLED', 'ENABLED', 'REQUIRED', 'ALWAYS']) return false unless mfa_validator.valid?(@mfa) - return true + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] auth_idp Object to be assigned + def auth_idp=(auth_idp) + validator = EnumAttributeValidator.new('Object', ['JUMPCLOUD', 'AZURE']) + unless validator.valid?(auth_idp) + fail ArgumentError, "invalid value for \"auth_idp\", must be one of #{validator.allowable_values}." + end + @auth_idp = auth_idp end # Custom attribute writer method checking allowed values (enum). # @param [Object] mfa Object to be assigned def mfa=(mfa) - validator = EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) + validator = EnumAttributeValidator.new('Object', ['DISABLED', 'ENABLED', 'REQUIRED', 'ALWAYS']) unless validator.valid?(mfa) - fail ArgumentError, "invalid value for 'mfa', must be one of #{validator.allowable_values}." + fail ArgumentError, "invalid value for \"mfa\", must be one of #{validator.allowable_values}." end @mfa = mfa end @@ -174,6 +236,9 @@ def ==(o) return true if self.equal?(o) self.class == o.class && _id == o._id && + auth_idp == o.auth_idp && + ca_cert == o.ca_cert && + device_cert_enabled == o.device_cert_enabled && mfa == o.mfa && name == o.name && network_source_ip == o.network_source_ip && @@ -181,7 +246,9 @@ def ==(o) shared_secret == o.shared_secret && tag_names == o.tag_names && tags == o.tags && + user_cert_enabled == o.user_cert_enabled && user_lockout_action == o.user_lockout_action && + user_password_enabled == o.user_password_enabled && user_password_expiration_action == o.user_password_expiration_action end @@ -192,9 +259,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [_id, mfa, name, network_source_ip, organization, shared_secret, tag_names, tags, user_lockout_action, user_password_expiration_action].hash + [_id, auth_idp, ca_cert, device_cert_enabled, mfa, name, network_source_ip, organization, shared_secret, tag_names, tags, user_cert_enabled, user_lockout_action, user_password_enabled, user_password_expiration_action].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -202,16 +276,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -233,7 +309,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -254,8 +330,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -277,7 +352,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -289,7 +368,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -299,8 +378,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/radiusserverpost.rb b/jcapiv1/lib/jcapiv1/models/radiusserverpost.rb index 1514774..5f698f5 100644 --- a/jcapiv1/lib/jcapiv1/models/radiusserverpost.rb +++ b/jcapiv1/lib/jcapiv1/models/radiusserverpost.rb @@ -1,20 +1,24 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Radiusserverpost + attr_accessor :auth_idp + + attr_accessor :ca_cert + + attr_accessor :device_cert_enabled + attr_accessor :mfa attr_accessor :name @@ -26,8 +30,12 @@ class Radiusserverpost attr_accessor :tag_names + attr_accessor :user_cert_enabled + attr_accessor :user_lockout_action + attr_accessor :user_password_enabled + attr_accessor :user_password_expiration_action class EnumAttributeValidator @@ -55,67 +63,109 @@ def valid?(value) # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'auth_idp' => :'authIdp', + :'ca_cert' => :'caCert', + :'device_cert_enabled' => :'deviceCertEnabled', :'mfa' => :'mfa', :'name' => :'name', :'network_source_ip' => :'networkSourceIp', :'shared_secret' => :'sharedSecret', :'tag_names' => :'tagNames', + :'user_cert_enabled' => :'userCertEnabled', :'user_lockout_action' => :'userLockoutAction', + :'user_password_enabled' => :'userPasswordEnabled', :'user_password_expiration_action' => :'userPasswordExpirationAction' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'mfa' => :'String', - :'name' => :'String', - :'network_source_ip' => :'String', - :'shared_secret' => :'String', - :'tag_names' => :'Array', - :'user_lockout_action' => :'String', - :'user_password_expiration_action' => :'String' + :'auth_idp' => :'Object', + :'ca_cert' => :'Object', + :'device_cert_enabled' => :'Object', + :'mfa' => :'Object', + :'name' => :'Object', + :'network_source_ip' => :'Object', + :'shared_secret' => :'Object', + :'tag_names' => :'Object', + :'user_cert_enabled' => :'Object', + :'user_lockout_action' => :'Object', + :'user_password_enabled' => :'Object', + :'user_password_expiration_action' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Radiusserverpost` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Radiusserverpost`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'auth_idp') + self.auth_idp = attributes[:'auth_idp'] + end + + if attributes.key?(:'ca_cert') + self.ca_cert = attributes[:'ca_cert'] + end + + if attributes.key?(:'device_cert_enabled') + self.device_cert_enabled = attributes[:'device_cert_enabled'] + end - if attributes.has_key?(:'mfa') + if attributes.key?(:'mfa') self.mfa = attributes[:'mfa'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'networkSourceIp') - self.network_source_ip = attributes[:'networkSourceIp'] + if attributes.key?(:'network_source_ip') + self.network_source_ip = attributes[:'network_source_ip'] end - if attributes.has_key?(:'sharedSecret') - self.shared_secret = attributes[:'sharedSecret'] + if attributes.key?(:'shared_secret') + self.shared_secret = attributes[:'shared_secret'] end - if attributes.has_key?(:'tagNames') - if (value = attributes[:'tagNames']).is_a?(Array) + if attributes.key?(:'tag_names') + if (value = attributes[:'tag_names']).is_a?(Array) self.tag_names = value end end - if attributes.has_key?(:'userLockoutAction') - self.user_lockout_action = attributes[:'userLockoutAction'] + if attributes.key?(:'user_cert_enabled') + self.user_cert_enabled = attributes[:'user_cert_enabled'] end - if attributes.has_key?(:'userPasswordExpirationAction') - self.user_password_expiration_action = attributes[:'userPasswordExpirationAction'] + if attributes.key?(:'user_lockout_action') + self.user_lockout_action = attributes[:'user_lockout_action'] end + if attributes.key?(:'user_password_enabled') + self.user_password_enabled = attributes[:'user_password_enabled'] + end + + if attributes.key?(:'user_password_expiration_action') + self.user_password_expiration_action = attributes[:'user_password_expiration_action'] + end end # Show invalid properties with the reasons. Usually used together with valid? @@ -123,37 +173,49 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") + invalid_properties.push('invalid value for "name", name cannot be nil.') end if @network_source_ip.nil? - invalid_properties.push("invalid value for 'network_source_ip', network_source_ip cannot be nil.") + invalid_properties.push('invalid value for "network_source_ip", network_source_ip cannot be nil.') end if @shared_secret.nil? - invalid_properties.push("invalid value for 'shared_secret', shared_secret cannot be nil.") + invalid_properties.push('invalid value for "shared_secret", shared_secret cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - mfa_validator = EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) + auth_idp_validator = EnumAttributeValidator.new('Object', ['JUMPCLOUD', 'AZURE']) + return false unless auth_idp_validator.valid?(@auth_idp) + mfa_validator = EnumAttributeValidator.new('Object', ['DISABLED', 'ENABLED', 'REQUIRED', 'ALWAYS']) return false unless mfa_validator.valid?(@mfa) return false if @name.nil? return false if @network_source_ip.nil? return false if @shared_secret.nil? - return true + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] auth_idp Object to be assigned + def auth_idp=(auth_idp) + validator = EnumAttributeValidator.new('Object', ['JUMPCLOUD', 'AZURE']) + unless validator.valid?(auth_idp) + fail ArgumentError, "invalid value for \"auth_idp\", must be one of #{validator.allowable_values}." + end + @auth_idp = auth_idp end # Custom attribute writer method checking allowed values (enum). # @param [Object] mfa Object to be assigned def mfa=(mfa) - validator = EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) + validator = EnumAttributeValidator.new('Object', ['DISABLED', 'ENABLED', 'REQUIRED', 'ALWAYS']) unless validator.valid?(mfa) - fail ArgumentError, "invalid value for 'mfa', must be one of #{validator.allowable_values}." + fail ArgumentError, "invalid value for \"mfa\", must be one of #{validator.allowable_values}." end @mfa = mfa end @@ -163,12 +225,17 @@ def mfa=(mfa) def ==(o) return true if self.equal?(o) self.class == o.class && + auth_idp == o.auth_idp && + ca_cert == o.ca_cert && + device_cert_enabled == o.device_cert_enabled && mfa == o.mfa && name == o.name && network_source_ip == o.network_source_ip && shared_secret == o.shared_secret && tag_names == o.tag_names && + user_cert_enabled == o.user_cert_enabled && user_lockout_action == o.user_lockout_action && + user_password_enabled == o.user_password_enabled && user_password_expiration_action == o.user_password_expiration_action end @@ -179,9 +246,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [mfa, name, network_source_ip, shared_secret, tag_names, user_lockout_action, user_password_expiration_action].hash + [auth_idp, ca_cert, device_cert_enabled, mfa, name, network_source_ip, shared_secret, tag_names, user_cert_enabled, user_lockout_action, user_password_enabled, user_password_expiration_action].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -189,16 +263,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -220,7 +296,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -241,8 +317,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -264,7 +339,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -276,7 +355,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -286,8 +365,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/radiusserverput.rb b/jcapiv1/lib/jcapiv1/models/radiusserverput.rb index ecfc286..506d6a9 100644 --- a/jcapiv1/lib/jcapiv1/models/radiusserverput.rb +++ b/jcapiv1/lib/jcapiv1/models/radiusserverput.rb @@ -1,22 +1,26 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Radiusserverput attr_accessor :_id + attr_accessor :auth_idp + + attr_accessor :ca_cert + + attr_accessor :device_cert_enabled + attr_accessor :mfa attr_accessor :name @@ -25,8 +29,12 @@ class Radiusserverput attr_accessor :tag_names + attr_accessor :user_cert_enabled + attr_accessor :user_lockout_action + attr_accessor :user_password_enabled + attr_accessor :user_password_expiration_action class EnumAttributeValidator @@ -55,89 +63,143 @@ def valid?(value) def self.attribute_map { :'_id' => :'_id', + :'auth_idp' => :'authIdp', + :'ca_cert' => :'caCert', + :'device_cert_enabled' => :'deviceCertEnabled', :'mfa' => :'mfa', :'name' => :'name', :'network_source_ip' => :'networkSourceIp', :'tag_names' => :'tagNames', + :'user_cert_enabled' => :'userCertEnabled', :'user_lockout_action' => :'userLockoutAction', + :'user_password_enabled' => :'userPasswordEnabled', :'user_password_expiration_action' => :'userPasswordExpirationAction' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'mfa' => :'String', - :'name' => :'String', - :'network_source_ip' => :'String', - :'tag_names' => :'Array', - :'user_lockout_action' => :'String', - :'user_password_expiration_action' => :'String' + :'_id' => :'Object', + :'auth_idp' => :'Object', + :'ca_cert' => :'Object', + :'device_cert_enabled' => :'Object', + :'mfa' => :'Object', + :'name' => :'Object', + :'network_source_ip' => :'Object', + :'tag_names' => :'Object', + :'user_cert_enabled' => :'Object', + :'user_lockout_action' => :'Object', + :'user_password_enabled' => :'Object', + :'user_password_expiration_action' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Radiusserverput` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Radiusserverput`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'mfa') + if attributes.key?(:'auth_idp') + self.auth_idp = attributes[:'auth_idp'] + end + + if attributes.key?(:'ca_cert') + self.ca_cert = attributes[:'ca_cert'] + end + + if attributes.key?(:'device_cert_enabled') + self.device_cert_enabled = attributes[:'device_cert_enabled'] + end + + if attributes.key?(:'mfa') self.mfa = attributes[:'mfa'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'networkSourceIp') - self.network_source_ip = attributes[:'networkSourceIp'] + if attributes.key?(:'network_source_ip') + self.network_source_ip = attributes[:'network_source_ip'] end - if attributes.has_key?(:'tagNames') - if (value = attributes[:'tagNames']).is_a?(Array) + if attributes.key?(:'tag_names') + if (value = attributes[:'tag_names']).is_a?(Array) self.tag_names = value end end - if attributes.has_key?(:'userLockoutAction') - self.user_lockout_action = attributes[:'userLockoutAction'] + if attributes.key?(:'user_cert_enabled') + self.user_cert_enabled = attributes[:'user_cert_enabled'] end - if attributes.has_key?(:'userPasswordExpirationAction') - self.user_password_expiration_action = attributes[:'userPasswordExpirationAction'] + if attributes.key?(:'user_lockout_action') + self.user_lockout_action = attributes[:'user_lockout_action'] end + if attributes.key?(:'user_password_enabled') + self.user_password_enabled = attributes[:'user_password_enabled'] + end + + if attributes.key?(:'user_password_expiration_action') + self.user_password_expiration_action = attributes[:'user_password_expiration_action'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - mfa_validator = EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) + auth_idp_validator = EnumAttributeValidator.new('Object', ['JUMPCLOUD', 'AZURE']) + return false unless auth_idp_validator.valid?(@auth_idp) + mfa_validator = EnumAttributeValidator.new('Object', ['DISABLED', 'ENABLED', 'REQUIRED', 'ALWAYS']) return false unless mfa_validator.valid?(@mfa) - return true + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] auth_idp Object to be assigned + def auth_idp=(auth_idp) + validator = EnumAttributeValidator.new('Object', ['JUMPCLOUD', 'AZURE']) + unless validator.valid?(auth_idp) + fail ArgumentError, "invalid value for \"auth_idp\", must be one of #{validator.allowable_values}." + end + @auth_idp = auth_idp end # Custom attribute writer method checking allowed values (enum). # @param [Object] mfa Object to be assigned def mfa=(mfa) - validator = EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) + validator = EnumAttributeValidator.new('Object', ['DISABLED', 'ENABLED', 'REQUIRED', 'ALWAYS']) unless validator.valid?(mfa) - fail ArgumentError, "invalid value for 'mfa', must be one of #{validator.allowable_values}." + fail ArgumentError, "invalid value for \"mfa\", must be one of #{validator.allowable_values}." end @mfa = mfa end @@ -148,11 +210,16 @@ def ==(o) return true if self.equal?(o) self.class == o.class && _id == o._id && + auth_idp == o.auth_idp && + ca_cert == o.ca_cert && + device_cert_enabled == o.device_cert_enabled && mfa == o.mfa && name == o.name && network_source_ip == o.network_source_ip && tag_names == o.tag_names && + user_cert_enabled == o.user_cert_enabled && user_lockout_action == o.user_lockout_action && + user_password_enabled == o.user_password_enabled && user_password_expiration_action == o.user_password_expiration_action end @@ -163,9 +230,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [_id, mfa, name, network_source_ip, tag_names, user_lockout_action, user_password_expiration_action].hash + [_id, auth_idp, ca_cert, device_cert_enabled, mfa, name, network_source_ip, tag_names, user_cert_enabled, user_lockout_action, user_password_enabled, user_password_expiration_action].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -173,16 +247,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -204,7 +280,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -225,8 +301,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -248,7 +323,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -260,7 +339,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -270,8 +349,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/radiusservers_id_body.rb b/jcapiv1/lib/jcapiv1/models/radiusservers_id_body.rb new file mode 100644 index 0000000..3cec1a4 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/radiusservers_id_body.rb @@ -0,0 +1,347 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class RadiusserversIdBody + attr_accessor :ca_cert + + attr_accessor :device_cert_enabled + + attr_accessor :mfa + + attr_accessor :name + + attr_accessor :network_source_ip + + attr_accessor :shared_secret + + attr_accessor :tags + + attr_accessor :user_cert_enabled + + attr_accessor :user_lockout_action + + attr_accessor :user_password_enabled + + attr_accessor :user_password_expiration_action + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'ca_cert' => :'caCert', + :'device_cert_enabled' => :'deviceCertEnabled', + :'mfa' => :'mfa', + :'name' => :'name', + :'network_source_ip' => :'networkSourceIp', + :'shared_secret' => :'sharedSecret', + :'tags' => :'tags', + :'user_cert_enabled' => :'userCertEnabled', + :'user_lockout_action' => :'userLockoutAction', + :'user_password_enabled' => :'userPasswordEnabled', + :'user_password_expiration_action' => :'userPasswordExpirationAction' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'ca_cert' => :'Object', + :'device_cert_enabled' => :'Object', + :'mfa' => :'Object', + :'name' => :'Object', + :'network_source_ip' => :'Object', + :'shared_secret' => :'Object', + :'tags' => :'Object', + :'user_cert_enabled' => :'Object', + :'user_lockout_action' => :'Object', + :'user_password_enabled' => :'Object', + :'user_password_expiration_action' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::RadiusserversIdBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::RadiusserversIdBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'ca_cert') + self.ca_cert = attributes[:'ca_cert'] + end + + if attributes.key?(:'device_cert_enabled') + self.device_cert_enabled = attributes[:'device_cert_enabled'] + end + + if attributes.key?(:'mfa') + self.mfa = attributes[:'mfa'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'network_source_ip') + self.network_source_ip = attributes[:'network_source_ip'] + end + + if attributes.key?(:'shared_secret') + self.shared_secret = attributes[:'shared_secret'] + end + + if attributes.key?(:'tags') + if (value = attributes[:'tags']).is_a?(Array) + self.tags = value + end + end + + if attributes.key?(:'user_cert_enabled') + self.user_cert_enabled = attributes[:'user_cert_enabled'] + end + + if attributes.key?(:'user_lockout_action') + self.user_lockout_action = attributes[:'user_lockout_action'] + end + + if attributes.key?(:'user_password_enabled') + self.user_password_enabled = attributes[:'user_password_enabled'] + end + + if attributes.key?(:'user_password_expiration_action') + self.user_password_expiration_action = attributes[:'user_password_expiration_action'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @network_source_ip.nil? + invalid_properties.push('invalid value for "network_source_ip", network_source_ip cannot be nil.') + end + + if @shared_secret.nil? + invalid_properties.push('invalid value for "shared_secret", shared_secret cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + mfa_validator = EnumAttributeValidator.new('Object', ['DISABLED', 'ENABLED', 'REQUIRED', 'ALWAYS']) + return false unless mfa_validator.valid?(@mfa) + return false if @name.nil? + return false if @network_source_ip.nil? + return false if @shared_secret.nil? + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] mfa Object to be assigned + def mfa=(mfa) + validator = EnumAttributeValidator.new('Object', ['DISABLED', 'ENABLED', 'REQUIRED', 'ALWAYS']) + unless validator.valid?(mfa) + fail ArgumentError, "invalid value for \"mfa\", must be one of #{validator.allowable_values}." + end + @mfa = mfa + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + ca_cert == o.ca_cert && + device_cert_enabled == o.device_cert_enabled && + mfa == o.mfa && + name == o.name && + network_source_ip == o.network_source_ip && + shared_secret == o.shared_secret && + tags == o.tags && + user_cert_enabled == o.user_cert_enabled && + user_lockout_action == o.user_lockout_action && + user_password_enabled == o.user_password_enabled && + user_password_expiration_action == o.user_password_expiration_action + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [ca_cert, device_cert_enabled, mfa, name, network_source_ip, shared_secret, tags, user_cert_enabled, user_lockout_action, user_password_enabled, user_password_expiration_action].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/radiusserverslist.rb b/jcapiv1/lib/jcapiv1/models/radiusserverslist.rb index e11eb0a..7f2c71d 100644 --- a/jcapiv1/lib/jcapiv1/models/radiusserverslist.rb +++ b/jcapiv1/lib/jcapiv1/models/radiusserverslist.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Radiusserverslist attr_accessor :results attr_accessor :total_count - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,44 +26,56 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'results' => :'Array', - :'total_count' => :'Integer' + :'results' => :'Object', + :'total_count' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Radiusserverslist` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Radiusserverslist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'results') + if attributes.key?(:'results') if (value = attributes[:'results']).is_a?(Array) self.results = value end end - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -85,26 +94,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [results, total_count].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -126,7 +144,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -147,8 +165,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -170,7 +187,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -182,7 +203,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -192,8 +213,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/run_command_body.rb b/jcapiv1/lib/jcapiv1/models/run_command_body.rb new file mode 100644 index 0000000..0bacc93 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/run_command_body.rb @@ -0,0 +1,219 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class RunCommandBody + # The ID of the command. + attr_accessor :_id + + # An optional list of device IDs to run the command on. If omitted, the command will run on devices bound to the command. + attr_accessor :system_ids + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'_id' => :'_id', + :'system_ids' => :'systemIds' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'_id' => :'Object', + :'system_ids' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::RunCommandBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::RunCommandBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'_id') + self._id = attributes[:'_id'] + end + + if attributes.key?(:'system_ids') + if (value = attributes[:'system_ids']).is_a?(Array) + self.system_ids = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + _id == o._id && + system_ids == o.system_ids + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [_id, system_ids].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/search.rb b/jcapiv1/lib/jcapiv1/models/search.rb index 08032fb..26711c7 100644 --- a/jcapiv1/lib/jcapiv1/models/search.rb +++ b/jcapiv1/lib/jcapiv1/models/search.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Search attr_accessor :fields @@ -21,7 +19,6 @@ class Search attr_accessor :search_filter - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -32,47 +29,59 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'fields' => :'String', + :'fields' => :'Object', :'filter' => :'Object', :'search_filter' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Search` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Search`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'fields') + if attributes.key?(:'fields') self.fields = attributes[:'fields'] end - if attributes.has_key?(:'filter') + if attributes.key?(:'filter') self.filter = attributes[:'filter'] end - if attributes.has_key?(:'searchFilter') - self.search_filter = attributes[:'searchFilter'] + if attributes.key?(:'search_filter') + self.search_filter = attributes[:'search_filter'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -92,26 +101,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [fields, filter, search_filter].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -133,7 +151,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -154,8 +172,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -177,7 +194,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -189,7 +210,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -199,8 +220,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/sshkeylist.rb b/jcapiv1/lib/jcapiv1/models/sshkeylist.rb index 2f8b2dd..38c9456 100644 --- a/jcapiv1/lib/jcapiv1/models/sshkeylist.rb +++ b/jcapiv1/lib/jcapiv1/models/sshkeylist.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Sshkeylist # The ID of the SSH key. attr_accessor :_id @@ -27,7 +25,6 @@ class Sshkeylist # The Public SSH key. attr_accessor :public_key - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -39,52 +36,64 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'create_date' => :'String', - :'name' => :'String', - :'public_key' => :'String' + :'_id' => :'Object', + :'create_date' => :'Object', + :'name' => :'Object', + :'public_key' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Sshkeylist` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Sshkeylist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'create_date') + if attributes.key?(:'create_date') self.create_date = attributes[:'create_date'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'public_key') + if attributes.key?(:'public_key') self.public_key = attributes[:'public_key'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -105,26 +114,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [_id, create_date, name, public_key].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -146,7 +164,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -167,8 +185,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -190,7 +207,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -202,7 +223,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -212,8 +233,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/sshkeypost.rb b/jcapiv1/lib/jcapiv1/models/sshkeypost.rb index b68848c..ff8c569 100644 --- a/jcapiv1/lib/jcapiv1/models/sshkeypost.rb +++ b/jcapiv1/lib/jcapiv1/models/sshkeypost.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Sshkeypost # The name of the SSH key. attr_accessor :name @@ -21,7 +19,6 @@ class Sshkeypost # The Public SSH key. attr_accessor :public_key - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -31,29 +28,41 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'name' => :'String', - :'public_key' => :'String' + :'name' => :'Object', + :'public_key' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Sshkeypost` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Sshkeypost`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'public_key') + if attributes.key?(:'public_key') self.public_key = attributes[:'public_key'] end - end # Show invalid properties with the reasons. Usually used together with valid? @@ -61,14 +70,14 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") + invalid_properties.push('invalid value for "name", name cannot be nil.') end if @public_key.nil? - invalid_properties.push("invalid value for 'public_key', public_key cannot be nil.") + invalid_properties.push('invalid value for "public_key", public_key cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid @@ -76,7 +85,7 @@ def list_invalid_properties def valid? return false if @name.nil? return false if @public_key.nil? - return true + true end # Checks equality by comparing each attribute. @@ -95,26 +104,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [name, public_key].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -136,7 +154,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -157,8 +175,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -180,7 +197,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -192,7 +213,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -202,8 +223,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/sso.rb b/jcapiv1/lib/jcapiv1/models/sso.rb new file mode 100644 index 0000000..97a799c --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/sso.rb @@ -0,0 +1,278 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class Sso + attr_accessor :beta + + attr_accessor :hidden + + attr_accessor :idp_cert_expiration_at + + attr_accessor :idp_certificate_updated_at + + attr_accessor :idp_private_key_updated_at + + attr_accessor :jit + + attr_accessor :sp_certificate_updated_at + + attr_accessor :sp_error_flow + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'beta' => :'beta', + :'hidden' => :'hidden', + :'idp_cert_expiration_at' => :'idpCertExpirationAt', + :'idp_certificate_updated_at' => :'idpCertificateUpdatedAt', + :'idp_private_key_updated_at' => :'idpPrivateKeyUpdatedAt', + :'jit' => :'jit', + :'sp_certificate_updated_at' => :'spCertificateUpdatedAt', + :'sp_error_flow' => :'spErrorFlow', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'beta' => :'Object', + :'hidden' => :'Object', + :'idp_cert_expiration_at' => :'Object', + :'idp_certificate_updated_at' => :'Object', + :'idp_private_key_updated_at' => :'Object', + :'jit' => :'Object', + :'sp_certificate_updated_at' => :'Object', + :'sp_error_flow' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Sso` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Sso`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'beta') + self.beta = attributes[:'beta'] + end + + if attributes.key?(:'hidden') + self.hidden = attributes[:'hidden'] + end + + if attributes.key?(:'idp_cert_expiration_at') + self.idp_cert_expiration_at = attributes[:'idp_cert_expiration_at'] + end + + if attributes.key?(:'idp_certificate_updated_at') + self.idp_certificate_updated_at = attributes[:'idp_certificate_updated_at'] + end + + if attributes.key?(:'idp_private_key_updated_at') + self.idp_private_key_updated_at = attributes[:'idp_private_key_updated_at'] + end + + if attributes.key?(:'jit') + self.jit = attributes[:'jit'] + end + + if attributes.key?(:'sp_certificate_updated_at') + self.sp_certificate_updated_at = attributes[:'sp_certificate_updated_at'] + end + + if attributes.key?(:'sp_error_flow') + self.sp_error_flow = attributes[:'sp_error_flow'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + beta == o.beta && + hidden == o.hidden && + idp_cert_expiration_at == o.idp_cert_expiration_at && + idp_certificate_updated_at == o.idp_certificate_updated_at && + idp_private_key_updated_at == o.idp_private_key_updated_at && + jit == o.jit && + sp_certificate_updated_at == o.sp_certificate_updated_at && + sp_error_flow == o.sp_error_flow && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [beta, hidden, idp_cert_expiration_at, idp_certificate_updated_at, idp_private_key_updated_at, jit, sp_certificate_updated_at, sp_error_flow, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/state_activate_body.rb b/jcapiv1/lib/jcapiv1/models/state_activate_body.rb new file mode 100644 index 0000000..d851ccd --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/state_activate_body.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class StateActivateBody + attr_accessor :email + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'email' => :'email' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'email' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::StateActivateBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::StateActivateBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + email == o.email + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [email].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system.rb b/jcapiv1/lib/jcapiv1/models/system.rb index 331d00e..a4b37d9 100644 --- a/jcapiv1/lib/jcapiv1/models/system.rb +++ b/jcapiv1/lib/jcapiv1/models/system.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class System attr_accessor :_id @@ -33,18 +31,38 @@ class System attr_accessor :arch + attr_accessor :arch_family + + attr_accessor :azure_ad_joined + + attr_accessor :built_in_commands + attr_accessor :connection_history attr_accessor :created + attr_accessor :description + + attr_accessor :desktop_capable + + attr_accessor :display_manager + attr_accessor :display_name + attr_accessor :domain_info + attr_accessor :fde + attr_accessor :file_system + + attr_accessor :has_service_account + attr_accessor :hostname attr_accessor :last_contact + attr_accessor :mdm + attr_accessor :modify_sshd_config attr_accessor :network_interfaces @@ -53,8 +71,20 @@ class System attr_accessor :os + attr_accessor :os_family + + attr_accessor :os_version_detail + + attr_accessor :provision_metadata + attr_accessor :remote_ip + attr_accessor :secure_login + + attr_accessor :serial_number + + attr_accessor :service_account_state + attr_accessor :ssh_root_enabled attr_accessor :sshd_params @@ -67,8 +97,9 @@ class System attr_accessor :template_name - attr_accessor :version + attr_accessor :user_metrics + attr_accessor :version # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map @@ -82,197 +113,317 @@ def self.attribute_map :'allow_ssh_root_login' => :'allowSshRootLogin', :'amazon_instance_id' => :'amazonInstanceID', :'arch' => :'arch', + :'arch_family' => :'archFamily', + :'azure_ad_joined' => :'azureAdJoined', + :'built_in_commands' => :'builtInCommands', :'connection_history' => :'connectionHistory', :'created' => :'created', + :'description' => :'description', + :'desktop_capable' => :'desktopCapable', + :'display_manager' => :'displayManager', :'display_name' => :'displayName', + :'domain_info' => :'domainInfo', :'fde' => :'fde', + :'file_system' => :'fileSystem', + :'has_service_account' => :'hasServiceAccount', :'hostname' => :'hostname', :'last_contact' => :'lastContact', + :'mdm' => :'mdm', :'modify_sshd_config' => :'modifySSHDConfig', :'network_interfaces' => :'networkInterfaces', :'organization' => :'organization', :'os' => :'os', + :'os_family' => :'osFamily', + :'os_version_detail' => :'osVersionDetail', + :'provision_metadata' => :'provisionMetadata', :'remote_ip' => :'remoteIP', + :'secure_login' => :'secureLogin', + :'serial_number' => :'serialNumber', + :'service_account_state' => :'serviceAccountState', :'ssh_root_enabled' => :'sshRootEnabled', :'sshd_params' => :'sshdParams', :'system_insights' => :'systemInsights', :'system_timezone' => :'systemTimezone', :'tags' => :'tags', :'template_name' => :'templateName', + :'user_metrics' => :'userMetrics', :'version' => :'version' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'active' => :'BOOLEAN', - :'agent_version' => :'String', - :'allow_multi_factor_authentication' => :'BOOLEAN', - :'allow_public_key_authentication' => :'BOOLEAN', - :'allow_ssh_password_authentication' => :'BOOLEAN', - :'allow_ssh_root_login' => :'BOOLEAN', - :'amazon_instance_id' => :'String', - :'arch' => :'String', - :'connection_history' => :'Array', - :'created' => :'String', - :'display_name' => :'String', - :'fde' => :'Fde', - :'hostname' => :'String', - :'last_contact' => :'String', - :'modify_sshd_config' => :'BOOLEAN', - :'network_interfaces' => :'Array', - :'organization' => :'String', - :'os' => :'String', - :'remote_ip' => :'String', - :'ssh_root_enabled' => :'BOOLEAN', - :'sshd_params' => :'Array', - :'system_insights' => :'SystemSystemInsights', - :'system_timezone' => :'Integer', - :'tags' => :'Array', - :'template_name' => :'String', - :'version' => :'String' + :'_id' => :'Object', + :'active' => :'Object', + :'agent_version' => :'Object', + :'allow_multi_factor_authentication' => :'Object', + :'allow_public_key_authentication' => :'Object', + :'allow_ssh_password_authentication' => :'Object', + :'allow_ssh_root_login' => :'Object', + :'amazon_instance_id' => :'Object', + :'arch' => :'Object', + :'arch_family' => :'Object', + :'azure_ad_joined' => :'Object', + :'built_in_commands' => :'Object', + :'connection_history' => :'Object', + :'created' => :'Object', + :'description' => :'Object', + :'desktop_capable' => :'Object', + :'display_manager' => :'Object', + :'display_name' => :'Object', + :'domain_info' => :'Object', + :'fde' => :'Object', + :'file_system' => :'Object', + :'has_service_account' => :'Object', + :'hostname' => :'Object', + :'last_contact' => :'Object', + :'mdm' => :'Object', + :'modify_sshd_config' => :'Object', + :'network_interfaces' => :'Object', + :'organization' => :'Object', + :'os' => :'Object', + :'os_family' => :'Object', + :'os_version_detail' => :'Object', + :'provision_metadata' => :'Object', + :'remote_ip' => :'Object', + :'secure_login' => :'Object', + :'serial_number' => :'Object', + :'service_account_state' => :'Object', + :'ssh_root_enabled' => :'Object', + :'sshd_params' => :'Object', + :'system_insights' => :'Object', + :'system_timezone' => :'Object', + :'tags' => :'Object', + :'template_name' => :'Object', + :'user_metrics' => :'Object', + :'version' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + :'file_system', + :'last_contact', + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::System` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::System`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'active') + if attributes.key?(:'active') self.active = attributes[:'active'] end - if attributes.has_key?(:'agentVersion') - self.agent_version = attributes[:'agentVersion'] + if attributes.key?(:'agent_version') + self.agent_version = attributes[:'agent_version'] end - if attributes.has_key?(:'allowMultiFactorAuthentication') - self.allow_multi_factor_authentication = attributes[:'allowMultiFactorAuthentication'] + if attributes.key?(:'allow_multi_factor_authentication') + self.allow_multi_factor_authentication = attributes[:'allow_multi_factor_authentication'] end - if attributes.has_key?(:'allowPublicKeyAuthentication') - self.allow_public_key_authentication = attributes[:'allowPublicKeyAuthentication'] + if attributes.key?(:'allow_public_key_authentication') + self.allow_public_key_authentication = attributes[:'allow_public_key_authentication'] end - if attributes.has_key?(:'allowSshPasswordAuthentication') - self.allow_ssh_password_authentication = attributes[:'allowSshPasswordAuthentication'] + if attributes.key?(:'allow_ssh_password_authentication') + self.allow_ssh_password_authentication = attributes[:'allow_ssh_password_authentication'] end - if attributes.has_key?(:'allowSshRootLogin') - self.allow_ssh_root_login = attributes[:'allowSshRootLogin'] + if attributes.key?(:'allow_ssh_root_login') + self.allow_ssh_root_login = attributes[:'allow_ssh_root_login'] end - if attributes.has_key?(:'amazonInstanceID') - self.amazon_instance_id = attributes[:'amazonInstanceID'] + if attributes.key?(:'amazon_instance_id') + self.amazon_instance_id = attributes[:'amazon_instance_id'] end - if attributes.has_key?(:'arch') + if attributes.key?(:'arch') self.arch = attributes[:'arch'] end - if attributes.has_key?(:'connectionHistory') - if (value = attributes[:'connectionHistory']).is_a?(Array) + if attributes.key?(:'arch_family') + self.arch_family = attributes[:'arch_family'] + end + + if attributes.key?(:'azure_ad_joined') + self.azure_ad_joined = attributes[:'azure_ad_joined'] + end + + if attributes.key?(:'built_in_commands') + if (value = attributes[:'built_in_commands']).is_a?(Array) + self.built_in_commands = value + end + end + + if attributes.key?(:'connection_history') + if (value = attributes[:'connection_history']).is_a?(Array) self.connection_history = value end end - if attributes.has_key?(:'created') + if attributes.key?(:'created') self.created = attributes[:'created'] end - if attributes.has_key?(:'displayName') - self.display_name = attributes[:'displayName'] + if attributes.key?(:'description') + self.description = attributes[:'description'] end - if attributes.has_key?(:'fde') + if attributes.key?(:'desktop_capable') + self.desktop_capable = attributes[:'desktop_capable'] + end + + if attributes.key?(:'display_manager') + self.display_manager = attributes[:'display_manager'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'domain_info') + self.domain_info = attributes[:'domain_info'] + end + + if attributes.key?(:'fde') self.fde = attributes[:'fde'] end - if attributes.has_key?(:'hostname') + if attributes.key?(:'file_system') + self.file_system = attributes[:'file_system'] + end + + if attributes.key?(:'has_service_account') + self.has_service_account = attributes[:'has_service_account'] + end + + if attributes.key?(:'hostname') self.hostname = attributes[:'hostname'] end - if attributes.has_key?(:'lastContact') - self.last_contact = attributes[:'lastContact'] + if attributes.key?(:'last_contact') + self.last_contact = attributes[:'last_contact'] + end + + if attributes.key?(:'mdm') + self.mdm = attributes[:'mdm'] end - if attributes.has_key?(:'modifySSHDConfig') - self.modify_sshd_config = attributes[:'modifySSHDConfig'] + if attributes.key?(:'modify_sshd_config') + self.modify_sshd_config = attributes[:'modify_sshd_config'] end - if attributes.has_key?(:'networkInterfaces') - if (value = attributes[:'networkInterfaces']).is_a?(Array) + if attributes.key?(:'network_interfaces') + if (value = attributes[:'network_interfaces']).is_a?(Array) self.network_interfaces = value end end - if attributes.has_key?(:'organization') + if attributes.key?(:'organization') self.organization = attributes[:'organization'] end - if attributes.has_key?(:'os') + if attributes.key?(:'os') self.os = attributes[:'os'] end - if attributes.has_key?(:'remoteIP') - self.remote_ip = attributes[:'remoteIP'] + if attributes.key?(:'os_family') + self.os_family = attributes[:'os_family'] + end + + if attributes.key?(:'os_version_detail') + self.os_version_detail = attributes[:'os_version_detail'] + end + + if attributes.key?(:'provision_metadata') + self.provision_metadata = attributes[:'provision_metadata'] + end + + if attributes.key?(:'remote_ip') + self.remote_ip = attributes[:'remote_ip'] + end + + if attributes.key?(:'secure_login') + self.secure_login = attributes[:'secure_login'] + end + + if attributes.key?(:'serial_number') + self.serial_number = attributes[:'serial_number'] + end + + if attributes.key?(:'service_account_state') + self.service_account_state = attributes[:'service_account_state'] end - if attributes.has_key?(:'sshRootEnabled') - self.ssh_root_enabled = attributes[:'sshRootEnabled'] + if attributes.key?(:'ssh_root_enabled') + self.ssh_root_enabled = attributes[:'ssh_root_enabled'] end - if attributes.has_key?(:'sshdParams') - if (value = attributes[:'sshdParams']).is_a?(Array) + if attributes.key?(:'sshd_params') + if (value = attributes[:'sshd_params']).is_a?(Array) self.sshd_params = value end end - if attributes.has_key?(:'systemInsights') - self.system_insights = attributes[:'systemInsights'] + if attributes.key?(:'system_insights') + self.system_insights = attributes[:'system_insights'] end - if attributes.has_key?(:'systemTimezone') - self.system_timezone = attributes[:'systemTimezone'] + if attributes.key?(:'system_timezone') + self.system_timezone = attributes[:'system_timezone'] end - if attributes.has_key?(:'tags') + if attributes.key?(:'tags') if (value = attributes[:'tags']).is_a?(Array) self.tags = value end end - if attributes.has_key?(:'templateName') - self.template_name = attributes[:'templateName'] + if attributes.key?(:'template_name') + self.template_name = attributes[:'template_name'] end - if attributes.has_key?(:'version') - self.version = attributes[:'version'] + if attributes.key?(:'user_metrics') + if (value = attributes[:'user_metrics']).is_a?(Array) + self.user_metrics = value + end end + if attributes.key?(:'version') + self.version = attributes[:'version'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -289,23 +440,40 @@ def ==(o) allow_ssh_root_login == o.allow_ssh_root_login && amazon_instance_id == o.amazon_instance_id && arch == o.arch && + arch_family == o.arch_family && + azure_ad_joined == o.azure_ad_joined && + built_in_commands == o.built_in_commands && connection_history == o.connection_history && created == o.created && + description == o.description && + desktop_capable == o.desktop_capable && + display_manager == o.display_manager && display_name == o.display_name && + domain_info == o.domain_info && fde == o.fde && + file_system == o.file_system && + has_service_account == o.has_service_account && hostname == o.hostname && last_contact == o.last_contact && + mdm == o.mdm && modify_sshd_config == o.modify_sshd_config && network_interfaces == o.network_interfaces && organization == o.organization && os == o.os && + os_family == o.os_family && + os_version_detail == o.os_version_detail && + provision_metadata == o.provision_metadata && remote_ip == o.remote_ip && + secure_login == o.secure_login && + serial_number == o.serial_number && + service_account_state == o.service_account_state && ssh_root_enabled == o.ssh_root_enabled && sshd_params == o.sshd_params && system_insights == o.system_insights && system_timezone == o.system_timezone && tags == o.tags && template_name == o.template_name && + user_metrics == o.user_metrics && version == o.version end @@ -316,9 +484,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [_id, active, agent_version, allow_multi_factor_authentication, allow_public_key_authentication, allow_ssh_password_authentication, allow_ssh_root_login, amazon_instance_id, arch, connection_history, created, display_name, fde, hostname, last_contact, modify_sshd_config, network_interfaces, organization, os, remote_ip, ssh_root_enabled, sshd_params, system_insights, system_timezone, tags, template_name, version].hash + [_id, active, agent_version, allow_multi_factor_authentication, allow_public_key_authentication, allow_ssh_password_authentication, allow_ssh_root_login, amazon_instance_id, arch, arch_family, azure_ad_joined, built_in_commands, connection_history, created, description, desktop_capable, display_manager, display_name, domain_info, fde, file_system, has_service_account, hostname, last_contact, mdm, modify_sshd_config, network_interfaces, organization, os, os_family, os_version_detail, provision_metadata, remote_ip, secure_login, serial_number, service_account_state, ssh_root_enabled, sshd_params, system_insights, system_timezone, tags, template_name, user_metrics, version].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -326,16 +501,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -357,7 +534,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -378,8 +555,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -401,7 +577,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -413,7 +593,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -423,8 +603,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/system_built_in_commands.rb b/jcapiv1/lib/jcapiv1/models/system_built_in_commands.rb new file mode 100644 index 0000000..c66221b --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_built_in_commands.rb @@ -0,0 +1,261 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemBuiltInCommands + attr_accessor :name + + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemBuiltInCommands` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemBuiltInCommands`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + name_validator = EnumAttributeValidator.new('Object', ['erase', 'lock', 'restart', 'shutdown']) + return false unless name_validator.valid?(@name) + type_validator = EnumAttributeValidator.new('Object', ['security']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] name Object to be assigned + def name=(name) + validator = EnumAttributeValidator.new('Object', ['erase', 'lock', 'restart', 'shutdown']) + unless validator.valid?(name) + fail ArgumentError, "invalid value for \"name\", must be one of #{validator.allowable_values}." + end + @name = name + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('Object', ['security']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system_domain_info.rb b/jcapiv1/lib/jcapiv1/models/system_domain_info.rb new file mode 100644 index 0000000..719c34a --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_domain_info.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemDomainInfo + attr_accessor :domain_name + + attr_accessor :part_of_domain + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'domain_name' => :'domainName', + :'part_of_domain' => :'partOfDomain' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'domain_name' => :'Object', + :'part_of_domain' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemDomainInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemDomainInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'domain_name') + self.domain_name = attributes[:'domain_name'] + end + + if attributes.key?(:'part_of_domain') + self.part_of_domain = attributes[:'part_of_domain'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + domain_name == o.domain_name && + part_of_domain == o.part_of_domain + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [domain_name, part_of_domain].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system_mdm.rb b/jcapiv1/lib/jcapiv1/models/system_mdm.rb new file mode 100644 index 0000000..ec00f92 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_mdm.rb @@ -0,0 +1,315 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemMdm + attr_accessor :dep + + attr_accessor :enrollment_type + + attr_accessor :internal + + attr_accessor :profile_identifier + + attr_accessor :provider_id + + attr_accessor :user_approved + + attr_accessor :vendor + + attr_accessor :windows + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'dep' => :'dep', + :'enrollment_type' => :'enrollmentType', + :'internal' => :'internal', + :'profile_identifier' => :'profileIdentifier', + :'provider_id' => :'providerId', + :'user_approved' => :'userApproved', + :'vendor' => :'vendor', + :'windows' => :'windows' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'dep' => :'Object', + :'enrollment_type' => :'Object', + :'internal' => :'Object', + :'profile_identifier' => :'Object', + :'provider_id' => :'Object', + :'user_approved' => :'Object', + :'vendor' => :'Object', + :'windows' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemMdm` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemMdm`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'dep') + self.dep = attributes[:'dep'] + end + + if attributes.key?(:'enrollment_type') + self.enrollment_type = attributes[:'enrollment_type'] + end + + if attributes.key?(:'internal') + self.internal = attributes[:'internal'] + end + + if attributes.key?(:'profile_identifier') + self.profile_identifier = attributes[:'profile_identifier'] + end + + if attributes.key?(:'provider_id') + self.provider_id = attributes[:'provider_id'] + end + + if attributes.key?(:'user_approved') + self.user_approved = attributes[:'user_approved'] + end + + if attributes.key?(:'vendor') + self.vendor = attributes[:'vendor'] + end + + if attributes.key?(:'windows') + self.windows = attributes[:'windows'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + enrollment_type_validator = EnumAttributeValidator.new('Object', ['unknown', 'automated device', 'device', 'user']) + return false unless enrollment_type_validator.valid?(@enrollment_type) + vendor_validator = EnumAttributeValidator.new('Object', ['unknown', 'none', 'internal', 'external']) + return false unless vendor_validator.valid?(@vendor) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] enrollment_type Object to be assigned + def enrollment_type=(enrollment_type) + validator = EnumAttributeValidator.new('Object', ['unknown', 'automated device', 'device', 'user']) + unless validator.valid?(enrollment_type) + fail ArgumentError, "invalid value for \"enrollment_type\", must be one of #{validator.allowable_values}." + end + @enrollment_type = enrollment_type + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] vendor Object to be assigned + def vendor=(vendor) + validator = EnumAttributeValidator.new('Object', ['unknown', 'none', 'internal', 'external']) + unless validator.valid?(vendor) + fail ArgumentError, "invalid value for \"vendor\", must be one of #{validator.allowable_values}." + end + @vendor = vendor + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + dep == o.dep && + enrollment_type == o.enrollment_type && + internal == o.internal && + profile_identifier == o.profile_identifier && + provider_id == o.provider_id && + user_approved == o.user_approved && + vendor == o.vendor && + windows == o.windows + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [dep, enrollment_type, internal, profile_identifier, provider_id, user_approved, vendor, windows].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system_mdm_internal.rb b/jcapiv1/lib/jcapiv1/models/system_mdm_internal.rb new file mode 100644 index 0000000..2de7768 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_mdm_internal.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemMdmInternal + attr_accessor :device_id + + attr_accessor :windows_device_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'device_id' => :'deviceId', + :'windows_device_id' => :'windowsDeviceId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'device_id' => :'Object', + :'windows_device_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemMdmInternal` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemMdmInternal`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'device_id') + self.device_id = attributes[:'device_id'] + end + + if attributes.key?(:'windows_device_id') + self.windows_device_id = attributes[:'windows_device_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + device_id == o.device_id && + windows_device_id == o.windows_device_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [device_id, windows_device_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system_mdm_windows.rb b/jcapiv1/lib/jcapiv1/models/system_mdm_windows.rb new file mode 100644 index 0000000..575914a --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_mdm_windows.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemMdmWindows + attr_accessor :upn + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'upn' => :'upn' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'upn' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemMdmWindows` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemMdmWindows`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'upn') + self.upn = attributes[:'upn'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + upn == o.upn + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [upn].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system_network_interfaces.rb b/jcapiv1/lib/jcapiv1/models/system_network_interfaces.rb index 3e77097..5750e56 100644 --- a/jcapiv1/lib/jcapiv1/models/system_network_interfaces.rb +++ b/jcapiv1/lib/jcapiv1/models/system_network_interfaces.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class SystemNetworkInterfaces attr_accessor :address @@ -23,6 +21,27 @@ class SystemNetworkInterfaces attr_accessor :name + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map @@ -35,52 +54,76 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'address' => :'String', - :'family' => :'String', - :'internal' => :'BOOLEAN', - :'name' => :'String' + :'address' => :'Object', + :'family' => :'Object', + :'internal' => :'Object', + :'name' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemNetworkInterfaces` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemNetworkInterfaces`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'address') + if attributes.key?(:'address') self.address = attributes[:'address'] end - if attributes.has_key?(:'family') + if attributes.key?(:'family') self.family = attributes[:'family'] end - if attributes.has_key?(:'internal') + if attributes.key?(:'internal') self.internal = attributes[:'internal'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + family_validator = EnumAttributeValidator.new('Object', ['IPv4', 'IPv6']) + return false unless family_validator.valid?(@family) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] family Object to be assigned + def family=(family) + validator = EnumAttributeValidator.new('Object', ['IPv4', 'IPv6']) + unless validator.valid?(family) + fail ArgumentError, "invalid value for \"family\", must be one of #{validator.allowable_values}." + end + @family = family end # Checks equality by comparing each attribute. @@ -101,26 +144,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [address, family, internal, name].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -142,7 +194,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -163,8 +215,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -186,7 +237,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -198,7 +253,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -208,8 +263,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/system_os_version_detail.rb b/jcapiv1/lib/jcapiv1/models/system_os_version_detail.rb new file mode 100644 index 0000000..f126cdc --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_os_version_detail.rb @@ -0,0 +1,287 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemOsVersionDetail + attr_accessor :distribution_name + + attr_accessor :major + + attr_accessor :major_number + + attr_accessor :minor + + attr_accessor :minor_number + + attr_accessor :os_name + + attr_accessor :patch + + attr_accessor :patch_number + + attr_accessor :release_name + + attr_accessor :revision + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'distribution_name' => :'distributionName', + :'major' => :'major', + :'major_number' => :'majorNumber', + :'minor' => :'minor', + :'minor_number' => :'minorNumber', + :'os_name' => :'osName', + :'patch' => :'patch', + :'patch_number' => :'patchNumber', + :'release_name' => :'releaseName', + :'revision' => :'revision' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'distribution_name' => :'Object', + :'major' => :'Object', + :'major_number' => :'Object', + :'minor' => :'Object', + :'minor_number' => :'Object', + :'os_name' => :'Object', + :'patch' => :'Object', + :'patch_number' => :'Object', + :'release_name' => :'Object', + :'revision' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemOsVersionDetail` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemOsVersionDetail`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'distribution_name') + self.distribution_name = attributes[:'distribution_name'] + end + + if attributes.key?(:'major') + self.major = attributes[:'major'] + end + + if attributes.key?(:'major_number') + self.major_number = attributes[:'major_number'] + end + + if attributes.key?(:'minor') + self.minor = attributes[:'minor'] + end + + if attributes.key?(:'minor_number') + self.minor_number = attributes[:'minor_number'] + end + + if attributes.key?(:'os_name') + self.os_name = attributes[:'os_name'] + end + + if attributes.key?(:'patch') + self.patch = attributes[:'patch'] + end + + if attributes.key?(:'patch_number') + self.patch_number = attributes[:'patch_number'] + end + + if attributes.key?(:'release_name') + self.release_name = attributes[:'release_name'] + end + + if attributes.key?(:'revision') + self.revision = attributes[:'revision'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + distribution_name == o.distribution_name && + major == o.major && + major_number == o.major_number && + minor == o.minor && + minor_number == o.minor_number && + os_name == o.os_name && + patch == o.patch && + patch_number == o.patch_number && + release_name == o.release_name && + revision == o.revision + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [distribution_name, major, major_number, minor, minor_number, os_name, patch, patch_number, release_name, revision].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system_provision_metadata.rb b/jcapiv1/lib/jcapiv1/models/system_provision_metadata.rb new file mode 100644 index 0000000..ea0608d --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_provision_metadata.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemProvisionMetadata + attr_accessor :provisioner + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'provisioner' => :'provisioner' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'provisioner' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemProvisionMetadata` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemProvisionMetadata`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'provisioner') + self.provisioner = attributes[:'provisioner'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + provisioner == o.provisioner + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [provisioner].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system_provision_metadata_provisioner.rb b/jcapiv1/lib/jcapiv1/models/system_provision_metadata_provisioner.rb new file mode 100644 index 0000000..f9c5e31 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_provision_metadata_provisioner.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemProvisionMetadataProvisioner + attr_accessor :provisioner_id + + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'provisioner_id' => :'provisionerId', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'provisioner_id' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemProvisionMetadataProvisioner` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemProvisionMetadataProvisioner`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'provisioner_id') + self.provisioner_id = attributes[:'provisioner_id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + else + self.type = 'administrator' + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + type_validator = EnumAttributeValidator.new('Object', ['administrator', 'mdm', 'user']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('Object', ['administrator', 'mdm', 'user']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + provisioner_id == o.provisioner_id && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [provisioner_id, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system_secure_login.rb b/jcapiv1/lib/jcapiv1/models/system_secure_login.rb new file mode 100644 index 0000000..ce01492 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_secure_login.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemSecureLogin + attr_accessor :enabled + + attr_accessor :supported + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'enabled' => :'enabled', + :'supported' => :'supported' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'enabled' => :'Object', + :'supported' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemSecureLogin` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemSecureLogin`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'supported') + self.supported = attributes[:'supported'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enabled == o.enabled && + supported == o.supported + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [enabled, supported].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system_service_account_state.rb b/jcapiv1/lib/jcapiv1/models/system_service_account_state.rb new file mode 100644 index 0000000..860660a --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_service_account_state.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemServiceAccountState + attr_accessor :has_secure_token + + attr_accessor :password_apfs_valid + + attr_accessor :password_od_valid + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'has_secure_token' => :'hasSecureToken', + :'password_apfs_valid' => :'passwordAPFSValid', + :'password_od_valid' => :'passwordODValid' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'has_secure_token' => :'Object', + :'password_apfs_valid' => :'Object', + :'password_od_valid' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemServiceAccountState` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemServiceAccountState`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'has_secure_token') + self.has_secure_token = attributes[:'has_secure_token'] + end + + if attributes.key?(:'password_apfs_valid') + self.password_apfs_valid = attributes[:'password_apfs_valid'] + end + + if attributes.key?(:'password_od_valid') + self.password_od_valid = attributes[:'password_od_valid'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + has_secure_token == o.has_secure_token && + password_apfs_valid == o.password_apfs_valid && + password_od_valid == o.password_od_valid + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [has_secure_token, password_apfs_valid, password_od_valid].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/system_sshd_params.rb b/jcapiv1/lib/jcapiv1/models/system_sshd_params.rb index 698842a..b0902d0 100644 --- a/jcapiv1/lib/jcapiv1/models/system_sshd_params.rb +++ b/jcapiv1/lib/jcapiv1/models/system_sshd_params.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class SystemSshdParams attr_accessor :name attr_accessor :value - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'name' => :'String', - :'value' => :'String' + :'name' => :'Object', + :'value' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemSshdParams` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemSshdParams`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'value') + if attributes.key?(:'value') self.value = attributes[:'value'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [name, value].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/system_system_insights.rb b/jcapiv1/lib/jcapiv1/models/system_system_insights.rb index 033603c..df7ad3d 100644 --- a/jcapiv1/lib/jcapiv1/models/system_system_insights.rb +++ b/jcapiv1/lib/jcapiv1/models/system_system_insights.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class SystemSystemInsights attr_accessor :state @@ -47,47 +45,59 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'state' => :'String' + :'state' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemSystemInsights` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemSystemInsights`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'state') + if attributes.key?(:'state') self.state = attributes[:'state'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - state_validator = EnumAttributeValidator.new('String', ["enabled", "disabled", "deferred"]) + state_validator = EnumAttributeValidator.new('Object', ['enabled', 'disabled', 'deferred']) return false unless state_validator.valid?(@state) - return true + true end # Custom attribute writer method checking allowed values (enum). # @param [Object] state Object to be assigned def state=(state) - validator = EnumAttributeValidator.new('String', ["enabled", "disabled", "deferred"]) + validator = EnumAttributeValidator.new('Object', ['enabled', 'disabled', 'deferred']) unless validator.valid?(state) - fail ArgumentError, "invalid value for 'state', must be one of #{validator.allowable_values}." + fail ArgumentError, "invalid value for \"state\", must be one of #{validator.allowable_values}." end @state = state end @@ -107,26 +117,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [state].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -148,7 +167,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -169,8 +188,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -192,7 +210,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -204,7 +226,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -214,8 +236,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/system_user_metrics.rb b/jcapiv1/lib/jcapiv1/models/system_user_metrics.rb new file mode 100644 index 0000000..e60a969 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/system_user_metrics.rb @@ -0,0 +1,242 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemUserMetrics + attr_accessor :admin + + attr_accessor :managed + + attr_accessor :secure_token_enabled + + attr_accessor :suspended + + attr_accessor :user_name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'admin' => :'admin', + :'managed' => :'managed', + :'secure_token_enabled' => :'secureTokenEnabled', + :'suspended' => :'suspended', + :'user_name' => :'userName' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'admin' => :'Object', + :'managed' => :'Object', + :'secure_token_enabled' => :'Object', + :'suspended' => :'Object', + :'user_name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemUserMetrics` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemUserMetrics`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'admin') + self.admin = attributes[:'admin'] + end + + if attributes.key?(:'managed') + self.managed = attributes[:'managed'] + end + + if attributes.key?(:'secure_token_enabled') + self.secure_token_enabled = attributes[:'secure_token_enabled'] + end + + if attributes.key?(:'suspended') + self.suspended = attributes[:'suspended'] + end + + if attributes.key?(:'user_name') + self.user_name = attributes[:'user_name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + admin == o.admin && + managed == o.managed && + secure_token_enabled == o.secure_token_enabled && + suspended == o.suspended && + user_name == o.user_name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [admin, managed, secure_token_enabled, suspended, user_name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/systemput.rb b/jcapiv1/lib/jcapiv1/models/systemput.rb index 7737700..a79ca46 100644 --- a/jcapiv1/lib/jcapiv1/models/systemput.rb +++ b/jcapiv1/lib/jcapiv1/models/systemput.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Systemput attr_accessor :agent_bound_messages @@ -29,7 +27,6 @@ class Systemput attr_accessor :tags - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -44,71 +41,83 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'agent_bound_messages' => :'Array', - :'allow_multi_factor_authentication' => :'BOOLEAN', - :'allow_public_key_authentication' => :'BOOLEAN', - :'allow_ssh_password_authentication' => :'BOOLEAN', - :'allow_ssh_root_login' => :'BOOLEAN', - :'display_name' => :'String', - :'tags' => :'Array' + :'agent_bound_messages' => :'Object', + :'allow_multi_factor_authentication' => :'Object', + :'allow_public_key_authentication' => :'Object', + :'allow_ssh_password_authentication' => :'Object', + :'allow_ssh_root_login' => :'Object', + :'display_name' => :'Object', + :'tags' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Systemput` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Systemput`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'agentBoundMessages') - if (value = attributes[:'agentBoundMessages']).is_a?(Array) + if attributes.key?(:'agent_bound_messages') + if (value = attributes[:'agent_bound_messages']).is_a?(Array) self.agent_bound_messages = value end end - if attributes.has_key?(:'allowMultiFactorAuthentication') - self.allow_multi_factor_authentication = attributes[:'allowMultiFactorAuthentication'] + if attributes.key?(:'allow_multi_factor_authentication') + self.allow_multi_factor_authentication = attributes[:'allow_multi_factor_authentication'] end - if attributes.has_key?(:'allowPublicKeyAuthentication') - self.allow_public_key_authentication = attributes[:'allowPublicKeyAuthentication'] + if attributes.key?(:'allow_public_key_authentication') + self.allow_public_key_authentication = attributes[:'allow_public_key_authentication'] end - if attributes.has_key?(:'allowSshPasswordAuthentication') - self.allow_ssh_password_authentication = attributes[:'allowSshPasswordAuthentication'] + if attributes.key?(:'allow_ssh_password_authentication') + self.allow_ssh_password_authentication = attributes[:'allow_ssh_password_authentication'] end - if attributes.has_key?(:'allowSshRootLogin') - self.allow_ssh_root_login = attributes[:'allowSshRootLogin'] + if attributes.key?(:'allow_ssh_root_login') + self.allow_ssh_root_login = attributes[:'allow_ssh_root_login'] end - if attributes.has_key?(:'displayName') - self.display_name = attributes[:'displayName'] + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] end - if attributes.has_key?(:'tags') + if attributes.key?(:'tags') if (value = attributes[:'tags']).is_a?(Array) self.tags = value end end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -132,26 +141,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [agent_bound_messages, allow_multi_factor_authentication, allow_public_key_authentication, allow_ssh_password_authentication, allow_ssh_root_login, display_name, tags].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -173,7 +191,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -194,8 +212,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -217,7 +234,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -229,7 +250,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -239,8 +260,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemput_agent_bound_messages.rb b/jcapiv1/lib/jcapiv1/models/systemput_agent_bound_messages.rb index 64a28f0..9eedc59 100644 --- a/jcapiv1/lib/jcapiv1/models/systemput_agent_bound_messages.rb +++ b/jcapiv1/lib/jcapiv1/models/systemput_agent_bound_messages.rb @@ -1,23 +1,20 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class SystemputAgentBoundMessages attr_accessor :cmd - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -26,37 +23,49 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'cmd' => :'String' + :'cmd' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemputAgentBoundMessages` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemputAgentBoundMessages`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'cmd') + if attributes.key?(:'cmd') self.cmd = attributes[:'cmd'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -74,26 +83,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [cmd].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -115,7 +133,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -136,8 +154,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -159,7 +176,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -171,7 +192,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -181,8 +202,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemslist.rb b/jcapiv1/lib/jcapiv1/models/systemslist.rb index b3b0e28..843d8fd 100644 --- a/jcapiv1/lib/jcapiv1/models/systemslist.rb +++ b/jcapiv1/lib/jcapiv1/models/systemslist.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Systemslist # The list of systems. attr_accessor :results @@ -21,7 +19,6 @@ class Systemslist # The total number of systems. attr_accessor :total_count - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -31,44 +28,56 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'results' => :'Array', - :'total_count' => :'Integer' + :'results' => :'Object', + :'total_count' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Systemslist` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Systemslist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'results') + if attributes.key?(:'results') if (value = attributes[:'results']).is_a?(Array) self.results = value end end - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -87,26 +96,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [results, total_count].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -128,7 +146,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -149,8 +167,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -172,7 +189,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -184,7 +205,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -194,8 +215,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemuser.rb b/jcapiv1/lib/jcapiv1/models/systemuser.rb deleted file mode 100644 index 05c4a3d..0000000 --- a/jcapiv1/lib/jcapiv1/models/systemuser.rb +++ /dev/null @@ -1,827 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Systemuser - attr_accessor :_id - - attr_accessor :account_locked - - attr_accessor :activated - - attr_accessor :allow_public_key - - attr_accessor :associated_tag_count - - attr_accessor :attributes - - attr_accessor :company - - attr_accessor :cost_center - - attr_accessor :created - - attr_accessor :department - - attr_accessor :description - - attr_accessor :displayname - - attr_accessor :email - - # Must be unique per user. - attr_accessor :employee_identifier - - attr_accessor :employee_type - - attr_accessor :enable_managed_uid - - attr_accessor :enable_user_portal_multifactor - - attr_accessor :external_dn - - attr_accessor :external_source_type - - attr_accessor :externally_managed - - attr_accessor :firstname - - attr_accessor :job_title - - attr_accessor :lastname - - attr_accessor :ldap_binding_user - - attr_accessor :location - - attr_accessor :mfa - - attr_accessor :middlename - - attr_accessor :password_expiration_date - - attr_accessor :password_expired - - attr_accessor :password_never_expires - - attr_accessor :passwordless_sudo - - attr_accessor :public_key - - attr_accessor :samba_service_user - - attr_accessor :ssh_keys - - attr_accessor :sudo - - attr_accessor :suspended - - attr_accessor :tags - - attr_accessor :totp_enabled - - attr_accessor :unix_guid - - attr_accessor :unix_uid - - attr_accessor :username - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'_id' => :'_id', - :'account_locked' => :'account_locked', - :'activated' => :'activated', - :'allow_public_key' => :'allow_public_key', - :'associated_tag_count' => :'associatedTagCount', - :'attributes' => :'attributes', - :'company' => :'company', - :'cost_center' => :'costCenter', - :'created' => :'created', - :'department' => :'department', - :'description' => :'description', - :'displayname' => :'displayname', - :'email' => :'email', - :'employee_identifier' => :'employeeIdentifier', - :'employee_type' => :'employeeType', - :'enable_managed_uid' => :'enable_managed_uid', - :'enable_user_portal_multifactor' => :'enable_user_portal_multifactor', - :'external_dn' => :'external_dn', - :'external_source_type' => :'external_source_type', - :'externally_managed' => :'externally_managed', - :'firstname' => :'firstname', - :'job_title' => :'jobTitle', - :'lastname' => :'lastname', - :'ldap_binding_user' => :'ldap_binding_user', - :'location' => :'location', - :'mfa' => :'mfa', - :'middlename' => :'middlename', - :'password_expiration_date' => :'password_expiration_date', - :'password_expired' => :'password_expired', - :'password_never_expires' => :'password_never_expires', - :'passwordless_sudo' => :'passwordless_sudo', - :'public_key' => :'public_key', - :'samba_service_user' => :'samba_service_user', - :'ssh_keys' => :'ssh_keys', - :'sudo' => :'sudo', - :'suspended' => :'suspended', - :'tags' => :'tags', - :'totp_enabled' => :'totp_enabled', - :'unix_guid' => :'unix_guid', - :'unix_uid' => :'unix_uid', - :'username' => :'username' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'_id' => :'String', - :'account_locked' => :'BOOLEAN', - :'activated' => :'BOOLEAN', - :'allow_public_key' => :'BOOLEAN', - :'associated_tag_count' => :'Integer', - :'attributes' => :'Array', - :'company' => :'String', - :'cost_center' => :'String', - :'created' => :'String', - :'department' => :'String', - :'description' => :'String', - :'displayname' => :'String', - :'email' => :'String', - :'employee_identifier' => :'String', - :'employee_type' => :'String', - :'enable_managed_uid' => :'BOOLEAN', - :'enable_user_portal_multifactor' => :'BOOLEAN', - :'external_dn' => :'String', - :'external_source_type' => :'String', - :'externally_managed' => :'BOOLEAN', - :'firstname' => :'String', - :'job_title' => :'String', - :'lastname' => :'String', - :'ldap_binding_user' => :'BOOLEAN', - :'location' => :'String', - :'mfa' => :'Mfa', - :'middlename' => :'String', - :'password_expiration_date' => :'String', - :'password_expired' => :'BOOLEAN', - :'password_never_expires' => :'BOOLEAN', - :'passwordless_sudo' => :'BOOLEAN', - :'public_key' => :'String', - :'samba_service_user' => :'BOOLEAN', - :'ssh_keys' => :'Array', - :'sudo' => :'BOOLEAN', - :'suspended' => :'BOOLEAN', - :'tags' => :'Array', - :'totp_enabled' => :'BOOLEAN', - :'unix_guid' => :'Integer', - :'unix_uid' => :'Integer', - :'username' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'_id') - self._id = attributes[:'_id'] - end - - if attributes.has_key?(:'account_locked') - self.account_locked = attributes[:'account_locked'] - end - - if attributes.has_key?(:'activated') - self.activated = attributes[:'activated'] - end - - if attributes.has_key?(:'allow_public_key') - self.allow_public_key = attributes[:'allow_public_key'] - end - - if attributes.has_key?(:'associatedTagCount') - self.associated_tag_count = attributes[:'associatedTagCount'] - end - - if attributes.has_key?(:'attributes') - if (value = attributes[:'attributes']).is_a?(Array) - self.attributes = value - end - end - - if attributes.has_key?(:'company') - self.company = attributes[:'company'] - end - - if attributes.has_key?(:'costCenter') - self.cost_center = attributes[:'costCenter'] - end - - if attributes.has_key?(:'created') - self.created = attributes[:'created'] - end - - if attributes.has_key?(:'department') - self.department = attributes[:'department'] - end - - if attributes.has_key?(:'description') - self.description = attributes[:'description'] - end - - if attributes.has_key?(:'displayname') - self.displayname = attributes[:'displayname'] - end - - if attributes.has_key?(:'email') - self.email = attributes[:'email'] - end - - if attributes.has_key?(:'employeeIdentifier') - self.employee_identifier = attributes[:'employeeIdentifier'] - end - - if attributes.has_key?(:'employeeType') - self.employee_type = attributes[:'employeeType'] - end - - if attributes.has_key?(:'enable_managed_uid') - self.enable_managed_uid = attributes[:'enable_managed_uid'] - end - - if attributes.has_key?(:'enable_user_portal_multifactor') - self.enable_user_portal_multifactor = attributes[:'enable_user_portal_multifactor'] - end - - if attributes.has_key?(:'external_dn') - self.external_dn = attributes[:'external_dn'] - end - - if attributes.has_key?(:'external_source_type') - self.external_source_type = attributes[:'external_source_type'] - end - - if attributes.has_key?(:'externally_managed') - self.externally_managed = attributes[:'externally_managed'] - end - - if attributes.has_key?(:'firstname') - self.firstname = attributes[:'firstname'] - end - - if attributes.has_key?(:'jobTitle') - self.job_title = attributes[:'jobTitle'] - end - - if attributes.has_key?(:'lastname') - self.lastname = attributes[:'lastname'] - end - - if attributes.has_key?(:'ldap_binding_user') - self.ldap_binding_user = attributes[:'ldap_binding_user'] - end - - if attributes.has_key?(:'location') - self.location = attributes[:'location'] - end - - if attributes.has_key?(:'mfa') - self.mfa = attributes[:'mfa'] - end - - if attributes.has_key?(:'middlename') - self.middlename = attributes[:'middlename'] - end - - if attributes.has_key?(:'password_expiration_date') - self.password_expiration_date = attributes[:'password_expiration_date'] - end - - if attributes.has_key?(:'password_expired') - self.password_expired = attributes[:'password_expired'] - end - - if attributes.has_key?(:'password_never_expires') - self.password_never_expires = attributes[:'password_never_expires'] - end - - if attributes.has_key?(:'passwordless_sudo') - self.passwordless_sudo = attributes[:'passwordless_sudo'] - end - - if attributes.has_key?(:'public_key') - self.public_key = attributes[:'public_key'] - end - - if attributes.has_key?(:'samba_service_user') - self.samba_service_user = attributes[:'samba_service_user'] - end - - if attributes.has_key?(:'ssh_keys') - if (value = attributes[:'ssh_keys']).is_a?(Array) - self.ssh_keys = value - end - end - - if attributes.has_key?(:'sudo') - self.sudo = attributes[:'sudo'] - end - - if attributes.has_key?(:'suspended') - self.suspended = attributes[:'suspended'] - end - - if attributes.has_key?(:'tags') - if (value = attributes[:'tags']).is_a?(Array) - self.tags = value - end - end - - if attributes.has_key?(:'totp_enabled') - self.totp_enabled = attributes[:'totp_enabled'] - end - - if attributes.has_key?(:'unix_guid') - self.unix_guid = attributes[:'unix_guid'] - end - - if attributes.has_key?(:'unix_uid') - self.unix_uid = attributes[:'unix_uid'] - end - - if attributes.has_key?(:'username') - self.username = attributes[:'username'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if !@associated_tag_count.nil? && @associated_tag_count < 0 - invalid_properties.push("invalid value for 'associated_tag_count', must be greater than or equal to 0.") - end - - if !@company.nil? && @company.to_s.length > 1024 - invalid_properties.push("invalid value for 'company', the character length must be smaller than or equal to 1024.") - end - - if !@cost_center.nil? && @cost_center.to_s.length > 1024 - invalid_properties.push("invalid value for 'cost_center', the character length must be smaller than or equal to 1024.") - end - - if !@department.nil? && @department.to_s.length > 1024 - invalid_properties.push("invalid value for 'department', the character length must be smaller than or equal to 1024.") - end - - if !@description.nil? && @description.to_s.length > 1024 - invalid_properties.push("invalid value for 'description', the character length must be smaller than or equal to 1024.") - end - - if !@displayname.nil? && @displayname.to_s.length > 1024 - invalid_properties.push("invalid value for 'displayname', the character length must be smaller than or equal to 1024.") - end - - if !@email.nil? && @email.to_s.length > 1024 - invalid_properties.push("invalid value for 'email', the character length must be smaller than or equal to 1024.") - end - - if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - invalid_properties.push("invalid value for 'employee_identifier', the character length must be smaller than or equal to 256.") - end - - if !@employee_type.nil? && @employee_type.to_s.length > 1024 - invalid_properties.push("invalid value for 'employee_type', the character length must be smaller than or equal to 1024.") - end - - if !@firstname.nil? && @firstname.to_s.length > 1024 - invalid_properties.push("invalid value for 'firstname', the character length must be smaller than or equal to 1024.") - end - - if !@job_title.nil? && @job_title.to_s.length > 1024 - invalid_properties.push("invalid value for 'job_title', the character length must be smaller than or equal to 1024.") - end - - if !@lastname.nil? && @lastname.to_s.length > 1024 - invalid_properties.push("invalid value for 'lastname', the character length must be smaller than or equal to 1024.") - end - - if !@location.nil? && @location.to_s.length > 1024 - invalid_properties.push("invalid value for 'location', the character length must be smaller than or equal to 1024.") - end - - if !@middlename.nil? && @middlename.to_s.length > 1024 - invalid_properties.push("invalid value for 'middlename', the character length must be smaller than or equal to 1024.") - end - - if !@unix_guid.nil? && @unix_guid < 1 - invalid_properties.push("invalid value for 'unix_guid', must be greater than or equal to 1.") - end - - if !@unix_uid.nil? && @unix_uid < 1 - invalid_properties.push("invalid value for 'unix_uid', must be greater than or equal to 1.") - end - - if !@username.nil? && @username.to_s.length > 1024 - invalid_properties.push("invalid value for 'username', the character length must be smaller than or equal to 1024.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if !@associated_tag_count.nil? && @associated_tag_count < 0 - return false if !@company.nil? && @company.to_s.length > 1024 - return false if !@cost_center.nil? && @cost_center.to_s.length > 1024 - return false if !@department.nil? && @department.to_s.length > 1024 - return false if !@description.nil? && @description.to_s.length > 1024 - return false if !@displayname.nil? && @displayname.to_s.length > 1024 - return false if !@email.nil? && @email.to_s.length > 1024 - return false if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - return false if !@employee_type.nil? && @employee_type.to_s.length > 1024 - return false if !@firstname.nil? && @firstname.to_s.length > 1024 - return false if !@job_title.nil? && @job_title.to_s.length > 1024 - return false if !@lastname.nil? && @lastname.to_s.length > 1024 - return false if !@location.nil? && @location.to_s.length > 1024 - return false if !@middlename.nil? && @middlename.to_s.length > 1024 - return false if !@unix_guid.nil? && @unix_guid < 1 - return false if !@unix_uid.nil? && @unix_uid < 1 - return false if !@username.nil? && @username.to_s.length > 1024 - return true - end - - # Custom attribute writer method with validation - # @param [Object] associated_tag_count Value to be assigned - def associated_tag_count=(associated_tag_count) - - if !associated_tag_count.nil? && associated_tag_count < 0 - fail ArgumentError, "invalid value for 'associated_tag_count', must be greater than or equal to 0." - end - - @associated_tag_count = associated_tag_count - end - - # Custom attribute writer method with validation - # @param [Object] company Value to be assigned - def company=(company) - - if !company.nil? && company.to_s.length > 1024 - fail ArgumentError, "invalid value for 'company', the character length must be smaller than or equal to 1024." - end - - @company = company - end - - # Custom attribute writer method with validation - # @param [Object] cost_center Value to be assigned - def cost_center=(cost_center) - - if !cost_center.nil? && cost_center.to_s.length > 1024 - fail ArgumentError, "invalid value for 'cost_center', the character length must be smaller than or equal to 1024." - end - - @cost_center = cost_center - end - - # Custom attribute writer method with validation - # @param [Object] department Value to be assigned - def department=(department) - - if !department.nil? && department.to_s.length > 1024 - fail ArgumentError, "invalid value for 'department', the character length must be smaller than or equal to 1024." - end - - @department = department - end - - # Custom attribute writer method with validation - # @param [Object] description Value to be assigned - def description=(description) - - if !description.nil? && description.to_s.length > 1024 - fail ArgumentError, "invalid value for 'description', the character length must be smaller than or equal to 1024." - end - - @description = description - end - - # Custom attribute writer method with validation - # @param [Object] displayname Value to be assigned - def displayname=(displayname) - - if !displayname.nil? && displayname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'displayname', the character length must be smaller than or equal to 1024." - end - - @displayname = displayname - end - - # Custom attribute writer method with validation - # @param [Object] email Value to be assigned - def email=(email) - - if !email.nil? && email.to_s.length > 1024 - fail ArgumentError, "invalid value for 'email', the character length must be smaller than or equal to 1024." - end - - @email = email - end - - # Custom attribute writer method with validation - # @param [Object] employee_identifier Value to be assigned - def employee_identifier=(employee_identifier) - - if !employee_identifier.nil? && employee_identifier.to_s.length > 256 - fail ArgumentError, "invalid value for 'employee_identifier', the character length must be smaller than or equal to 256." - end - - @employee_identifier = employee_identifier - end - - # Custom attribute writer method with validation - # @param [Object] employee_type Value to be assigned - def employee_type=(employee_type) - - if !employee_type.nil? && employee_type.to_s.length > 1024 - fail ArgumentError, "invalid value for 'employee_type', the character length must be smaller than or equal to 1024." - end - - @employee_type = employee_type - end - - # Custom attribute writer method with validation - # @param [Object] firstname Value to be assigned - def firstname=(firstname) - - if !firstname.nil? && firstname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'firstname', the character length must be smaller than or equal to 1024." - end - - @firstname = firstname - end - - # Custom attribute writer method with validation - # @param [Object] job_title Value to be assigned - def job_title=(job_title) - - if !job_title.nil? && job_title.to_s.length > 1024 - fail ArgumentError, "invalid value for 'job_title', the character length must be smaller than or equal to 1024." - end - - @job_title = job_title - end - - # Custom attribute writer method with validation - # @param [Object] lastname Value to be assigned - def lastname=(lastname) - - if !lastname.nil? && lastname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'lastname', the character length must be smaller than or equal to 1024." - end - - @lastname = lastname - end - - # Custom attribute writer method with validation - # @param [Object] location Value to be assigned - def location=(location) - - if !location.nil? && location.to_s.length > 1024 - fail ArgumentError, "invalid value for 'location', the character length must be smaller than or equal to 1024." - end - - @location = location - end - - # Custom attribute writer method with validation - # @param [Object] middlename Value to be assigned - def middlename=(middlename) - - if !middlename.nil? && middlename.to_s.length > 1024 - fail ArgumentError, "invalid value for 'middlename', the character length must be smaller than or equal to 1024." - end - - @middlename = middlename - end - - # Custom attribute writer method with validation - # @param [Object] unix_guid Value to be assigned - def unix_guid=(unix_guid) - - if !unix_guid.nil? && unix_guid < 1 - fail ArgumentError, "invalid value for 'unix_guid', must be greater than or equal to 1." - end - - @unix_guid = unix_guid - end - - # Custom attribute writer method with validation - # @param [Object] unix_uid Value to be assigned - def unix_uid=(unix_uid) - - if !unix_uid.nil? && unix_uid < 1 - fail ArgumentError, "invalid value for 'unix_uid', must be greater than or equal to 1." - end - - @unix_uid = unix_uid - end - - # Custom attribute writer method with validation - # @param [Object] username Value to be assigned - def username=(username) - - if !username.nil? && username.to_s.length > 1024 - fail ArgumentError, "invalid value for 'username', the character length must be smaller than or equal to 1024." - end - - @username = username - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - _id == o._id && - account_locked == o.account_locked && - activated == o.activated && - allow_public_key == o.allow_public_key && - associated_tag_count == o.associated_tag_count && - attributes == o.attributes && - company == o.company && - cost_center == o.cost_center && - created == o.created && - department == o.department && - description == o.description && - displayname == o.displayname && - email == o.email && - employee_identifier == o.employee_identifier && - employee_type == o.employee_type && - enable_managed_uid == o.enable_managed_uid && - enable_user_portal_multifactor == o.enable_user_portal_multifactor && - external_dn == o.external_dn && - external_source_type == o.external_source_type && - externally_managed == o.externally_managed && - firstname == o.firstname && - job_title == o.job_title && - lastname == o.lastname && - ldap_binding_user == o.ldap_binding_user && - location == o.location && - mfa == o.mfa && - middlename == o.middlename && - password_expiration_date == o.password_expiration_date && - password_expired == o.password_expired && - password_never_expires == o.password_never_expires && - passwordless_sudo == o.passwordless_sudo && - public_key == o.public_key && - samba_service_user == o.samba_service_user && - ssh_keys == o.ssh_keys && - sudo == o.sudo && - suspended == o.suspended && - tags == o.tags && - totp_enabled == o.totp_enabled && - unix_guid == o.unix_guid && - unix_uid == o.unix_uid && - username == o.username - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [_id, account_locked, activated, allow_public_key, associated_tag_count, attributes, company, cost_center, created, department, description, displayname, email, employee_identifier, employee_type, enable_managed_uid, enable_user_portal_multifactor, external_dn, external_source_type, externally_managed, firstname, job_title, lastname, ldap_binding_user, location, mfa, middlename, password_expiration_date, password_expired, password_never_expires, passwordless_sudo, public_key, samba_service_user, ssh_keys, sudo, suspended, tags, totp_enabled, unix_guid, unix_uid, username].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserbinding.rb b/jcapiv1/lib/jcapiv1/models/systemuserbinding.rb deleted file mode 100644 index 4ea0f81..0000000 --- a/jcapiv1/lib/jcapiv1/models/systemuserbinding.rb +++ /dev/null @@ -1,179 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Systemuserbinding - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - } - end - - # Attribute type mapping. - def self.swagger_types - { - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserbindingsput.rb b/jcapiv1/lib/jcapiv1/models/systemuserbindingsput.rb deleted file mode 100644 index 0239ed3..0000000 --- a/jcapiv1/lib/jcapiv1/models/systemuserbindingsput.rb +++ /dev/null @@ -1,213 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Systemuserbindingsput - # The list of systemuser ids to be added to this system. - attr_accessor :add - - # The list of systemuser ids to be removed from this system. - attr_accessor :remove - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'add' => :'add', - :'remove' => :'remove' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'add' => :'Array', - :'remove' => :'Array' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'add') - if (value = attributes[:'add']).is_a?(Array) - self.add = value - end - end - - if attributes.has_key?(:'remove') - if (value = attributes[:'remove']).is_a?(Array) - self.remove = value - end - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @add.nil? - invalid_properties.push("invalid value for 'add', add cannot be nil.") - end - - if @remove.nil? - invalid_properties.push("invalid value for 'remove', remove cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @add.nil? - return false if @remove.nil? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - add == o.add && - remove == o.remove - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [add, remove].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserput.rb b/jcapiv1/lib/jcapiv1/models/systemuserput.rb index 6ba190b..5625ada 100644 --- a/jcapiv1/lib/jcapiv1/models/systemuserput.rb +++ b/jcapiv1/lib/jcapiv1/models/systemuserput.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Systemuserput attr_accessor :account_locked @@ -22,6 +20,8 @@ class Systemuserput attr_accessor :allow_public_key + attr_accessor :alternate_email + attr_accessor :attributes attr_accessor :company @@ -32,6 +32,8 @@ class Systemuserput attr_accessor :description + attr_accessor :disable_device_max_login_attempts + attr_accessor :displayname attr_accessor :email @@ -47,6 +49,8 @@ class Systemuserput attr_accessor :external_dn + attr_accessor :external_password_expiration_date + attr_accessor :external_source_type attr_accessor :externally_managed @@ -61,6 +65,11 @@ class Systemuserput attr_accessor :location + attr_accessor :managed_apple_id + + # Relation with another systemuser to identify the last as a manager. + attr_accessor :manager + attr_accessor :mfa attr_accessor :middlename @@ -79,6 +88,8 @@ class Systemuserput attr_accessor :ssh_keys + attr_accessor :state + attr_accessor :sudo attr_accessor :suspended @@ -91,6 +102,27 @@ class Systemuserput attr_accessor :username + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map @@ -98,11 +130,13 @@ def self.attribute_map :'account_locked' => :'account_locked', :'addresses' => :'addresses', :'allow_public_key' => :'allow_public_key', + :'alternate_email' => :'alternateEmail', :'attributes' => :'attributes', :'company' => :'company', :'cost_center' => :'costCenter', :'department' => :'department', :'description' => :'description', + :'disable_device_max_login_attempts' => :'disableDeviceMaxLoginAttempts', :'displayname' => :'displayname', :'email' => :'email', :'employee_identifier' => :'employeeIdentifier', @@ -110,6 +144,7 @@ def self.attribute_map :'enable_managed_uid' => :'enable_managed_uid', :'enable_user_portal_multifactor' => :'enable_user_portal_multifactor', :'external_dn' => :'external_dn', + :'external_password_expiration_date' => :'external_password_expiration_date', :'external_source_type' => :'external_source_type', :'externally_managed' => :'externally_managed', :'firstname' => :'firstname', @@ -117,6 +152,8 @@ def self.attribute_map :'lastname' => :'lastname', :'ldap_binding_user' => :'ldap_binding_user', :'location' => :'location', + :'managed_apple_id' => :'managedAppleId', + :'manager' => :'manager', :'mfa' => :'mfa', :'middlename' => :'middlename', :'password' => :'password', @@ -126,6 +163,7 @@ def self.attribute_map :'relationships' => :'relationships', :'samba_service_user' => :'samba_service_user', :'ssh_keys' => :'ssh_keys', + :'state' => :'state', :'sudo' => :'sudo', :'suspended' => :'suspended', :'tags' => :'tags', @@ -136,485 +174,283 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'account_locked' => :'BOOLEAN', - :'addresses' => :'Array', - :'allow_public_key' => :'BOOLEAN', - :'attributes' => :'Array', - :'company' => :'String', - :'cost_center' => :'String', - :'department' => :'String', - :'description' => :'String', - :'displayname' => :'String', - :'email' => :'String', - :'employee_identifier' => :'String', - :'employee_type' => :'String', - :'enable_managed_uid' => :'BOOLEAN', - :'enable_user_portal_multifactor' => :'BOOLEAN', - :'external_dn' => :'String', - :'external_source_type' => :'String', - :'externally_managed' => :'BOOLEAN', - :'firstname' => :'String', - :'job_title' => :'String', - :'lastname' => :'String', - :'ldap_binding_user' => :'BOOLEAN', - :'location' => :'String', - :'mfa' => :'Mfa', - :'middlename' => :'String', - :'password' => :'String', - :'password_never_expires' => :'BOOLEAN', - :'phone_numbers' => :'Array', - :'public_key' => :'String', - :'relationships' => :'Array', - :'samba_service_user' => :'BOOLEAN', - :'ssh_keys' => :'Array', - :'sudo' => :'BOOLEAN', - :'suspended' => :'BOOLEAN', - :'tags' => :'Array', - :'unix_guid' => :'Integer', - :'unix_uid' => :'Integer', - :'username' => :'String' + :'account_locked' => :'Object', + :'addresses' => :'Object', + :'allow_public_key' => :'Object', + :'alternate_email' => :'Object', + :'attributes' => :'Object', + :'company' => :'Object', + :'cost_center' => :'Object', + :'department' => :'Object', + :'description' => :'Object', + :'disable_device_max_login_attempts' => :'Object', + :'displayname' => :'Object', + :'email' => :'Object', + :'employee_identifier' => :'Object', + :'employee_type' => :'Object', + :'enable_managed_uid' => :'Object', + :'enable_user_portal_multifactor' => :'Object', + :'external_dn' => :'Object', + :'external_password_expiration_date' => :'Object', + :'external_source_type' => :'Object', + :'externally_managed' => :'Object', + :'firstname' => :'Object', + :'job_title' => :'Object', + :'lastname' => :'Object', + :'ldap_binding_user' => :'Object', + :'location' => :'Object', + :'managed_apple_id' => :'Object', + :'manager' => :'Object', + :'mfa' => :'Object', + :'middlename' => :'Object', + :'password' => :'Object', + :'password_never_expires' => :'Object', + :'phone_numbers' => :'Object', + :'public_key' => :'Object', + :'relationships' => :'Object', + :'samba_service_user' => :'Object', + :'ssh_keys' => :'Object', + :'state' => :'Object', + :'sudo' => :'Object', + :'suspended' => :'Object', + :'tags' => :'Object', + :'unix_guid' => :'Object', + :'unix_uid' => :'Object', + :'username' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Systemuserput` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Systemuserput`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'account_locked') + if attributes.key?(:'account_locked') self.account_locked = attributes[:'account_locked'] end - if attributes.has_key?(:'addresses') + if attributes.key?(:'addresses') if (value = attributes[:'addresses']).is_a?(Array) self.addresses = value end end - if attributes.has_key?(:'allow_public_key') + if attributes.key?(:'allow_public_key') self.allow_public_key = attributes[:'allow_public_key'] end - if attributes.has_key?(:'attributes') + if attributes.key?(:'alternate_email') + self.alternate_email = attributes[:'alternate_email'] + end + + if attributes.key?(:'attributes') if (value = attributes[:'attributes']).is_a?(Array) self.attributes = value end end - if attributes.has_key?(:'company') + if attributes.key?(:'company') self.company = attributes[:'company'] end - if attributes.has_key?(:'costCenter') - self.cost_center = attributes[:'costCenter'] + if attributes.key?(:'cost_center') + self.cost_center = attributes[:'cost_center'] end - if attributes.has_key?(:'department') + if attributes.key?(:'department') self.department = attributes[:'department'] end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'displayname') + if attributes.key?(:'disable_device_max_login_attempts') + self.disable_device_max_login_attempts = attributes[:'disable_device_max_login_attempts'] + end + + if attributes.key?(:'displayname') self.displayname = attributes[:'displayname'] end - if attributes.has_key?(:'email') + if attributes.key?(:'email') self.email = attributes[:'email'] end - if attributes.has_key?(:'employeeIdentifier') - self.employee_identifier = attributes[:'employeeIdentifier'] + if attributes.key?(:'employee_identifier') + self.employee_identifier = attributes[:'employee_identifier'] end - if attributes.has_key?(:'employeeType') - self.employee_type = attributes[:'employeeType'] + if attributes.key?(:'employee_type') + self.employee_type = attributes[:'employee_type'] end - if attributes.has_key?(:'enable_managed_uid') + if attributes.key?(:'enable_managed_uid') self.enable_managed_uid = attributes[:'enable_managed_uid'] end - if attributes.has_key?(:'enable_user_portal_multifactor') + if attributes.key?(:'enable_user_portal_multifactor') self.enable_user_portal_multifactor = attributes[:'enable_user_portal_multifactor'] end - if attributes.has_key?(:'external_dn') + if attributes.key?(:'external_dn') self.external_dn = attributes[:'external_dn'] end - if attributes.has_key?(:'external_source_type') + if attributes.key?(:'external_password_expiration_date') + self.external_password_expiration_date = attributes[:'external_password_expiration_date'] + end + + if attributes.key?(:'external_source_type') self.external_source_type = attributes[:'external_source_type'] end - if attributes.has_key?(:'externally_managed') + if attributes.key?(:'externally_managed') self.externally_managed = attributes[:'externally_managed'] end - if attributes.has_key?(:'firstname') + if attributes.key?(:'firstname') self.firstname = attributes[:'firstname'] end - if attributes.has_key?(:'jobTitle') - self.job_title = attributes[:'jobTitle'] + if attributes.key?(:'job_title') + self.job_title = attributes[:'job_title'] end - if attributes.has_key?(:'lastname') + if attributes.key?(:'lastname') self.lastname = attributes[:'lastname'] end - if attributes.has_key?(:'ldap_binding_user') + if attributes.key?(:'ldap_binding_user') self.ldap_binding_user = attributes[:'ldap_binding_user'] end - if attributes.has_key?(:'location') + if attributes.key?(:'location') self.location = attributes[:'location'] end - if attributes.has_key?(:'mfa') + if attributes.key?(:'managed_apple_id') + self.managed_apple_id = attributes[:'managed_apple_id'] + end + + if attributes.key?(:'manager') + self.manager = attributes[:'manager'] + end + + if attributes.key?(:'mfa') self.mfa = attributes[:'mfa'] end - if attributes.has_key?(:'middlename') + if attributes.key?(:'middlename') self.middlename = attributes[:'middlename'] end - if attributes.has_key?(:'password') + if attributes.key?(:'password') self.password = attributes[:'password'] end - if attributes.has_key?(:'password_never_expires') + if attributes.key?(:'password_never_expires') self.password_never_expires = attributes[:'password_never_expires'] end - if attributes.has_key?(:'phoneNumbers') - if (value = attributes[:'phoneNumbers']).is_a?(Array) + if attributes.key?(:'phone_numbers') + if (value = attributes[:'phone_numbers']).is_a?(Array) self.phone_numbers = value end end - if attributes.has_key?(:'public_key') + if attributes.key?(:'public_key') self.public_key = attributes[:'public_key'] end - if attributes.has_key?(:'relationships') + if attributes.key?(:'relationships') if (value = attributes[:'relationships']).is_a?(Array) self.relationships = value end end - if attributes.has_key?(:'samba_service_user') + if attributes.key?(:'samba_service_user') self.samba_service_user = attributes[:'samba_service_user'] end - if attributes.has_key?(:'ssh_keys') + if attributes.key?(:'ssh_keys') if (value = attributes[:'ssh_keys']).is_a?(Array) self.ssh_keys = value end end - if attributes.has_key?(:'sudo') + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'sudo') self.sudo = attributes[:'sudo'] end - if attributes.has_key?(:'suspended') + if attributes.key?(:'suspended') self.suspended = attributes[:'suspended'] end - if attributes.has_key?(:'tags') + if attributes.key?(:'tags') if (value = attributes[:'tags']).is_a?(Array) self.tags = value end end - if attributes.has_key?(:'unix_guid') + if attributes.key?(:'unix_guid') self.unix_guid = attributes[:'unix_guid'] end - if attributes.has_key?(:'unix_uid') + if attributes.key?(:'unix_uid') self.unix_uid = attributes[:'unix_uid'] end - if attributes.has_key?(:'username') + if attributes.key?(:'username') self.username = attributes[:'username'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - if !@company.nil? && @company.to_s.length > 1024 - invalid_properties.push("invalid value for 'company', the character length must be smaller than or equal to 1024.") - end - - if !@cost_center.nil? && @cost_center.to_s.length > 1024 - invalid_properties.push("invalid value for 'cost_center', the character length must be smaller than or equal to 1024.") - end - - if !@department.nil? && @department.to_s.length > 1024 - invalid_properties.push("invalid value for 'department', the character length must be smaller than or equal to 1024.") - end - - if !@description.nil? && @description.to_s.length > 1024 - invalid_properties.push("invalid value for 'description', the character length must be smaller than or equal to 1024.") - end - - if !@displayname.nil? && @displayname.to_s.length > 1024 - invalid_properties.push("invalid value for 'displayname', the character length must be smaller than or equal to 1024.") - end - - if !@email.nil? && @email.to_s.length > 1024 - invalid_properties.push("invalid value for 'email', the character length must be smaller than or equal to 1024.") - end - - if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - invalid_properties.push("invalid value for 'employee_identifier', the character length must be smaller than or equal to 256.") - end - - if !@employee_type.nil? && @employee_type.to_s.length > 1024 - invalid_properties.push("invalid value for 'employee_type', the character length must be smaller than or equal to 1024.") - end - - if !@firstname.nil? && @firstname.to_s.length > 1024 - invalid_properties.push("invalid value for 'firstname', the character length must be smaller than or equal to 1024.") - end - - if !@job_title.nil? && @job_title.to_s.length > 1024 - invalid_properties.push("invalid value for 'job_title', the character length must be smaller than or equal to 1024.") - end - - if !@lastname.nil? && @lastname.to_s.length > 1024 - invalid_properties.push("invalid value for 'lastname', the character length must be smaller than or equal to 1024.") - end - - if !@location.nil? && @location.to_s.length > 1024 - invalid_properties.push("invalid value for 'location', the character length must be smaller than or equal to 1024.") - end - - if !@middlename.nil? && @middlename.to_s.length > 1024 - invalid_properties.push("invalid value for 'middlename', the character length must be smaller than or equal to 1024.") - end - - if !@unix_guid.nil? && @unix_guid < 1 - invalid_properties.push("invalid value for 'unix_guid', must be greater than or equal to 1.") - end - - if !@unix_uid.nil? && @unix_uid < 1 - invalid_properties.push("invalid value for 'unix_uid', must be greater than or equal to 1.") - end - - if !@username.nil? && @username.to_s.length > 1024 - invalid_properties.push("invalid value for 'username', the character length must be smaller than or equal to 1024.") - end - - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return false if !@company.nil? && @company.to_s.length > 1024 - return false if !@cost_center.nil? && @cost_center.to_s.length > 1024 - return false if !@department.nil? && @department.to_s.length > 1024 - return false if !@description.nil? && @description.to_s.length > 1024 - return false if !@displayname.nil? && @displayname.to_s.length > 1024 - return false if !@email.nil? && @email.to_s.length > 1024 - return false if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - return false if !@employee_type.nil? && @employee_type.to_s.length > 1024 - return false if !@firstname.nil? && @firstname.to_s.length > 1024 - return false if !@job_title.nil? && @job_title.to_s.length > 1024 - return false if !@lastname.nil? && @lastname.to_s.length > 1024 - return false if !@location.nil? && @location.to_s.length > 1024 - return false if !@middlename.nil? && @middlename.to_s.length > 1024 - return false if !@unix_guid.nil? && @unix_guid < 1 - return false if !@unix_uid.nil? && @unix_uid < 1 - return false if !@username.nil? && @username.to_s.length > 1024 - return true - end - - # Custom attribute writer method with validation - # @param [Object] company Value to be assigned - def company=(company) - - if !company.nil? && company.to_s.length > 1024 - fail ArgumentError, "invalid value for 'company', the character length must be smaller than or equal to 1024." - end - - @company = company - end - - # Custom attribute writer method with validation - # @param [Object] cost_center Value to be assigned - def cost_center=(cost_center) - - if !cost_center.nil? && cost_center.to_s.length > 1024 - fail ArgumentError, "invalid value for 'cost_center', the character length must be smaller than or equal to 1024." - end - - @cost_center = cost_center - end - - # Custom attribute writer method with validation - # @param [Object] department Value to be assigned - def department=(department) - - if !department.nil? && department.to_s.length > 1024 - fail ArgumentError, "invalid value for 'department', the character length must be smaller than or equal to 1024." - end - - @department = department - end - - # Custom attribute writer method with validation - # @param [Object] description Value to be assigned - def description=(description) - - if !description.nil? && description.to_s.length > 1024 - fail ArgumentError, "invalid value for 'description', the character length must be smaller than or equal to 1024." - end - - @description = description - end - - # Custom attribute writer method with validation - # @param [Object] displayname Value to be assigned - def displayname=(displayname) - - if !displayname.nil? && displayname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'displayname', the character length must be smaller than or equal to 1024." - end - - @displayname = displayname - end - - # Custom attribute writer method with validation - # @param [Object] email Value to be assigned - def email=(email) - - if !email.nil? && email.to_s.length > 1024 - fail ArgumentError, "invalid value for 'email', the character length must be smaller than or equal to 1024." - end - - @email = email - end - - # Custom attribute writer method with validation - # @param [Object] employee_identifier Value to be assigned - def employee_identifier=(employee_identifier) - - if !employee_identifier.nil? && employee_identifier.to_s.length > 256 - fail ArgumentError, "invalid value for 'employee_identifier', the character length must be smaller than or equal to 256." - end - - @employee_identifier = employee_identifier - end - - # Custom attribute writer method with validation - # @param [Object] employee_type Value to be assigned - def employee_type=(employee_type) - - if !employee_type.nil? && employee_type.to_s.length > 1024 - fail ArgumentError, "invalid value for 'employee_type', the character length must be smaller than or equal to 1024." - end - - @employee_type = employee_type - end - - # Custom attribute writer method with validation - # @param [Object] firstname Value to be assigned - def firstname=(firstname) - - if !firstname.nil? && firstname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'firstname', the character length must be smaller than or equal to 1024." - end - - @firstname = firstname - end - - # Custom attribute writer method with validation - # @param [Object] job_title Value to be assigned - def job_title=(job_title) - - if !job_title.nil? && job_title.to_s.length > 1024 - fail ArgumentError, "invalid value for 'job_title', the character length must be smaller than or equal to 1024." - end - - @job_title = job_title + state_validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'SUSPENDED']) + return false unless state_validator.valid?(@state) + true end - # Custom attribute writer method with validation - # @param [Object] lastname Value to be assigned - def lastname=(lastname) - - if !lastname.nil? && lastname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'lastname', the character length must be smaller than or equal to 1024." - end - - @lastname = lastname - end - - # Custom attribute writer method with validation - # @param [Object] location Value to be assigned - def location=(location) - - if !location.nil? && location.to_s.length > 1024 - fail ArgumentError, "invalid value for 'location', the character length must be smaller than or equal to 1024." - end - - @location = location - end - - # Custom attribute writer method with validation - # @param [Object] middlename Value to be assigned - def middlename=(middlename) - - if !middlename.nil? && middlename.to_s.length > 1024 - fail ArgumentError, "invalid value for 'middlename', the character length must be smaller than or equal to 1024." - end - - @middlename = middlename - end - - # Custom attribute writer method with validation - # @param [Object] unix_guid Value to be assigned - def unix_guid=(unix_guid) - - if !unix_guid.nil? && unix_guid < 1 - fail ArgumentError, "invalid value for 'unix_guid', must be greater than or equal to 1." - end - - @unix_guid = unix_guid - end - - # Custom attribute writer method with validation - # @param [Object] unix_uid Value to be assigned - def unix_uid=(unix_uid) - - if !unix_uid.nil? && unix_uid < 1 - fail ArgumentError, "invalid value for 'unix_uid', must be greater than or equal to 1." - end - - @unix_uid = unix_uid - end - - # Custom attribute writer method with validation - # @param [Object] username Value to be assigned - def username=(username) - - if !username.nil? && username.to_s.length > 1024 - fail ArgumentError, "invalid value for 'username', the character length must be smaller than or equal to 1024." + # Custom attribute writer method checking allowed values (enum). + # @param [Object] state Object to be assigned + def state=(state) + validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'SUSPENDED']) + unless validator.valid?(state) + fail ArgumentError, "invalid value for \"state\", must be one of #{validator.allowable_values}." end - - @username = username + @state = state end # Checks equality by comparing each attribute. @@ -625,11 +461,13 @@ def ==(o) account_locked == o.account_locked && addresses == o.addresses && allow_public_key == o.allow_public_key && + alternate_email == o.alternate_email && attributes == o.attributes && company == o.company && cost_center == o.cost_center && department == o.department && description == o.description && + disable_device_max_login_attempts == o.disable_device_max_login_attempts && displayname == o.displayname && email == o.email && employee_identifier == o.employee_identifier && @@ -637,6 +475,7 @@ def ==(o) enable_managed_uid == o.enable_managed_uid && enable_user_portal_multifactor == o.enable_user_portal_multifactor && external_dn == o.external_dn && + external_password_expiration_date == o.external_password_expiration_date && external_source_type == o.external_source_type && externally_managed == o.externally_managed && firstname == o.firstname && @@ -644,6 +483,8 @@ def ==(o) lastname == o.lastname && ldap_binding_user == o.ldap_binding_user && location == o.location && + managed_apple_id == o.managed_apple_id && + manager == o.manager && mfa == o.mfa && middlename == o.middlename && password == o.password && @@ -653,6 +494,7 @@ def ==(o) relationships == o.relationships && samba_service_user == o.samba_service_user && ssh_keys == o.ssh_keys && + state == o.state && sudo == o.sudo && suspended == o.suspended && tags == o.tags && @@ -668,9 +510,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [account_locked, addresses, allow_public_key, attributes, company, cost_center, department, description, displayname, email, employee_identifier, employee_type, enable_managed_uid, enable_user_portal_multifactor, external_dn, external_source_type, externally_managed, firstname, job_title, lastname, ldap_binding_user, location, mfa, middlename, password, password_never_expires, phone_numbers, public_key, relationships, samba_service_user, ssh_keys, sudo, suspended, tags, unix_guid, unix_uid, username].hash + [account_locked, addresses, allow_public_key, alternate_email, attributes, company, cost_center, department, description, disable_device_max_login_attempts, displayname, email, employee_identifier, employee_type, enable_managed_uid, enable_user_portal_multifactor, external_dn, external_password_expiration_date, external_source_type, externally_managed, firstname, job_title, lastname, ldap_binding_user, location, managed_apple_id, manager, mfa, middlename, password, password_never_expires, phone_numbers, public_key, relationships, samba_service_user, ssh_keys, state, sudo, suspended, tags, unix_guid, unix_uid, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -678,16 +527,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -709,7 +560,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -730,8 +581,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -753,7 +603,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -765,7 +619,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -775,8 +629,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserput_addresses.rb b/jcapiv1/lib/jcapiv1/models/systemuserput_addresses.rb index a192639..5d78ccb 100644 --- a/jcapiv1/lib/jcapiv1/models/systemuserput_addresses.rb +++ b/jcapiv1/lib/jcapiv1/models/systemuserput_addresses.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class SystemuserputAddresses attr_accessor :country @@ -31,7 +29,6 @@ class SystemuserputAddresses attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -47,200 +44,84 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'country' => :'String', - :'extended_address' => :'String', - :'locality' => :'String', - :'po_box' => :'String', - :'postal_code' => :'String', - :'region' => :'String', - :'street_address' => :'String', - :'type' => :'String' + :'country' => :'Object', + :'extended_address' => :'Object', + :'locality' => :'Object', + :'po_box' => :'Object', + :'postal_code' => :'Object', + :'region' => :'Object', + :'street_address' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemuserputAddresses` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemuserputAddresses`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'country') + if attributes.key?(:'country') self.country = attributes[:'country'] end - if attributes.has_key?(:'extendedAddress') - self.extended_address = attributes[:'extendedAddress'] + if attributes.key?(:'extended_address') + self.extended_address = attributes[:'extended_address'] end - if attributes.has_key?(:'locality') + if attributes.key?(:'locality') self.locality = attributes[:'locality'] end - if attributes.has_key?(:'poBox') - self.po_box = attributes[:'poBox'] + if attributes.key?(:'po_box') + self.po_box = attributes[:'po_box'] end - if attributes.has_key?(:'postalCode') - self.postal_code = attributes[:'postalCode'] + if attributes.key?(:'postal_code') + self.postal_code = attributes[:'postal_code'] end - if attributes.has_key?(:'region') + if attributes.key?(:'region') self.region = attributes[:'region'] end - if attributes.has_key?(:'streetAddress') - self.street_address = attributes[:'streetAddress'] + if attributes.key?(:'street_address') + self.street_address = attributes[:'street_address'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - if !@country.nil? && @country.to_s.length > 1024 - invalid_properties.push("invalid value for 'country', the character length must be smaller than or equal to 1024.") - end - - if !@extended_address.nil? && @extended_address.to_s.length > 1024 - invalid_properties.push("invalid value for 'extended_address', the character length must be smaller than or equal to 1024.") - end - - if !@locality.nil? && @locality.to_s.length > 1024 - invalid_properties.push("invalid value for 'locality', the character length must be smaller than or equal to 1024.") - end - - if !@po_box.nil? && @po_box.to_s.length > 1024 - invalid_properties.push("invalid value for 'po_box', the character length must be smaller than or equal to 1024.") - end - - if !@postal_code.nil? && @postal_code.to_s.length > 1024 - invalid_properties.push("invalid value for 'postal_code', the character length must be smaller than or equal to 1024.") - end - - if !@region.nil? && @region.to_s.length > 1024 - invalid_properties.push("invalid value for 'region', the character length must be smaller than or equal to 1024.") - end - - if !@street_address.nil? && @street_address.to_s.length > 1024 - invalid_properties.push("invalid value for 'street_address', the character length must be smaller than or equal to 1024.") - end - - if !@type.nil? && @type.to_s.length > 1024 - invalid_properties.push("invalid value for 'type', the character length must be smaller than or equal to 1024.") - end - - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return false if !@country.nil? && @country.to_s.length > 1024 - return false if !@extended_address.nil? && @extended_address.to_s.length > 1024 - return false if !@locality.nil? && @locality.to_s.length > 1024 - return false if !@po_box.nil? && @po_box.to_s.length > 1024 - return false if !@postal_code.nil? && @postal_code.to_s.length > 1024 - return false if !@region.nil? && @region.to_s.length > 1024 - return false if !@street_address.nil? && @street_address.to_s.length > 1024 - return false if !@type.nil? && @type.to_s.length > 1024 - return true - end - - # Custom attribute writer method with validation - # @param [Object] country Value to be assigned - def country=(country) - - if !country.nil? && country.to_s.length > 1024 - fail ArgumentError, "invalid value for 'country', the character length must be smaller than or equal to 1024." - end - - @country = country - end - - # Custom attribute writer method with validation - # @param [Object] extended_address Value to be assigned - def extended_address=(extended_address) - - if !extended_address.nil? && extended_address.to_s.length > 1024 - fail ArgumentError, "invalid value for 'extended_address', the character length must be smaller than or equal to 1024." - end - - @extended_address = extended_address - end - - # Custom attribute writer method with validation - # @param [Object] locality Value to be assigned - def locality=(locality) - - if !locality.nil? && locality.to_s.length > 1024 - fail ArgumentError, "invalid value for 'locality', the character length must be smaller than or equal to 1024." - end - - @locality = locality - end - - # Custom attribute writer method with validation - # @param [Object] po_box Value to be assigned - def po_box=(po_box) - - if !po_box.nil? && po_box.to_s.length > 1024 - fail ArgumentError, "invalid value for 'po_box', the character length must be smaller than or equal to 1024." - end - - @po_box = po_box - end - - # Custom attribute writer method with validation - # @param [Object] postal_code Value to be assigned - def postal_code=(postal_code) - - if !postal_code.nil? && postal_code.to_s.length > 1024 - fail ArgumentError, "invalid value for 'postal_code', the character length must be smaller than or equal to 1024." - end - - @postal_code = postal_code - end - - # Custom attribute writer method with validation - # @param [Object] region Value to be assigned - def region=(region) - - if !region.nil? && region.to_s.length > 1024 - fail ArgumentError, "invalid value for 'region', the character length must be smaller than or equal to 1024." - end - - @region = region - end - - # Custom attribute writer method with validation - # @param [Object] street_address Value to be assigned - def street_address=(street_address) - - if !street_address.nil? && street_address.to_s.length > 1024 - fail ArgumentError, "invalid value for 'street_address', the character length must be smaller than or equal to 1024." - end - - @street_address = street_address - end - - # Custom attribute writer method with validation - # @param [Object] type Value to be assigned - def type=(type) - - if !type.nil? && type.to_s.length > 1024 - fail ArgumentError, "invalid value for 'type', the character length must be smaller than or equal to 1024." - end - - @type = type + true end # Checks equality by comparing each attribute. @@ -265,26 +146,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [country, extended_address, locality, po_box, postal_code, region, street_address, type].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -306,7 +196,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -327,8 +217,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -350,7 +239,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -362,7 +255,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -372,8 +265,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserput_attributes.rb b/jcapiv1/lib/jcapiv1/models/systemuserput_attributes.rb new file mode 100644 index 0000000..7c59b5b --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/systemuserput_attributes.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemuserputAttributes + attr_accessor :name + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemuserputAttributes` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemuserputAttributes`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserput_phone_numbers.rb b/jcapiv1/lib/jcapiv1/models/systemuserput_phone_numbers.rb index eef0386..6c7f62e 100644 --- a/jcapiv1/lib/jcapiv1/models/systemuserput_phone_numbers.rb +++ b/jcapiv1/lib/jcapiv1/models/systemuserput_phone_numbers.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class SystemuserputPhoneNumbers attr_accessor :number attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,74 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'number' => :'String', - :'type' => :'String' + :'number' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemuserputPhoneNumbers` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemuserputPhoneNumbers`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'number') + if attributes.key?(:'number') self.number = attributes[:'number'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - if !@number.nil? && @number.to_s.length > 1024 - invalid_properties.push("invalid value for 'number', the character length must be smaller than or equal to 1024.") - end - - if !@type.nil? && @type.to_s.length > 1024 - invalid_properties.push("invalid value for 'type', the character length must be smaller than or equal to 1024.") - end - - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return false if !@number.nil? && @number.to_s.length > 1024 - return false if !@type.nil? && @type.to_s.length > 1024 - return true - end - - # Custom attribute writer method with validation - # @param [Object] number Value to be assigned - def number=(number) - - if !number.nil? && number.to_s.length > 1024 - fail ArgumentError, "invalid value for 'number', the character length must be smaller than or equal to 1024." - end - - @number = number - end - - # Custom attribute writer method with validation - # @param [Object] type Value to be assigned - def type=(type) - - if !type.nil? && type.to_s.length > 1024 - fail ArgumentError, "invalid value for 'type', the character length must be smaller than or equal to 1024." - end - - @type = type + true end # Checks equality by comparing each attribute. @@ -115,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [number, type].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -156,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -177,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -200,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -212,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -222,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserput_relationships.rb b/jcapiv1/lib/jcapiv1/models/systemuserput_relationships.rb new file mode 100644 index 0000000..37bb8ae --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/systemuserput_relationships.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemuserputRelationships + attr_accessor :type + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'type' => :'type', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'type' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemuserputRelationships` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemuserputRelationships`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + type == o.type && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [type, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserputpost.rb b/jcapiv1/lib/jcapiv1/models/systemuserputpost.rb index f27bbad..bf2b1de 100644 --- a/jcapiv1/lib/jcapiv1/models/systemuserputpost.rb +++ b/jcapiv1/lib/jcapiv1/models/systemuserputpost.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Systemuserputpost attr_accessor :account_locked @@ -23,6 +21,8 @@ class Systemuserputpost attr_accessor :allow_public_key + attr_accessor :alternate_email + attr_accessor :attributes attr_accessor :company @@ -33,6 +33,8 @@ class Systemuserputpost attr_accessor :description + attr_accessor :disable_device_max_login_attempts + attr_accessor :displayname attr_accessor :email @@ -48,6 +50,8 @@ class Systemuserputpost attr_accessor :external_dn + attr_accessor :external_password_expiration_date + attr_accessor :external_source_type attr_accessor :externally_managed @@ -62,6 +66,11 @@ class Systemuserputpost attr_accessor :location + attr_accessor :managed_apple_id + + # Relation with another systemuser to identify the last as a manager. + attr_accessor :manager + attr_accessor :mfa attr_accessor :middlename @@ -76,10 +85,14 @@ class Systemuserputpost attr_accessor :public_key + attr_accessor :recovery_email + attr_accessor :relationships attr_accessor :samba_service_user + attr_accessor :state + attr_accessor :sudo attr_accessor :suspended @@ -92,6 +105,27 @@ class Systemuserputpost attr_accessor :username + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map @@ -100,11 +134,13 @@ def self.attribute_map :'activated' => :'activated', :'addresses' => :'addresses', :'allow_public_key' => :'allow_public_key', + :'alternate_email' => :'alternateEmail', :'attributes' => :'attributes', :'company' => :'company', :'cost_center' => :'costCenter', :'department' => :'department', :'description' => :'description', + :'disable_device_max_login_attempts' => :'disableDeviceMaxLoginAttempts', :'displayname' => :'displayname', :'email' => :'email', :'employee_identifier' => :'employeeIdentifier', @@ -112,6 +148,7 @@ def self.attribute_map :'enable_managed_uid' => :'enable_managed_uid', :'enable_user_portal_multifactor' => :'enable_user_portal_multifactor', :'external_dn' => :'external_dn', + :'external_password_expiration_date' => :'external_password_expiration_date', :'external_source_type' => :'external_source_type', :'externally_managed' => :'externally_managed', :'firstname' => :'firstname', @@ -119,6 +156,8 @@ def self.attribute_map :'lastname' => :'lastname', :'ldap_binding_user' => :'ldap_binding_user', :'location' => :'location', + :'managed_apple_id' => :'managedAppleId', + :'manager' => :'manager', :'mfa' => :'mfa', :'middlename' => :'middlename', :'password' => :'password', @@ -126,8 +165,10 @@ def self.attribute_map :'passwordless_sudo' => :'passwordless_sudo', :'phone_numbers' => :'phoneNumbers', :'public_key' => :'public_key', + :'recovery_email' => :'recoveryEmail', :'relationships' => :'relationships', :'samba_service_user' => :'samba_service_user', + :'state' => :'state', :'sudo' => :'sudo', :'suspended' => :'suspended', :'tags' => :'tags', @@ -138,325 +179,301 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'account_locked' => :'BOOLEAN', - :'activated' => :'BOOLEAN', - :'addresses' => :'Array', - :'allow_public_key' => :'BOOLEAN', - :'attributes' => :'Array', - :'company' => :'String', - :'cost_center' => :'String', - :'department' => :'String', - :'description' => :'String', - :'displayname' => :'String', - :'email' => :'String', - :'employee_identifier' => :'String', - :'employee_type' => :'String', - :'enable_managed_uid' => :'BOOLEAN', - :'enable_user_portal_multifactor' => :'BOOLEAN', - :'external_dn' => :'String', - :'external_source_type' => :'String', - :'externally_managed' => :'BOOLEAN', - :'firstname' => :'String', - :'job_title' => :'String', - :'lastname' => :'String', - :'ldap_binding_user' => :'BOOLEAN', - :'location' => :'String', - :'mfa' => :'Mfa', - :'middlename' => :'String', - :'password' => :'String', - :'password_never_expires' => :'BOOLEAN', - :'passwordless_sudo' => :'BOOLEAN', - :'phone_numbers' => :'Array', - :'public_key' => :'String', - :'relationships' => :'Array', - :'samba_service_user' => :'BOOLEAN', - :'sudo' => :'BOOLEAN', - :'suspended' => :'BOOLEAN', - :'tags' => :'Array', - :'unix_guid' => :'Integer', - :'unix_uid' => :'Integer', - :'username' => :'String' + :'account_locked' => :'Object', + :'activated' => :'Object', + :'addresses' => :'Object', + :'allow_public_key' => :'Object', + :'alternate_email' => :'Object', + :'attributes' => :'Object', + :'company' => :'Object', + :'cost_center' => :'Object', + :'department' => :'Object', + :'description' => :'Object', + :'disable_device_max_login_attempts' => :'Object', + :'displayname' => :'Object', + :'email' => :'Object', + :'employee_identifier' => :'Object', + :'employee_type' => :'Object', + :'enable_managed_uid' => :'Object', + :'enable_user_portal_multifactor' => :'Object', + :'external_dn' => :'Object', + :'external_password_expiration_date' => :'Object', + :'external_source_type' => :'Object', + :'externally_managed' => :'Object', + :'firstname' => :'Object', + :'job_title' => :'Object', + :'lastname' => :'Object', + :'ldap_binding_user' => :'Object', + :'location' => :'Object', + :'managed_apple_id' => :'Object', + :'manager' => :'Object', + :'mfa' => :'Object', + :'middlename' => :'Object', + :'password' => :'Object', + :'password_never_expires' => :'Object', + :'passwordless_sudo' => :'Object', + :'phone_numbers' => :'Object', + :'public_key' => :'Object', + :'recovery_email' => :'Object', + :'relationships' => :'Object', + :'samba_service_user' => :'Object', + :'state' => :'Object', + :'sudo' => :'Object', + :'suspended' => :'Object', + :'tags' => :'Object', + :'unix_guid' => :'Object', + :'unix_uid' => :'Object', + :'username' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Systemuserputpost` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Systemuserputpost`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'account_locked') + if attributes.key?(:'account_locked') self.account_locked = attributes[:'account_locked'] end - if attributes.has_key?(:'activated') + if attributes.key?(:'activated') self.activated = attributes[:'activated'] end - if attributes.has_key?(:'addresses') + if attributes.key?(:'addresses') if (value = attributes[:'addresses']).is_a?(Array) self.addresses = value end end - if attributes.has_key?(:'allow_public_key') + if attributes.key?(:'allow_public_key') self.allow_public_key = attributes[:'allow_public_key'] end - if attributes.has_key?(:'attributes') + if attributes.key?(:'alternate_email') + self.alternate_email = attributes[:'alternate_email'] + end + + if attributes.key?(:'attributes') if (value = attributes[:'attributes']).is_a?(Array) self.attributes = value end end - if attributes.has_key?(:'company') + if attributes.key?(:'company') self.company = attributes[:'company'] end - if attributes.has_key?(:'costCenter') - self.cost_center = attributes[:'costCenter'] + if attributes.key?(:'cost_center') + self.cost_center = attributes[:'cost_center'] end - if attributes.has_key?(:'department') + if attributes.key?(:'department') self.department = attributes[:'department'] end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'displayname') + if attributes.key?(:'disable_device_max_login_attempts') + self.disable_device_max_login_attempts = attributes[:'disable_device_max_login_attempts'] + end + + if attributes.key?(:'displayname') self.displayname = attributes[:'displayname'] end - if attributes.has_key?(:'email') + if attributes.key?(:'email') self.email = attributes[:'email'] end - if attributes.has_key?(:'employeeIdentifier') - self.employee_identifier = attributes[:'employeeIdentifier'] + if attributes.key?(:'employee_identifier') + self.employee_identifier = attributes[:'employee_identifier'] end - if attributes.has_key?(:'employeeType') - self.employee_type = attributes[:'employeeType'] + if attributes.key?(:'employee_type') + self.employee_type = attributes[:'employee_type'] end - if attributes.has_key?(:'enable_managed_uid') + if attributes.key?(:'enable_managed_uid') self.enable_managed_uid = attributes[:'enable_managed_uid'] end - if attributes.has_key?(:'enable_user_portal_multifactor') + if attributes.key?(:'enable_user_portal_multifactor') self.enable_user_portal_multifactor = attributes[:'enable_user_portal_multifactor'] end - if attributes.has_key?(:'external_dn') + if attributes.key?(:'external_dn') self.external_dn = attributes[:'external_dn'] end - if attributes.has_key?(:'external_source_type') + if attributes.key?(:'external_password_expiration_date') + self.external_password_expiration_date = attributes[:'external_password_expiration_date'] + end + + if attributes.key?(:'external_source_type') self.external_source_type = attributes[:'external_source_type'] end - if attributes.has_key?(:'externally_managed') + if attributes.key?(:'externally_managed') self.externally_managed = attributes[:'externally_managed'] end - if attributes.has_key?(:'firstname') + if attributes.key?(:'firstname') self.firstname = attributes[:'firstname'] end - if attributes.has_key?(:'jobTitle') - self.job_title = attributes[:'jobTitle'] + if attributes.key?(:'job_title') + self.job_title = attributes[:'job_title'] end - if attributes.has_key?(:'lastname') + if attributes.key?(:'lastname') self.lastname = attributes[:'lastname'] end - if attributes.has_key?(:'ldap_binding_user') + if attributes.key?(:'ldap_binding_user') self.ldap_binding_user = attributes[:'ldap_binding_user'] end - if attributes.has_key?(:'location') + if attributes.key?(:'location') self.location = attributes[:'location'] end - if attributes.has_key?(:'mfa') + if attributes.key?(:'managed_apple_id') + self.managed_apple_id = attributes[:'managed_apple_id'] + end + + if attributes.key?(:'manager') + self.manager = attributes[:'manager'] + end + + if attributes.key?(:'mfa') self.mfa = attributes[:'mfa'] end - if attributes.has_key?(:'middlename') + if attributes.key?(:'middlename') self.middlename = attributes[:'middlename'] end - if attributes.has_key?(:'password') + if attributes.key?(:'password') self.password = attributes[:'password'] end - if attributes.has_key?(:'password_never_expires') + if attributes.key?(:'password_never_expires') self.password_never_expires = attributes[:'password_never_expires'] end - if attributes.has_key?(:'passwordless_sudo') + if attributes.key?(:'passwordless_sudo') self.passwordless_sudo = attributes[:'passwordless_sudo'] end - if attributes.has_key?(:'phoneNumbers') - if (value = attributes[:'phoneNumbers']).is_a?(Array) + if attributes.key?(:'phone_numbers') + if (value = attributes[:'phone_numbers']).is_a?(Array) self.phone_numbers = value end end - if attributes.has_key?(:'public_key') + if attributes.key?(:'public_key') self.public_key = attributes[:'public_key'] end - if attributes.has_key?(:'relationships') + if attributes.key?(:'recovery_email') + self.recovery_email = attributes[:'recovery_email'] + end + + if attributes.key?(:'relationships') if (value = attributes[:'relationships']).is_a?(Array) self.relationships = value end end - if attributes.has_key?(:'samba_service_user') + if attributes.key?(:'samba_service_user') self.samba_service_user = attributes[:'samba_service_user'] end - if attributes.has_key?(:'sudo') + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'sudo') self.sudo = attributes[:'sudo'] end - if attributes.has_key?(:'suspended') + if attributes.key?(:'suspended') self.suspended = attributes[:'suspended'] end - if attributes.has_key?(:'tags') + if attributes.key?(:'tags') if (value = attributes[:'tags']).is_a?(Array) self.tags = value end end - if attributes.has_key?(:'unix_guid') + if attributes.key?(:'unix_guid') self.unix_guid = attributes[:'unix_guid'] end - if attributes.has_key?(:'unix_uid') + if attributes.key?(:'unix_uid') self.unix_uid = attributes[:'unix_uid'] end - if attributes.has_key?(:'username') + if attributes.key?(:'username') self.username = attributes[:'username'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - if !@description.nil? && @description.to_s.length > 1024 - invalid_properties.push("invalid value for 'description', the character length must be smaller than or equal to 1024.") - end - if @email.nil? - invalid_properties.push("invalid value for 'email', email cannot be nil.") - end - - if @email.to_s.length > 1024 - invalid_properties.push("invalid value for 'email', the character length must be smaller than or equal to 1024.") - end - - if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - invalid_properties.push("invalid value for 'employee_identifier', the character length must be smaller than or equal to 256.") - end - - if !@unix_guid.nil? && @unix_guid < 1 - invalid_properties.push("invalid value for 'unix_guid', must be greater than or equal to 1.") - end - - if !@unix_uid.nil? && @unix_uid < 1 - invalid_properties.push("invalid value for 'unix_uid', must be greater than or equal to 1.") + invalid_properties.push('invalid value for "email", email cannot be nil.') end if @username.nil? - invalid_properties.push("invalid value for 'username', username cannot be nil.") + invalid_properties.push('invalid value for "username", username cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return false if !@description.nil? && @description.to_s.length > 1024 return false if @email.nil? - return false if @email.to_s.length > 1024 - return false if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - return false if !@unix_guid.nil? && @unix_guid < 1 - return false if !@unix_uid.nil? && @unix_uid < 1 + state_validator = EnumAttributeValidator.new('Object', ['STAGED', 'ACTIVATED', 'SUSPENDED']) + return false unless state_validator.valid?(@state) return false if @username.nil? - return true - end - - # Custom attribute writer method with validation - # @param [Object] description Value to be assigned - def description=(description) - - if !description.nil? && description.to_s.length > 1024 - fail ArgumentError, "invalid value for 'description', the character length must be smaller than or equal to 1024." - end - - @description = description + true end - # Custom attribute writer method with validation - # @param [Object] email Value to be assigned - def email=(email) - if email.nil? - fail ArgumentError, "email cannot be nil" + # Custom attribute writer method checking allowed values (enum). + # @param [Object] state Object to be assigned + def state=(state) + validator = EnumAttributeValidator.new('Object', ['STAGED', 'ACTIVATED', 'SUSPENDED']) + unless validator.valid?(state) + fail ArgumentError, "invalid value for \"state\", must be one of #{validator.allowable_values}." end - - if email.to_s.length > 1024 - fail ArgumentError, "invalid value for 'email', the character length must be smaller than or equal to 1024." - end - - @email = email - end - - # Custom attribute writer method with validation - # @param [Object] employee_identifier Value to be assigned - def employee_identifier=(employee_identifier) - - if !employee_identifier.nil? && employee_identifier.to_s.length > 256 - fail ArgumentError, "invalid value for 'employee_identifier', the character length must be smaller than or equal to 256." - end - - @employee_identifier = employee_identifier - end - - # Custom attribute writer method with validation - # @param [Object] unix_guid Value to be assigned - def unix_guid=(unix_guid) - - if !unix_guid.nil? && unix_guid < 1 - fail ArgumentError, "invalid value for 'unix_guid', must be greater than or equal to 1." - end - - @unix_guid = unix_guid - end - - # Custom attribute writer method with validation - # @param [Object] unix_uid Value to be assigned - def unix_uid=(unix_uid) - - if !unix_uid.nil? && unix_uid < 1 - fail ArgumentError, "invalid value for 'unix_uid', must be greater than or equal to 1." - end - - @unix_uid = unix_uid + @state = state end # Checks equality by comparing each attribute. @@ -468,11 +485,13 @@ def ==(o) activated == o.activated && addresses == o.addresses && allow_public_key == o.allow_public_key && + alternate_email == o.alternate_email && attributes == o.attributes && company == o.company && cost_center == o.cost_center && department == o.department && description == o.description && + disable_device_max_login_attempts == o.disable_device_max_login_attempts && displayname == o.displayname && email == o.email && employee_identifier == o.employee_identifier && @@ -480,6 +499,7 @@ def ==(o) enable_managed_uid == o.enable_managed_uid && enable_user_portal_multifactor == o.enable_user_portal_multifactor && external_dn == o.external_dn && + external_password_expiration_date == o.external_password_expiration_date && external_source_type == o.external_source_type && externally_managed == o.externally_managed && firstname == o.firstname && @@ -487,6 +507,8 @@ def ==(o) lastname == o.lastname && ldap_binding_user == o.ldap_binding_user && location == o.location && + managed_apple_id == o.managed_apple_id && + manager == o.manager && mfa == o.mfa && middlename == o.middlename && password == o.password && @@ -494,8 +516,10 @@ def ==(o) passwordless_sudo == o.passwordless_sudo && phone_numbers == o.phone_numbers && public_key == o.public_key && + recovery_email == o.recovery_email && relationships == o.relationships && samba_service_user == o.samba_service_user && + state == o.state && sudo == o.sudo && suspended == o.suspended && tags == o.tags && @@ -511,9 +535,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [account_locked, activated, addresses, allow_public_key, attributes, company, cost_center, department, description, displayname, email, employee_identifier, employee_type, enable_managed_uid, enable_user_portal_multifactor, external_dn, external_source_type, externally_managed, firstname, job_title, lastname, ldap_binding_user, location, mfa, middlename, password, password_never_expires, passwordless_sudo, phone_numbers, public_key, relationships, samba_service_user, sudo, suspended, tags, unix_guid, unix_uid, username].hash + [account_locked, activated, addresses, allow_public_key, alternate_email, attributes, company, cost_center, department, description, disable_device_max_login_attempts, displayname, email, employee_identifier, employee_type, enable_managed_uid, enable_user_portal_multifactor, external_dn, external_password_expiration_date, external_source_type, externally_managed, firstname, job_title, lastname, ldap_binding_user, location, managed_apple_id, manager, mfa, middlename, password, password_never_expires, passwordless_sudo, phone_numbers, public_key, recovery_email, relationships, samba_service_user, state, sudo, suspended, tags, unix_guid, unix_uid, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -521,16 +552,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -552,7 +585,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -573,8 +606,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -596,7 +628,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -608,7 +644,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -618,8 +654,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserputpost_addresses.rb b/jcapiv1/lib/jcapiv1/models/systemuserputpost_addresses.rb index 6694e5a..25fe8ca 100644 --- a/jcapiv1/lib/jcapiv1/models/systemuserputpost_addresses.rb +++ b/jcapiv1/lib/jcapiv1/models/systemuserputpost_addresses.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class SystemuserputpostAddresses attr_accessor :country @@ -31,7 +29,6 @@ class SystemuserputpostAddresses attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -47,72 +44,84 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'country' => :'String', - :'extended_address' => :'String', - :'locality' => :'String', - :'po_box' => :'String', - :'postal_code' => :'String', - :'region' => :'String', - :'street_address' => :'String', - :'type' => :'String' + :'country' => :'Object', + :'extended_address' => :'Object', + :'locality' => :'Object', + :'po_box' => :'Object', + :'postal_code' => :'Object', + :'region' => :'Object', + :'street_address' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemuserputpostAddresses` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemuserputpostAddresses`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'country') + if attributes.key?(:'country') self.country = attributes[:'country'] end - if attributes.has_key?(:'extendedAddress') - self.extended_address = attributes[:'extendedAddress'] + if attributes.key?(:'extended_address') + self.extended_address = attributes[:'extended_address'] end - if attributes.has_key?(:'locality') + if attributes.key?(:'locality') self.locality = attributes[:'locality'] end - if attributes.has_key?(:'poBox') - self.po_box = attributes[:'poBox'] + if attributes.key?(:'po_box') + self.po_box = attributes[:'po_box'] end - if attributes.has_key?(:'postalCode') - self.postal_code = attributes[:'postalCode'] + if attributes.key?(:'postal_code') + self.postal_code = attributes[:'postal_code'] end - if attributes.has_key?(:'region') + if attributes.key?(:'region') self.region = attributes[:'region'] end - if attributes.has_key?(:'streetAddress') - self.street_address = attributes[:'streetAddress'] + if attributes.key?(:'street_address') + self.street_address = attributes[:'street_address'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -137,26 +146,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [country, extended_address, locality, po_box, postal_code, region, street_address, type].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -178,7 +196,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -199,8 +217,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -222,7 +239,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -234,7 +255,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -244,8 +265,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserputpost_phone_numbers.rb b/jcapiv1/lib/jcapiv1/models/systemuserputpost_phone_numbers.rb index 54c991a..8aec33b 100644 --- a/jcapiv1/lib/jcapiv1/models/systemuserputpost_phone_numbers.rb +++ b/jcapiv1/lib/jcapiv1/models/systemuserputpost_phone_numbers.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class SystemuserputpostPhoneNumbers attr_accessor :number attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'number' => :'String', - :'type' => :'String' + :'number' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemuserputpostPhoneNumbers` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemuserputpostPhoneNumbers`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'number') + if attributes.key?(:'number') self.number = attributes[:'number'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [number, type].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserputpost_recovery_email.rb b/jcapiv1/lib/jcapiv1/models/systemuserputpost_recovery_email.rb new file mode 100644 index 0000000..58e094d --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/systemuserputpost_recovery_email.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemuserputpostRecoveryEmail + attr_accessor :address + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'address' => :'address' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'address' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemuserputpostRecoveryEmail` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemuserputpostRecoveryEmail`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'address') + self.address = attributes[:'address'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + address == o.address + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [address].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserreturn.rb b/jcapiv1/lib/jcapiv1/models/systemuserreturn.rb index eafa777..4289716 100644 --- a/jcapiv1/lib/jcapiv1/models/systemuserreturn.rb +++ b/jcapiv1/lib/jcapiv1/models/systemuserreturn.rb @@ -1,30 +1,32 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Systemuserreturn attr_accessor :_id attr_accessor :account_locked + attr_accessor :account_locked_date + attr_accessor :activated attr_accessor :addresses attr_accessor :allow_public_key + attr_accessor :alternate_email + attr_accessor :attributes attr_accessor :bad_login_attempts @@ -35,10 +37,14 @@ class Systemuserreturn attr_accessor :created + attr_accessor :creation_source + attr_accessor :department attr_accessor :description + attr_accessor :disable_device_max_login_attempts + attr_accessor :displayname attr_accessor :email @@ -54,6 +60,8 @@ class Systemuserreturn attr_accessor :external_dn + attr_accessor :external_password_expiration_date + attr_accessor :external_source_type attr_accessor :externally_managed @@ -68,12 +76,21 @@ class Systemuserreturn attr_accessor :location + attr_accessor :managed_apple_id + + # Relation with another systemuser to identify the last as a manager. + attr_accessor :manager + attr_accessor :mfa + attr_accessor :mfa_enrollment + attr_accessor :middlename attr_accessor :organization + attr_accessor :password_date + attr_accessor :password_expiration_date attr_accessor :password_expired @@ -86,12 +103,16 @@ class Systemuserreturn attr_accessor :public_key + attr_accessor :recovery_email + attr_accessor :relationships attr_accessor :samba_service_user attr_accessor :ssh_keys + attr_accessor :state + attr_accessor :sudo attr_accessor :suspended @@ -106,22 +127,47 @@ class Systemuserreturn attr_accessor :username + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'_id' => :'_id', :'account_locked' => :'account_locked', + :'account_locked_date' => :'account_locked_date', :'activated' => :'activated', :'addresses' => :'addresses', :'allow_public_key' => :'allow_public_key', + :'alternate_email' => :'alternateEmail', :'attributes' => :'attributes', :'bad_login_attempts' => :'badLoginAttempts', :'company' => :'company', :'cost_center' => :'costCenter', :'created' => :'created', + :'creation_source' => :'creationSource', :'department' => :'department', :'description' => :'description', + :'disable_device_max_login_attempts' => :'disableDeviceMaxLoginAttempts', :'displayname' => :'displayname', :'email' => :'email', :'employee_identifier' => :'employeeIdentifier', @@ -129,6 +175,7 @@ def self.attribute_map :'enable_managed_uid' => :'enable_managed_uid', :'enable_user_portal_multifactor' => :'enable_user_portal_multifactor', :'external_dn' => :'external_dn', + :'external_password_expiration_date' => :'external_password_expiration_date', :'external_source_type' => :'external_source_type', :'externally_managed' => :'externally_managed', :'firstname' => :'firstname', @@ -136,18 +183,24 @@ def self.attribute_map :'lastname' => :'lastname', :'ldap_binding_user' => :'ldap_binding_user', :'location' => :'location', + :'managed_apple_id' => :'managedAppleId', + :'manager' => :'manager', :'mfa' => :'mfa', + :'mfa_enrollment' => :'mfaEnrollment', :'middlename' => :'middlename', :'organization' => :'organization', + :'password_date' => :'password_date', :'password_expiration_date' => :'password_expiration_date', :'password_expired' => :'password_expired', :'password_never_expires' => :'password_never_expires', :'passwordless_sudo' => :'passwordless_sudo', :'phone_numbers' => :'phoneNumbers', :'public_key' => :'public_key', + :'recovery_email' => :'recoveryEmail', :'relationships' => :'relationships', :'samba_service_user' => :'samba_service_user', :'ssh_keys' => :'ssh_keys', + :'state' => :'state', :'sudo' => :'sudo', :'suspended' => :'suspended', :'tags' => :'tags', @@ -159,541 +212,351 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_id' => :'String', - :'account_locked' => :'BOOLEAN', - :'activated' => :'BOOLEAN', - :'addresses' => :'Array', - :'allow_public_key' => :'BOOLEAN', - :'attributes' => :'Array', - :'bad_login_attempts' => :'Integer', - :'company' => :'String', - :'cost_center' => :'String', - :'created' => :'String', - :'department' => :'String', - :'description' => :'String', - :'displayname' => :'String', - :'email' => :'String', - :'employee_identifier' => :'String', - :'employee_type' => :'String', - :'enable_managed_uid' => :'BOOLEAN', - :'enable_user_portal_multifactor' => :'BOOLEAN', - :'external_dn' => :'String', - :'external_source_type' => :'String', - :'externally_managed' => :'BOOLEAN', - :'firstname' => :'String', - :'job_title' => :'String', - :'lastname' => :'String', - :'ldap_binding_user' => :'BOOLEAN', - :'location' => :'String', - :'mfa' => :'Mfa', - :'middlename' => :'String', - :'organization' => :'String', - :'password_expiration_date' => :'String', - :'password_expired' => :'BOOLEAN', - :'password_never_expires' => :'BOOLEAN', - :'passwordless_sudo' => :'BOOLEAN', - :'phone_numbers' => :'Array', - :'public_key' => :'String', - :'relationships' => :'Array', - :'samba_service_user' => :'BOOLEAN', - :'ssh_keys' => :'Array', - :'sudo' => :'BOOLEAN', - :'suspended' => :'BOOLEAN', - :'tags' => :'Array', - :'totp_enabled' => :'BOOLEAN', - :'unix_guid' => :'Integer', - :'unix_uid' => :'Integer', - :'username' => :'String' + :'_id' => :'Object', + :'account_locked' => :'Object', + :'account_locked_date' => :'Object', + :'activated' => :'Object', + :'addresses' => :'Object', + :'allow_public_key' => :'Object', + :'alternate_email' => :'Object', + :'attributes' => :'Object', + :'bad_login_attempts' => :'Object', + :'company' => :'Object', + :'cost_center' => :'Object', + :'created' => :'Object', + :'creation_source' => :'Object', + :'department' => :'Object', + :'description' => :'Object', + :'disable_device_max_login_attempts' => :'Object', + :'displayname' => :'Object', + :'email' => :'Object', + :'employee_identifier' => :'Object', + :'employee_type' => :'Object', + :'enable_managed_uid' => :'Object', + :'enable_user_portal_multifactor' => :'Object', + :'external_dn' => :'Object', + :'external_password_expiration_date' => :'Object', + :'external_source_type' => :'Object', + :'externally_managed' => :'Object', + :'firstname' => :'Object', + :'job_title' => :'Object', + :'lastname' => :'Object', + :'ldap_binding_user' => :'Object', + :'location' => :'Object', + :'managed_apple_id' => :'Object', + :'manager' => :'Object', + :'mfa' => :'Object', + :'mfa_enrollment' => :'Object', + :'middlename' => :'Object', + :'organization' => :'Object', + :'password_date' => :'Object', + :'password_expiration_date' => :'Object', + :'password_expired' => :'Object', + :'password_never_expires' => :'Object', + :'passwordless_sudo' => :'Object', + :'phone_numbers' => :'Object', + :'public_key' => :'Object', + :'recovery_email' => :'Object', + :'relationships' => :'Object', + :'samba_service_user' => :'Object', + :'ssh_keys' => :'Object', + :'state' => :'Object', + :'sudo' => :'Object', + :'suspended' => :'Object', + :'tags' => :'Object', + :'totp_enabled' => :'Object', + :'unix_guid' => :'Object', + :'unix_uid' => :'Object', + :'username' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + :'account_locked_date', + :'password_date', + :'password_expiration_date', + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Systemuserreturn` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Systemuserreturn`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'_id') + if attributes.key?(:'_id') self._id = attributes[:'_id'] end - if attributes.has_key?(:'account_locked') + if attributes.key?(:'account_locked') self.account_locked = attributes[:'account_locked'] end - if attributes.has_key?(:'activated') + if attributes.key?(:'account_locked_date') + self.account_locked_date = attributes[:'account_locked_date'] + end + + if attributes.key?(:'activated') self.activated = attributes[:'activated'] end - if attributes.has_key?(:'addresses') + if attributes.key?(:'addresses') if (value = attributes[:'addresses']).is_a?(Array) self.addresses = value end end - if attributes.has_key?(:'allow_public_key') + if attributes.key?(:'allow_public_key') self.allow_public_key = attributes[:'allow_public_key'] end - if attributes.has_key?(:'attributes') + if attributes.key?(:'alternate_email') + self.alternate_email = attributes[:'alternate_email'] + end + + if attributes.key?(:'attributes') if (value = attributes[:'attributes']).is_a?(Array) self.attributes = value end end - if attributes.has_key?(:'badLoginAttempts') - self.bad_login_attempts = attributes[:'badLoginAttempts'] + if attributes.key?(:'bad_login_attempts') + self.bad_login_attempts = attributes[:'bad_login_attempts'] end - if attributes.has_key?(:'company') + if attributes.key?(:'company') self.company = attributes[:'company'] end - if attributes.has_key?(:'costCenter') - self.cost_center = attributes[:'costCenter'] + if attributes.key?(:'cost_center') + self.cost_center = attributes[:'cost_center'] end - if attributes.has_key?(:'created') + if attributes.key?(:'created') self.created = attributes[:'created'] end - if attributes.has_key?(:'department') + if attributes.key?(:'creation_source') + self.creation_source = attributes[:'creation_source'] + end + + if attributes.key?(:'department') self.department = attributes[:'department'] end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'displayname') + if attributes.key?(:'disable_device_max_login_attempts') + self.disable_device_max_login_attempts = attributes[:'disable_device_max_login_attempts'] + end + + if attributes.key?(:'displayname') self.displayname = attributes[:'displayname'] end - if attributes.has_key?(:'email') + if attributes.key?(:'email') self.email = attributes[:'email'] end - if attributes.has_key?(:'employeeIdentifier') - self.employee_identifier = attributes[:'employeeIdentifier'] + if attributes.key?(:'employee_identifier') + self.employee_identifier = attributes[:'employee_identifier'] end - if attributes.has_key?(:'employeeType') - self.employee_type = attributes[:'employeeType'] + if attributes.key?(:'employee_type') + self.employee_type = attributes[:'employee_type'] end - if attributes.has_key?(:'enable_managed_uid') + if attributes.key?(:'enable_managed_uid') self.enable_managed_uid = attributes[:'enable_managed_uid'] end - if attributes.has_key?(:'enable_user_portal_multifactor') + if attributes.key?(:'enable_user_portal_multifactor') self.enable_user_portal_multifactor = attributes[:'enable_user_portal_multifactor'] end - if attributes.has_key?(:'external_dn') + if attributes.key?(:'external_dn') self.external_dn = attributes[:'external_dn'] end - if attributes.has_key?(:'external_source_type') + if attributes.key?(:'external_password_expiration_date') + self.external_password_expiration_date = attributes[:'external_password_expiration_date'] + end + + if attributes.key?(:'external_source_type') self.external_source_type = attributes[:'external_source_type'] end - if attributes.has_key?(:'externally_managed') + if attributes.key?(:'externally_managed') self.externally_managed = attributes[:'externally_managed'] end - if attributes.has_key?(:'firstname') + if attributes.key?(:'firstname') self.firstname = attributes[:'firstname'] end - if attributes.has_key?(:'jobTitle') - self.job_title = attributes[:'jobTitle'] + if attributes.key?(:'job_title') + self.job_title = attributes[:'job_title'] end - if attributes.has_key?(:'lastname') + if attributes.key?(:'lastname') self.lastname = attributes[:'lastname'] end - if attributes.has_key?(:'ldap_binding_user') + if attributes.key?(:'ldap_binding_user') self.ldap_binding_user = attributes[:'ldap_binding_user'] end - if attributes.has_key?(:'location') + if attributes.key?(:'location') self.location = attributes[:'location'] end - if attributes.has_key?(:'mfa') + if attributes.key?(:'managed_apple_id') + self.managed_apple_id = attributes[:'managed_apple_id'] + end + + if attributes.key?(:'manager') + self.manager = attributes[:'manager'] + end + + if attributes.key?(:'mfa') self.mfa = attributes[:'mfa'] end - if attributes.has_key?(:'middlename') + if attributes.key?(:'mfa_enrollment') + self.mfa_enrollment = attributes[:'mfa_enrollment'] + end + + if attributes.key?(:'middlename') self.middlename = attributes[:'middlename'] end - if attributes.has_key?(:'organization') + if attributes.key?(:'organization') self.organization = attributes[:'organization'] end - if attributes.has_key?(:'password_expiration_date') + if attributes.key?(:'password_date') + self.password_date = attributes[:'password_date'] + end + + if attributes.key?(:'password_expiration_date') self.password_expiration_date = attributes[:'password_expiration_date'] end - if attributes.has_key?(:'password_expired') + if attributes.key?(:'password_expired') self.password_expired = attributes[:'password_expired'] end - if attributes.has_key?(:'password_never_expires') + if attributes.key?(:'password_never_expires') self.password_never_expires = attributes[:'password_never_expires'] end - if attributes.has_key?(:'passwordless_sudo') + if attributes.key?(:'passwordless_sudo') self.passwordless_sudo = attributes[:'passwordless_sudo'] end - if attributes.has_key?(:'phoneNumbers') - if (value = attributes[:'phoneNumbers']).is_a?(Array) + if attributes.key?(:'phone_numbers') + if (value = attributes[:'phone_numbers']).is_a?(Array) self.phone_numbers = value end end - if attributes.has_key?(:'public_key') + if attributes.key?(:'public_key') self.public_key = attributes[:'public_key'] end - if attributes.has_key?(:'relationships') + if attributes.key?(:'recovery_email') + self.recovery_email = attributes[:'recovery_email'] + end + + if attributes.key?(:'relationships') if (value = attributes[:'relationships']).is_a?(Array) self.relationships = value end end - if attributes.has_key?(:'samba_service_user') + if attributes.key?(:'samba_service_user') self.samba_service_user = attributes[:'samba_service_user'] end - if attributes.has_key?(:'ssh_keys') + if attributes.key?(:'ssh_keys') if (value = attributes[:'ssh_keys']).is_a?(Array) self.ssh_keys = value end end - if attributes.has_key?(:'sudo') + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'sudo') self.sudo = attributes[:'sudo'] end - if attributes.has_key?(:'suspended') + if attributes.key?(:'suspended') self.suspended = attributes[:'suspended'] end - if attributes.has_key?(:'tags') + if attributes.key?(:'tags') if (value = attributes[:'tags']).is_a?(Array) self.tags = value end end - if attributes.has_key?(:'totp_enabled') + if attributes.key?(:'totp_enabled') self.totp_enabled = attributes[:'totp_enabled'] end - if attributes.has_key?(:'unix_guid') + if attributes.key?(:'unix_guid') self.unix_guid = attributes[:'unix_guid'] end - if attributes.has_key?(:'unix_uid') + if attributes.key?(:'unix_uid') self.unix_uid = attributes[:'unix_uid'] end - if attributes.has_key?(:'username') + if attributes.key?(:'username') self.username = attributes[:'username'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - if !@bad_login_attempts.nil? && @bad_login_attempts < 0 - invalid_properties.push("invalid value for 'bad_login_attempts', must be greater than or equal to 0.") - end - - if !@company.nil? && @company.to_s.length > 1024 - invalid_properties.push("invalid value for 'company', the character length must be smaller than or equal to 1024.") - end - - if !@cost_center.nil? && @cost_center.to_s.length > 1024 - invalid_properties.push("invalid value for 'cost_center', the character length must be smaller than or equal to 1024.") - end - - if !@department.nil? && @department.to_s.length > 1024 - invalid_properties.push("invalid value for 'department', the character length must be smaller than or equal to 1024.") - end - - if !@description.nil? && @description.to_s.length > 1024 - invalid_properties.push("invalid value for 'description', the character length must be smaller than or equal to 1024.") - end - - if !@displayname.nil? && @displayname.to_s.length > 1024 - invalid_properties.push("invalid value for 'displayname', the character length must be smaller than or equal to 1024.") - end - - if !@email.nil? && @email.to_s.length > 1024 - invalid_properties.push("invalid value for 'email', the character length must be smaller than or equal to 1024.") - end - - if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - invalid_properties.push("invalid value for 'employee_identifier', the character length must be smaller than or equal to 256.") - end - - if !@employee_type.nil? && @employee_type.to_s.length > 1024 - invalid_properties.push("invalid value for 'employee_type', the character length must be smaller than or equal to 1024.") - end - - if !@firstname.nil? && @firstname.to_s.length > 1024 - invalid_properties.push("invalid value for 'firstname', the character length must be smaller than or equal to 1024.") - end - - if !@job_title.nil? && @job_title.to_s.length > 1024 - invalid_properties.push("invalid value for 'job_title', the character length must be smaller than or equal to 1024.") - end - - if !@lastname.nil? && @lastname.to_s.length > 1024 - invalid_properties.push("invalid value for 'lastname', the character length must be smaller than or equal to 1024.") - end - - if !@location.nil? && @location.to_s.length > 1024 - invalid_properties.push("invalid value for 'location', the character length must be smaller than or equal to 1024.") - end - - if !@middlename.nil? && @middlename.to_s.length > 1024 - invalid_properties.push("invalid value for 'middlename', the character length must be smaller than or equal to 1024.") - end - - if !@unix_guid.nil? && @unix_guid < 1 - invalid_properties.push("invalid value for 'unix_guid', must be greater than or equal to 1.") - end - - if !@unix_uid.nil? && @unix_uid < 1 - invalid_properties.push("invalid value for 'unix_uid', must be greater than or equal to 1.") - end - - if !@username.nil? && @username.to_s.length > 1024 - invalid_properties.push("invalid value for 'username', the character length must be smaller than or equal to 1024.") - end - - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return false if !@bad_login_attempts.nil? && @bad_login_attempts < 0 - return false if !@company.nil? && @company.to_s.length > 1024 - return false if !@cost_center.nil? && @cost_center.to_s.length > 1024 - return false if !@department.nil? && @department.to_s.length > 1024 - return false if !@description.nil? && @description.to_s.length > 1024 - return false if !@displayname.nil? && @displayname.to_s.length > 1024 - return false if !@email.nil? && @email.to_s.length > 1024 - return false if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - return false if !@employee_type.nil? && @employee_type.to_s.length > 1024 - return false if !@firstname.nil? && @firstname.to_s.length > 1024 - return false if !@job_title.nil? && @job_title.to_s.length > 1024 - return false if !@lastname.nil? && @lastname.to_s.length > 1024 - return false if !@location.nil? && @location.to_s.length > 1024 - return false if !@middlename.nil? && @middlename.to_s.length > 1024 - return false if !@unix_guid.nil? && @unix_guid < 1 - return false if !@unix_uid.nil? && @unix_uid < 1 - return false if !@username.nil? && @username.to_s.length > 1024 - return true - end - - # Custom attribute writer method with validation - # @param [Object] bad_login_attempts Value to be assigned - def bad_login_attempts=(bad_login_attempts) - - if !bad_login_attempts.nil? && bad_login_attempts < 0 - fail ArgumentError, "invalid value for 'bad_login_attempts', must be greater than or equal to 0." - end - - @bad_login_attempts = bad_login_attempts - end - - # Custom attribute writer method with validation - # @param [Object] company Value to be assigned - def company=(company) - - if !company.nil? && company.to_s.length > 1024 - fail ArgumentError, "invalid value for 'company', the character length must be smaller than or equal to 1024." - end - - @company = company - end - - # Custom attribute writer method with validation - # @param [Object] cost_center Value to be assigned - def cost_center=(cost_center) - - if !cost_center.nil? && cost_center.to_s.length > 1024 - fail ArgumentError, "invalid value for 'cost_center', the character length must be smaller than or equal to 1024." - end - - @cost_center = cost_center - end - - # Custom attribute writer method with validation - # @param [Object] department Value to be assigned - def department=(department) - - if !department.nil? && department.to_s.length > 1024 - fail ArgumentError, "invalid value for 'department', the character length must be smaller than or equal to 1024." - end - - @department = department - end - - # Custom attribute writer method with validation - # @param [Object] description Value to be assigned - def description=(description) - - if !description.nil? && description.to_s.length > 1024 - fail ArgumentError, "invalid value for 'description', the character length must be smaller than or equal to 1024." - end - - @description = description - end - - # Custom attribute writer method with validation - # @param [Object] displayname Value to be assigned - def displayname=(displayname) - - if !displayname.nil? && displayname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'displayname', the character length must be smaller than or equal to 1024." - end - - @displayname = displayname - end - - # Custom attribute writer method with validation - # @param [Object] email Value to be assigned - def email=(email) - - if !email.nil? && email.to_s.length > 1024 - fail ArgumentError, "invalid value for 'email', the character length must be smaller than or equal to 1024." - end - - @email = email - end - - # Custom attribute writer method with validation - # @param [Object] employee_identifier Value to be assigned - def employee_identifier=(employee_identifier) - - if !employee_identifier.nil? && employee_identifier.to_s.length > 256 - fail ArgumentError, "invalid value for 'employee_identifier', the character length must be smaller than or equal to 256." - end - - @employee_identifier = employee_identifier + state_validator = EnumAttributeValidator.new('Object', ['STAGED', 'ACTIVATED', 'SUSPENDED']) + return false unless state_validator.valid?(@state) + true end - # Custom attribute writer method with validation - # @param [Object] employee_type Value to be assigned - def employee_type=(employee_type) - - if !employee_type.nil? && employee_type.to_s.length > 1024 - fail ArgumentError, "invalid value for 'employee_type', the character length must be smaller than or equal to 1024." + # Custom attribute writer method checking allowed values (enum). + # @param [Object] state Object to be assigned + def state=(state) + validator = EnumAttributeValidator.new('Object', ['STAGED', 'ACTIVATED', 'SUSPENDED']) + unless validator.valid?(state) + fail ArgumentError, "invalid value for \"state\", must be one of #{validator.allowable_values}." end - - @employee_type = employee_type - end - - # Custom attribute writer method with validation - # @param [Object] firstname Value to be assigned - def firstname=(firstname) - - if !firstname.nil? && firstname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'firstname', the character length must be smaller than or equal to 1024." - end - - @firstname = firstname - end - - # Custom attribute writer method with validation - # @param [Object] job_title Value to be assigned - def job_title=(job_title) - - if !job_title.nil? && job_title.to_s.length > 1024 - fail ArgumentError, "invalid value for 'job_title', the character length must be smaller than or equal to 1024." - end - - @job_title = job_title - end - - # Custom attribute writer method with validation - # @param [Object] lastname Value to be assigned - def lastname=(lastname) - - if !lastname.nil? && lastname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'lastname', the character length must be smaller than or equal to 1024." - end - - @lastname = lastname - end - - # Custom attribute writer method with validation - # @param [Object] location Value to be assigned - def location=(location) - - if !location.nil? && location.to_s.length > 1024 - fail ArgumentError, "invalid value for 'location', the character length must be smaller than or equal to 1024." - end - - @location = location - end - - # Custom attribute writer method with validation - # @param [Object] middlename Value to be assigned - def middlename=(middlename) - - if !middlename.nil? && middlename.to_s.length > 1024 - fail ArgumentError, "invalid value for 'middlename', the character length must be smaller than or equal to 1024." - end - - @middlename = middlename - end - - # Custom attribute writer method with validation - # @param [Object] unix_guid Value to be assigned - def unix_guid=(unix_guid) - - if !unix_guid.nil? && unix_guid < 1 - fail ArgumentError, "invalid value for 'unix_guid', must be greater than or equal to 1." - end - - @unix_guid = unix_guid - end - - # Custom attribute writer method with validation - # @param [Object] unix_uid Value to be assigned - def unix_uid=(unix_uid) - - if !unix_uid.nil? && unix_uid < 1 - fail ArgumentError, "invalid value for 'unix_uid', must be greater than or equal to 1." - end - - @unix_uid = unix_uid - end - - # Custom attribute writer method with validation - # @param [Object] username Value to be assigned - def username=(username) - - if !username.nil? && username.to_s.length > 1024 - fail ArgumentError, "invalid value for 'username', the character length must be smaller than or equal to 1024." - end - - @username = username + @state = state end # Checks equality by comparing each attribute. @@ -703,16 +566,20 @@ def ==(o) self.class == o.class && _id == o._id && account_locked == o.account_locked && + account_locked_date == o.account_locked_date && activated == o.activated && addresses == o.addresses && allow_public_key == o.allow_public_key && + alternate_email == o.alternate_email && attributes == o.attributes && bad_login_attempts == o.bad_login_attempts && company == o.company && cost_center == o.cost_center && created == o.created && + creation_source == o.creation_source && department == o.department && description == o.description && + disable_device_max_login_attempts == o.disable_device_max_login_attempts && displayname == o.displayname && email == o.email && employee_identifier == o.employee_identifier && @@ -720,6 +587,7 @@ def ==(o) enable_managed_uid == o.enable_managed_uid && enable_user_portal_multifactor == o.enable_user_portal_multifactor && external_dn == o.external_dn && + external_password_expiration_date == o.external_password_expiration_date && external_source_type == o.external_source_type && externally_managed == o.externally_managed && firstname == o.firstname && @@ -727,18 +595,24 @@ def ==(o) lastname == o.lastname && ldap_binding_user == o.ldap_binding_user && location == o.location && + managed_apple_id == o.managed_apple_id && + manager == o.manager && mfa == o.mfa && + mfa_enrollment == o.mfa_enrollment && middlename == o.middlename && organization == o.organization && + password_date == o.password_date && password_expiration_date == o.password_expiration_date && password_expired == o.password_expired && password_never_expires == o.password_never_expires && passwordless_sudo == o.passwordless_sudo && phone_numbers == o.phone_numbers && public_key == o.public_key && + recovery_email == o.recovery_email && relationships == o.relationships && samba_service_user == o.samba_service_user && ssh_keys == o.ssh_keys && + state == o.state && sudo == o.sudo && suspended == o.suspended && tags == o.tags && @@ -755,9 +629,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [_id, account_locked, activated, addresses, allow_public_key, attributes, bad_login_attempts, company, cost_center, created, department, description, displayname, email, employee_identifier, employee_type, enable_managed_uid, enable_user_portal_multifactor, external_dn, external_source_type, externally_managed, firstname, job_title, lastname, ldap_binding_user, location, mfa, middlename, organization, password_expiration_date, password_expired, password_never_expires, passwordless_sudo, phone_numbers, public_key, relationships, samba_service_user, ssh_keys, sudo, suspended, tags, totp_enabled, unix_guid, unix_uid, username].hash + [_id, account_locked, account_locked_date, activated, addresses, allow_public_key, alternate_email, attributes, bad_login_attempts, company, cost_center, created, creation_source, department, description, disable_device_max_login_attempts, displayname, email, employee_identifier, employee_type, enable_managed_uid, enable_user_portal_multifactor, external_dn, external_password_expiration_date, external_source_type, externally_managed, firstname, job_title, lastname, ldap_binding_user, location, managed_apple_id, manager, mfa, mfa_enrollment, middlename, organization, password_date, password_expiration_date, password_expired, password_never_expires, passwordless_sudo, phone_numbers, public_key, recovery_email, relationships, samba_service_user, ssh_keys, state, sudo, suspended, tags, totp_enabled, unix_guid, unix_uid, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -765,16 +646,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -796,7 +679,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -817,8 +700,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -840,7 +722,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -852,7 +738,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -862,8 +748,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserreturn_addresses.rb b/jcapiv1/lib/jcapiv1/models/systemuserreturn_addresses.rb index 1d5148d..7c99bce 100644 --- a/jcapiv1/lib/jcapiv1/models/systemuserreturn_addresses.rb +++ b/jcapiv1/lib/jcapiv1/models/systemuserreturn_addresses.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class SystemuserreturnAddresses attr_accessor :country @@ -33,7 +31,6 @@ class SystemuserreturnAddresses attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -50,205 +47,89 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'country' => :'String', - :'extended_address' => :'String', - :'id' => :'String', - :'locality' => :'String', - :'po_box' => :'String', - :'postal_code' => :'String', - :'region' => :'String', - :'street_address' => :'String', - :'type' => :'String' + :'country' => :'Object', + :'extended_address' => :'Object', + :'id' => :'Object', + :'locality' => :'Object', + :'po_box' => :'Object', + :'postal_code' => :'Object', + :'region' => :'Object', + :'street_address' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemuserreturnAddresses` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemuserreturnAddresses`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'country') + if attributes.key?(:'country') self.country = attributes[:'country'] end - if attributes.has_key?(:'extendedAddress') - self.extended_address = attributes[:'extendedAddress'] + if attributes.key?(:'extended_address') + self.extended_address = attributes[:'extended_address'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'locality') + if attributes.key?(:'locality') self.locality = attributes[:'locality'] end - if attributes.has_key?(:'poBox') - self.po_box = attributes[:'poBox'] + if attributes.key?(:'po_box') + self.po_box = attributes[:'po_box'] end - if attributes.has_key?(:'postalCode') - self.postal_code = attributes[:'postalCode'] + if attributes.key?(:'postal_code') + self.postal_code = attributes[:'postal_code'] end - if attributes.has_key?(:'region') + if attributes.key?(:'region') self.region = attributes[:'region'] end - if attributes.has_key?(:'streetAddress') - self.street_address = attributes[:'streetAddress'] + if attributes.key?(:'street_address') + self.street_address = attributes[:'street_address'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - if !@country.nil? && @country.to_s.length > 1024 - invalid_properties.push("invalid value for 'country', the character length must be smaller than or equal to 1024.") - end - - if !@extended_address.nil? && @extended_address.to_s.length > 1024 - invalid_properties.push("invalid value for 'extended_address', the character length must be smaller than or equal to 1024.") - end - - if !@locality.nil? && @locality.to_s.length > 1024 - invalid_properties.push("invalid value for 'locality', the character length must be smaller than or equal to 1024.") - end - - if !@po_box.nil? && @po_box.to_s.length > 1024 - invalid_properties.push("invalid value for 'po_box', the character length must be smaller than or equal to 1024.") - end - - if !@postal_code.nil? && @postal_code.to_s.length > 1024 - invalid_properties.push("invalid value for 'postal_code', the character length must be smaller than or equal to 1024.") - end - - if !@region.nil? && @region.to_s.length > 1024 - invalid_properties.push("invalid value for 'region', the character length must be smaller than or equal to 1024.") - end - - if !@street_address.nil? && @street_address.to_s.length > 1024 - invalid_properties.push("invalid value for 'street_address', the character length must be smaller than or equal to 1024.") - end - - if !@type.nil? && @type.to_s.length > 1024 - invalid_properties.push("invalid value for 'type', the character length must be smaller than or equal to 1024.") - end - - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return false if !@country.nil? && @country.to_s.length > 1024 - return false if !@extended_address.nil? && @extended_address.to_s.length > 1024 - return false if !@locality.nil? && @locality.to_s.length > 1024 - return false if !@po_box.nil? && @po_box.to_s.length > 1024 - return false if !@postal_code.nil? && @postal_code.to_s.length > 1024 - return false if !@region.nil? && @region.to_s.length > 1024 - return false if !@street_address.nil? && @street_address.to_s.length > 1024 - return false if !@type.nil? && @type.to_s.length > 1024 - return true - end - - # Custom attribute writer method with validation - # @param [Object] country Value to be assigned - def country=(country) - - if !country.nil? && country.to_s.length > 1024 - fail ArgumentError, "invalid value for 'country', the character length must be smaller than or equal to 1024." - end - - @country = country - end - - # Custom attribute writer method with validation - # @param [Object] extended_address Value to be assigned - def extended_address=(extended_address) - - if !extended_address.nil? && extended_address.to_s.length > 1024 - fail ArgumentError, "invalid value for 'extended_address', the character length must be smaller than or equal to 1024." - end - - @extended_address = extended_address - end - - # Custom attribute writer method with validation - # @param [Object] locality Value to be assigned - def locality=(locality) - - if !locality.nil? && locality.to_s.length > 1024 - fail ArgumentError, "invalid value for 'locality', the character length must be smaller than or equal to 1024." - end - - @locality = locality - end - - # Custom attribute writer method with validation - # @param [Object] po_box Value to be assigned - def po_box=(po_box) - - if !po_box.nil? && po_box.to_s.length > 1024 - fail ArgumentError, "invalid value for 'po_box', the character length must be smaller than or equal to 1024." - end - - @po_box = po_box - end - - # Custom attribute writer method with validation - # @param [Object] postal_code Value to be assigned - def postal_code=(postal_code) - - if !postal_code.nil? && postal_code.to_s.length > 1024 - fail ArgumentError, "invalid value for 'postal_code', the character length must be smaller than or equal to 1024." - end - - @postal_code = postal_code - end - - # Custom attribute writer method with validation - # @param [Object] region Value to be assigned - def region=(region) - - if !region.nil? && region.to_s.length > 1024 - fail ArgumentError, "invalid value for 'region', the character length must be smaller than or equal to 1024." - end - - @region = region - end - - # Custom attribute writer method with validation - # @param [Object] street_address Value to be assigned - def street_address=(street_address) - - if !street_address.nil? && street_address.to_s.length > 1024 - fail ArgumentError, "invalid value for 'street_address', the character length must be smaller than or equal to 1024." - end - - @street_address = street_address - end - - # Custom attribute writer method with validation - # @param [Object] type Value to be assigned - def type=(type) - - if !type.nil? && type.to_s.length > 1024 - fail ArgumentError, "invalid value for 'type', the character length must be smaller than or equal to 1024." - end - - @type = type + true end # Checks equality by comparing each attribute. @@ -274,26 +155,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [country, extended_address, id, locality, po_box, postal_code, region, street_address, type].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -315,7 +205,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -336,8 +226,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -359,7 +248,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -371,7 +264,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -381,8 +274,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserreturn_phone_numbers.rb b/jcapiv1/lib/jcapiv1/models/systemuserreturn_phone_numbers.rb index b73d89d..2af1242 100644 --- a/jcapiv1/lib/jcapiv1/models/systemuserreturn_phone_numbers.rb +++ b/jcapiv1/lib/jcapiv1/models/systemuserreturn_phone_numbers.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class SystemuserreturnPhoneNumbers attr_accessor :id @@ -21,7 +19,6 @@ class SystemuserreturnPhoneNumbers attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -32,79 +29,59 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'id' => :'String', - :'number' => :'String', - :'type' => :'String' + :'id' => :'Object', + :'number' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemuserreturnPhoneNumbers` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemuserreturnPhoneNumbers`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'number') + if attributes.key?(:'number') self.number = attributes[:'number'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - if !@number.nil? && @number.to_s.length > 1024 - invalid_properties.push("invalid value for 'number', the character length must be smaller than or equal to 1024.") - end - - if !@type.nil? && @type.to_s.length > 1024 - invalid_properties.push("invalid value for 'type', the character length must be smaller than or equal to 1024.") - end - - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return false if !@number.nil? && @number.to_s.length > 1024 - return false if !@type.nil? && @type.to_s.length > 1024 - return true - end - - # Custom attribute writer method with validation - # @param [Object] number Value to be assigned - def number=(number) - - if !number.nil? && number.to_s.length > 1024 - fail ArgumentError, "invalid value for 'number', the character length must be smaller than or equal to 1024." - end - - @number = number - end - - # Custom attribute writer method with validation - # @param [Object] type Value to be assigned - def type=(type) - - if !type.nil? && type.to_s.length > 1024 - fail ArgumentError, "invalid value for 'type', the character length must be smaller than or equal to 1024." - end - - @type = type + true end # Checks equality by comparing each attribute. @@ -124,26 +101,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [id, number, type].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -165,7 +151,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -186,8 +172,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -209,7 +194,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -221,7 +210,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -231,8 +220,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserreturn_recovery_email.rb b/jcapiv1/lib/jcapiv1/models/systemuserreturn_recovery_email.rb new file mode 100644 index 0000000..957bc6f --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/systemuserreturn_recovery_email.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class SystemuserreturnRecoveryEmail + attr_accessor :address + + attr_accessor :verified + + attr_accessor :verified_at + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'address' => :'address', + :'verified' => :'verified', + :'verified_at' => :'verifiedAt' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'address' => :'Object', + :'verified' => :'Object', + :'verified_at' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::SystemuserreturnRecoveryEmail` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::SystemuserreturnRecoveryEmail`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'address') + self.address = attributes[:'address'] + end + + if attributes.key?(:'verified') + self.verified = attributes[:'verified'] + end + + if attributes.key?(:'verified_at') + self.verified_at = attributes[:'verified_at'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + address == o.address && + verified == o.verified && + verified_at == o.verified_at + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [address, verified, verified_at].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/systemuserslist.rb b/jcapiv1/lib/jcapiv1/models/systemuserslist.rb index f2a3e8a..0ecd550 100644 --- a/jcapiv1/lib/jcapiv1/models/systemuserslist.rb +++ b/jcapiv1/lib/jcapiv1/models/systemuserslist.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv1 - class Systemuserslist # The list of system users. attr_accessor :results @@ -21,7 +19,6 @@ class Systemuserslist # The total number of system users. attr_accessor :total_count - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -31,44 +28,56 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'results' => :'Array', - :'total_count' => :'Integer' + :'results' => :'Object', + :'total_count' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Systemuserslist` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Systemuserslist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'results') + if attributes.key?(:'results') if (value = attributes[:'results']).is_a?(Array) self.results = value end end - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -87,26 +96,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [results, total_count].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -128,7 +146,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -149,8 +167,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv1.const_get(type).build_from_hash(value) end end @@ -172,7 +189,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -184,7 +205,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -194,8 +215,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv1/lib/jcapiv1/models/tag.rb b/jcapiv1/lib/jcapiv1/models/tag.rb deleted file mode 100644 index 6e5fca1..0000000 --- a/jcapiv1/lib/jcapiv1/models/tag.rb +++ /dev/null @@ -1,296 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Tag - attr_accessor :_id - - attr_accessor :expired - - attr_accessor :external_dn - - attr_accessor :external_source_type - - attr_accessor :externally_managed - - attr_accessor :group_gid - - attr_accessor :group_name - - # A unique name for the Tag. - attr_accessor :name - - attr_accessor :regular_expressions - - attr_accessor :send_to_ldap - - # An array of system ids that are associated to the Tag. - attr_accessor :systems - - # An array of system user ids that are associated to the Tag. - attr_accessor :systemusers - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'_id' => :'_id', - :'expired' => :'expired', - :'external_dn' => :'externalDN', - :'external_source_type' => :'externalSourceType', - :'externally_managed' => :'externallyManaged', - :'group_gid' => :'groupGid', - :'group_name' => :'groupName', - :'name' => :'name', - :'regular_expressions' => :'regularExpressions', - :'send_to_ldap' => :'sendToLDAP', - :'systems' => :'systems', - :'systemusers' => :'systemusers' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'_id' => :'String', - :'expired' => :'BOOLEAN', - :'external_dn' => :'String', - :'external_source_type' => :'String', - :'externally_managed' => :'BOOLEAN', - :'group_gid' => :'String', - :'group_name' => :'String', - :'name' => :'String', - :'regular_expressions' => :'Array', - :'send_to_ldap' => :'BOOLEAN', - :'systems' => :'Array', - :'systemusers' => :'Array' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'_id') - self._id = attributes[:'_id'] - end - - if attributes.has_key?(:'expired') - self.expired = attributes[:'expired'] - end - - if attributes.has_key?(:'externalDN') - self.external_dn = attributes[:'externalDN'] - end - - if attributes.has_key?(:'externalSourceType') - self.external_source_type = attributes[:'externalSourceType'] - end - - if attributes.has_key?(:'externallyManaged') - self.externally_managed = attributes[:'externallyManaged'] - end - - if attributes.has_key?(:'groupGid') - self.group_gid = attributes[:'groupGid'] - end - - if attributes.has_key?(:'groupName') - self.group_name = attributes[:'groupName'] - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'regularExpressions') - if (value = attributes[:'regularExpressions']).is_a?(Array) - self.regular_expressions = value - end - end - - if attributes.has_key?(:'sendToLDAP') - self.send_to_ldap = attributes[:'sendToLDAP'] - end - - if attributes.has_key?(:'systems') - if (value = attributes[:'systems']).is_a?(Array) - self.systems = value - end - end - - if attributes.has_key?(:'systemusers') - if (value = attributes[:'systemusers']).is_a?(Array) - self.systemusers = value - end - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - _id == o._id && - expired == o.expired && - external_dn == o.external_dn && - external_source_type == o.external_source_type && - externally_managed == o.externally_managed && - group_gid == o.group_gid && - group_name == o.group_name && - name == o.name && - regular_expressions == o.regular_expressions && - send_to_ldap == o.send_to_ldap && - systems == o.systems && - systemusers == o.systemusers - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [_id, expired, external_dn, external_source_type, externally_managed, group_gid, group_name, name, regular_expressions, send_to_ldap, systems, systemusers].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/tagpost.rb b/jcapiv1/lib/jcapiv1/models/tagpost.rb deleted file mode 100644 index b72276d..0000000 --- a/jcapiv1/lib/jcapiv1/models/tagpost.rb +++ /dev/null @@ -1,283 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Tagpost - attr_accessor :external_dn - - attr_accessor :external_source_type - - attr_accessor :externally_managed - - attr_accessor :group_gid - - attr_accessor :group_name - - # A unique name for the Tag. - attr_accessor :name - - attr_accessor :regular_expressions - - attr_accessor :send_to_ldap - - # An array of system ids that are associated to the Tag. - attr_accessor :systems - - # An array of system user ids that are associated to the Tag. - attr_accessor :systemusers - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'external_dn' => :'externalDN', - :'external_source_type' => :'externalSourceType', - :'externally_managed' => :'externallyManaged', - :'group_gid' => :'groupGid', - :'group_name' => :'groupName', - :'name' => :'name', - :'regular_expressions' => :'regularExpressions', - :'send_to_ldap' => :'sendToLDAP', - :'systems' => :'systems', - :'systemusers' => :'systemusers' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'external_dn' => :'String', - :'external_source_type' => :'String', - :'externally_managed' => :'BOOLEAN', - :'group_gid' => :'String', - :'group_name' => :'String', - :'name' => :'String', - :'regular_expressions' => :'Array', - :'send_to_ldap' => :'BOOLEAN', - :'systems' => :'Array', - :'systemusers' => :'Array' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'externalDN') - self.external_dn = attributes[:'externalDN'] - end - - if attributes.has_key?(:'externalSourceType') - self.external_source_type = attributes[:'externalSourceType'] - end - - if attributes.has_key?(:'externallyManaged') - self.externally_managed = attributes[:'externallyManaged'] - end - - if attributes.has_key?(:'groupGid') - self.group_gid = attributes[:'groupGid'] - end - - if attributes.has_key?(:'groupName') - self.group_name = attributes[:'groupName'] - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'regularExpressions') - if (value = attributes[:'regularExpressions']).is_a?(Array) - self.regular_expressions = value - end - end - - if attributes.has_key?(:'sendToLDAP') - self.send_to_ldap = attributes[:'sendToLDAP'] - end - - if attributes.has_key?(:'systems') - if (value = attributes[:'systems']).is_a?(Array) - self.systems = value - end - end - - if attributes.has_key?(:'systemusers') - if (value = attributes[:'systemusers']).is_a?(Array) - self.systemusers = value - end - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @name.nil? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - external_dn == o.external_dn && - external_source_type == o.external_source_type && - externally_managed == o.externally_managed && - group_gid == o.group_gid && - group_name == o.group_name && - name == o.name && - regular_expressions == o.regular_expressions && - send_to_ldap == o.send_to_ldap && - systems == o.systems && - systemusers == o.systemusers - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [external_dn, external_source_type, externally_managed, group_gid, group_name, name, regular_expressions, send_to_ldap, systems, systemusers].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/tagput.rb b/jcapiv1/lib/jcapiv1/models/tagput.rb deleted file mode 100644 index 995b41e..0000000 --- a/jcapiv1/lib/jcapiv1/models/tagput.rb +++ /dev/null @@ -1,278 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Tagput - attr_accessor :external_dn - - attr_accessor :external_source_type - - attr_accessor :externally_managed - - attr_accessor :group_gid - - attr_accessor :group_name - - # A unique name for the Tag. - attr_accessor :name - - attr_accessor :regular_expressions - - attr_accessor :send_to_ldap - - # An array of system ids that are associated to the Tag. - attr_accessor :systems - - # An array of system user ids that are associated to the Tag. - attr_accessor :systemusers - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'external_dn' => :'externalDN', - :'external_source_type' => :'externalSourceType', - :'externally_managed' => :'externallyManaged', - :'group_gid' => :'groupGid', - :'group_name' => :'groupName', - :'name' => :'name', - :'regular_expressions' => :'regularExpressions', - :'send_to_ldap' => :'sendToLDAP', - :'systems' => :'systems', - :'systemusers' => :'systemusers' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'external_dn' => :'String', - :'external_source_type' => :'String', - :'externally_managed' => :'BOOLEAN', - :'group_gid' => :'String', - :'group_name' => :'String', - :'name' => :'String', - :'regular_expressions' => :'Array', - :'send_to_ldap' => :'BOOLEAN', - :'systems' => :'Array', - :'systemusers' => :'Array' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'externalDN') - self.external_dn = attributes[:'externalDN'] - end - - if attributes.has_key?(:'externalSourceType') - self.external_source_type = attributes[:'externalSourceType'] - end - - if attributes.has_key?(:'externallyManaged') - self.externally_managed = attributes[:'externallyManaged'] - end - - if attributes.has_key?(:'groupGid') - self.group_gid = attributes[:'groupGid'] - end - - if attributes.has_key?(:'groupName') - self.group_name = attributes[:'groupName'] - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'regularExpressions') - if (value = attributes[:'regularExpressions']).is_a?(Array) - self.regular_expressions = value - end - end - - if attributes.has_key?(:'sendToLDAP') - self.send_to_ldap = attributes[:'sendToLDAP'] - end - - if attributes.has_key?(:'systems') - if (value = attributes[:'systems']).is_a?(Array) - self.systems = value - end - end - - if attributes.has_key?(:'systemusers') - if (value = attributes[:'systemusers']).is_a?(Array) - self.systemusers = value - end - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - external_dn == o.external_dn && - external_source_type == o.external_source_type && - externally_managed == o.externally_managed && - group_gid == o.group_gid && - group_name == o.group_name && - name == o.name && - regular_expressions == o.regular_expressions && - send_to_ldap == o.send_to_ldap && - systems == o.systems && - systemusers == o.systemusers - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [external_dn, external_source_type, externally_managed, group_gid, group_name, name, regular_expressions, send_to_ldap, systems, systemusers].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/tagslist.rb b/jcapiv1/lib/jcapiv1/models/tagslist.rb deleted file mode 100644 index 89e00f2..0000000 --- a/jcapiv1/lib/jcapiv1/models/tagslist.rb +++ /dev/null @@ -1,201 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Tagslist - # The list of tags. - attr_accessor :results - - # The total number of tags. - attr_accessor :total_count - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'results' => :'results', - :'total_count' => :'totalCount' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'results' => :'Array', - :'total_count' => :'Integer' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'results') - if (value = attributes[:'results']).is_a?(Array) - self.results = value - end - end - - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - results == o.results && - total_count == o.total_count - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [results, total_count].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/totpenrollmentinfo.rb b/jcapiv1/lib/jcapiv1/models/totpenrollmentinfo.rb new file mode 100644 index 0000000..10f2541 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/totpenrollmentinfo.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class Totpenrollmentinfo + # The TOTP enrollment date of the user. + attr_accessor :enrollment_date + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'enrollment_date' => :'enrollmentDate' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'enrollment_date' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Totpenrollmentinfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Totpenrollmentinfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'enrollment_date') + self.enrollment_date = attributes[:'enrollment_date'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enrollment_date == o.enrollment_date + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [enrollment_date].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/triggerreturn.rb b/jcapiv1/lib/jcapiv1/models/triggerreturn.rb new file mode 100644 index 0000000..3e47fb2 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/triggerreturn.rb @@ -0,0 +1,208 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class Triggerreturn + attr_accessor :triggered + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'triggered' => :'triggered' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'triggered' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Triggerreturn` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Triggerreturn`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'triggered') + if (value = attributes[:'triggered']).is_a?(Array) + self.triggered = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + triggered == o.triggered + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [triggered].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/trustedapp_config_get.rb b/jcapiv1/lib/jcapiv1/models/trustedapp_config_get.rb new file mode 100644 index 0000000..65ac7bd --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/trustedapp_config_get.rb @@ -0,0 +1,230 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + # Object containing information about the list of trusted applications for the organization + class TrustedappConfigGet + # Checksum to validate the trustedApp configuration for the organization + attr_accessor :checksum + + # List of authorized apps for the organization + attr_accessor :trusted_apps + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'checksum' => :'checksum', + :'trusted_apps' => :'trustedApps' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'checksum' => :'Object', + :'trusted_apps' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::TrustedappConfigGet` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::TrustedappConfigGet`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'checksum') + self.checksum = attributes[:'checksum'] + end + + if attributes.key?(:'trusted_apps') + if (value = attributes[:'trusted_apps']).is_a?(Array) + self.trusted_apps = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @checksum.nil? + invalid_properties.push('invalid value for "checksum", checksum cannot be nil.') + end + + if @trusted_apps.nil? + invalid_properties.push('invalid value for "trusted_apps", trusted_apps cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @checksum.nil? + return false if @trusted_apps.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + checksum == o.checksum && + trusted_apps == o.trusted_apps + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [checksum, trusted_apps].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/trustedapp_config_get_trusted_apps.rb b/jcapiv1/lib/jcapiv1/models/trustedapp_config_get_trusted_apps.rb new file mode 100644 index 0000000..5e379e1 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/trustedapp_config_get_trusted_apps.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + # Represents an application that is going to be trusted by the organization + class TrustedappConfigGetTrustedApps + # Name of the trusted application + attr_accessor :name + + # Absolute path for the app's location in user's device + attr_accessor :path + + # App's Team ID + attr_accessor :teamid + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'path' => :'path', + :'teamid' => :'teamid' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'path' => :'Object', + :'teamid' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::TrustedappConfigGetTrustedApps` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::TrustedappConfigGetTrustedApps`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'teamid') + self.teamid = attributes[:'teamid'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + path == o.path && + teamid == o.teamid + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, path, teamid].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/trustedapp_config_put.rb b/jcapiv1/lib/jcapiv1/models/trustedapp_config_put.rb new file mode 100644 index 0000000..7b0ff2f --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/trustedapp_config_put.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + # Object containing information about the list of trusted applications for the organization + class TrustedappConfigPut + # List of authorized apps for the organization + attr_accessor :trusted_apps + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'trusted_apps' => :'trustedApps' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'trusted_apps' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::TrustedappConfigPut` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::TrustedappConfigPut`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'trusted_apps') + if (value = attributes[:'trusted_apps']).is_a?(Array) + self.trusted_apps = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @trusted_apps.nil? + invalid_properties.push('invalid value for "trusted_apps", trusted_apps cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @trusted_apps.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + trusted_apps == o.trusted_apps + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [trusted_apps].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/userput.rb b/jcapiv1/lib/jcapiv1/models/userput.rb new file mode 100644 index 0000000..311b45a --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/userput.rb @@ -0,0 +1,260 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class Userput + attr_accessor :email + + attr_accessor :enable_multi_factor + + attr_accessor :firstname + + attr_accessor :growth_data + + attr_accessor :last_whats_new_checked + + attr_accessor :lastname + + attr_accessor :role_name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'email' => :'email', + :'enable_multi_factor' => :'enableMultiFactor', + :'firstname' => :'firstname', + :'growth_data' => :'growthData', + :'last_whats_new_checked' => :'lastWhatsNewChecked', + :'lastname' => :'lastname', + :'role_name' => :'roleName' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'email' => :'Object', + :'enable_multi_factor' => :'Object', + :'firstname' => :'Object', + :'growth_data' => :'Object', + :'last_whats_new_checked' => :'Object', + :'lastname' => :'Object', + :'role_name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Userput` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Userput`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'enable_multi_factor') + self.enable_multi_factor = attributes[:'enable_multi_factor'] + end + + if attributes.key?(:'firstname') + self.firstname = attributes[:'firstname'] + end + + if attributes.key?(:'growth_data') + self.growth_data = attributes[:'growth_data'] + end + + if attributes.key?(:'last_whats_new_checked') + self.last_whats_new_checked = attributes[:'last_whats_new_checked'] + end + + if attributes.key?(:'lastname') + self.lastname = attributes[:'lastname'] + end + + if attributes.key?(:'role_name') + self.role_name = attributes[:'role_name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + email == o.email && + enable_multi_factor == o.enable_multi_factor && + firstname == o.firstname && + growth_data == o.growth_data && + last_whats_new_checked == o.last_whats_new_checked && + lastname == o.lastname && + role_name == o.role_name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [email, enable_multi_factor, firstname, growth_data, last_whats_new_checked, lastname, role_name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/userreturn.rb b/jcapiv1/lib/jcapiv1/models/userreturn.rb new file mode 100644 index 0000000..ec61d30 --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/userreturn.rb @@ -0,0 +1,377 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class Userreturn + attr_accessor :_id + + attr_accessor :api_key_updated_at + + attr_accessor :created + + attr_accessor :disable_introduction + + attr_accessor :email + + attr_accessor :enable_multi_factor + + attr_accessor :firstname + + attr_accessor :growth_data + + attr_accessor :last_whats_new_checked + + attr_accessor :lastname + + attr_accessor :organization + + attr_accessor :password_updated_at + + attr_accessor :provider + + attr_accessor :role + + attr_accessor :role_name + + attr_accessor :session_count + + attr_accessor :suspended + + attr_accessor :totp_enrolled + + attr_accessor :totp_updated_at + + attr_accessor :users_time_zone + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'_id' => :'_id', + :'api_key_updated_at' => :'apiKeyUpdatedAt', + :'created' => :'created', + :'disable_introduction' => :'disableIntroduction', + :'email' => :'email', + :'enable_multi_factor' => :'enableMultiFactor', + :'firstname' => :'firstname', + :'growth_data' => :'growthData', + :'last_whats_new_checked' => :'lastWhatsNewChecked', + :'lastname' => :'lastname', + :'organization' => :'organization', + :'password_updated_at' => :'passwordUpdatedAt', + :'provider' => :'provider', + :'role' => :'role', + :'role_name' => :'roleName', + :'session_count' => :'sessionCount', + :'suspended' => :'suspended', + :'totp_enrolled' => :'totpEnrolled', + :'totp_updated_at' => :'totpUpdatedAt', + :'users_time_zone' => :'usersTimeZone' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'_id' => :'Object', + :'api_key_updated_at' => :'Object', + :'created' => :'Object', + :'disable_introduction' => :'Object', + :'email' => :'Object', + :'enable_multi_factor' => :'Object', + :'firstname' => :'Object', + :'growth_data' => :'Object', + :'last_whats_new_checked' => :'Object', + :'lastname' => :'Object', + :'organization' => :'Object', + :'password_updated_at' => :'Object', + :'provider' => :'Object', + :'role' => :'Object', + :'role_name' => :'Object', + :'session_count' => :'Object', + :'suspended' => :'Object', + :'totp_enrolled' => :'Object', + :'totp_updated_at' => :'Object', + :'users_time_zone' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::Userreturn` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::Userreturn`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'_id') + self._id = attributes[:'_id'] + end + + if attributes.key?(:'api_key_updated_at') + self.api_key_updated_at = attributes[:'api_key_updated_at'] + end + + if attributes.key?(:'created') + self.created = attributes[:'created'] + end + + if attributes.key?(:'disable_introduction') + self.disable_introduction = attributes[:'disable_introduction'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'enable_multi_factor') + self.enable_multi_factor = attributes[:'enable_multi_factor'] + end + + if attributes.key?(:'firstname') + self.firstname = attributes[:'firstname'] + end + + if attributes.key?(:'growth_data') + self.growth_data = attributes[:'growth_data'] + end + + if attributes.key?(:'last_whats_new_checked') + self.last_whats_new_checked = attributes[:'last_whats_new_checked'] + end + + if attributes.key?(:'lastname') + self.lastname = attributes[:'lastname'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + + if attributes.key?(:'password_updated_at') + self.password_updated_at = attributes[:'password_updated_at'] + end + + if attributes.key?(:'provider') + self.provider = attributes[:'provider'] + end + + if attributes.key?(:'role') + self.role = attributes[:'role'] + end + + if attributes.key?(:'role_name') + self.role_name = attributes[:'role_name'] + end + + if attributes.key?(:'session_count') + self.session_count = attributes[:'session_count'] + end + + if attributes.key?(:'suspended') + self.suspended = attributes[:'suspended'] + end + + if attributes.key?(:'totp_enrolled') + self.totp_enrolled = attributes[:'totp_enrolled'] + end + + if attributes.key?(:'totp_updated_at') + self.totp_updated_at = attributes[:'totp_updated_at'] + end + + if attributes.key?(:'users_time_zone') + self.users_time_zone = attributes[:'users_time_zone'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + _id == o._id && + api_key_updated_at == o.api_key_updated_at && + created == o.created && + disable_introduction == o.disable_introduction && + email == o.email && + enable_multi_factor == o.enable_multi_factor && + firstname == o.firstname && + growth_data == o.growth_data && + last_whats_new_checked == o.last_whats_new_checked && + lastname == o.lastname && + organization == o.organization && + password_updated_at == o.password_updated_at && + provider == o.provider && + role == o.role && + role_name == o.role_name && + session_count == o.session_count && + suspended == o.suspended && + totp_enrolled == o.totp_enrolled && + totp_updated_at == o.totp_updated_at && + users_time_zone == o.users_time_zone + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [_id, api_key_updated_at, created, disable_introduction, email, enable_multi_factor, firstname, growth_data, last_whats_new_checked, lastname, organization, password_updated_at, provider, role, role_name, session_count, suspended, totp_enrolled, totp_updated_at, users_time_zone].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/userreturn_growth_data.rb b/jcapiv1/lib/jcapiv1/models/userreturn_growth_data.rb new file mode 100644 index 0000000..9a5656b --- /dev/null +++ b/jcapiv1/lib/jcapiv1/models/userreturn_growth_data.rb @@ -0,0 +1,219 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv1 + class UserreturnGrowthData + attr_accessor :experiment_states + + attr_accessor :onboarding_state + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'experiment_states' => :'experimentStates', + :'onboarding_state' => :'onboardingState' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'experiment_states' => :'Object', + :'onboarding_state' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv1::UserreturnGrowthData` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv1::UserreturnGrowthData`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'experiment_states') + if (value = attributes[:'experiment_states']).is_a?(Hash) + self.experiment_states = value + end + end + + if attributes.key?(:'onboarding_state') + if (value = attributes[:'onboarding_state']).is_a?(Hash) + self.onboarding_state = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + experiment_states == o.experiment_states && + onboarding_state == o.onboarding_state + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [experiment_states, onboarding_state].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv1.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv1/lib/jcapiv1/models/usersystembinding.rb b/jcapiv1/lib/jcapiv1/models/usersystembinding.rb deleted file mode 100644 index f164990..0000000 --- a/jcapiv1/lib/jcapiv1/models/usersystembinding.rb +++ /dev/null @@ -1,179 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Usersystembinding - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - } - end - - # Attribute type mapping. - def self.swagger_types - { - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/models/usersystembindingsput.rb b/jcapiv1/lib/jcapiv1/models/usersystembindingsput.rb deleted file mode 100644 index a87a555..0000000 --- a/jcapiv1/lib/jcapiv1/models/usersystembindingsput.rb +++ /dev/null @@ -1,213 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv1 - - class Usersystembindingsput - # The list of system ids to be added to this user. - attr_accessor :add - - # The list of system ids to be removed from this user. - attr_accessor :remove - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'add' => :'add', - :'remove' => :'remove' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'add' => :'Array', - :'remove' => :'Array' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'add') - if (value = attributes[:'add']).is_a?(Array) - self.add = value - end - end - - if attributes.has_key?(:'remove') - if (value = attributes[:'remove']).is_a?(Array) - self.remove = value - end - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @add.nil? - invalid_properties.push("invalid value for 'add', add cannot be nil.") - end - - if @remove.nil? - invalid_properties.push("invalid value for 'remove', remove cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @add.nil? - return false if @remove.nil? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - add == o.add && - remove == o.remove - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [add, remove].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv1.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv1/lib/jcapiv1/version.rb b/jcapiv1/lib/jcapiv1/version.rb index 6e9f85e..40ed732 100644 --- a/jcapiv1/lib/jcapiv1/version.rb +++ b/jcapiv1/lib/jcapiv1/version.rb @@ -1,15 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end module JCAPIv1 - VERSION = "3.0.0" + VERSION = '3.0.0' end diff --git a/jcapiv1/spec/api/application_templates_api_spec.rb b/jcapiv1/spec/api/application_templates_api_spec.rb index 135e8a4..4fca1b1 100644 --- a/jcapiv1/spec/api/application_templates_api_spec.rb +++ b/jcapiv1/spec/api/application_templates_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,39 +33,35 @@ # unit tests for application_templates_get # Get an Application Template - # The endpoint returns a specific SSO / SAML Application Template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/application-templates/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # The endpoint returns a specific SSO / SAML Application Template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/application-templates/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id # @return [Applicationtemplate] describe 'application_templates_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for application_templates_list # List Application Templates - # The endpoint returns all the SSO / SAML Application Templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/application-templates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # The endpoint returns all the SSO / SAML Application Templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/application-templates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id # @return [Applicationtemplateslist] describe 'application_templates_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv1/spec/api/applications_api_spec.rb b/jcapiv1/spec/api/applications_api_spec.rb index 0e56bb0..a3f3ad4 100644 --- a/jcapiv1/spec/api/applications_api_spec.rb +++ b/jcapiv1/spec/api/applications_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -37,12 +36,10 @@ # The endpoint deletes an SSO / SAML Application. # @param id # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id # @return [Application] describe 'applications_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -52,31 +49,27 @@ # The endpoint retrieves an SSO / SAML Application. # @param id # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id # @return [Application] describe 'applications_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for applications_list # Applications - # The endpoint returns all your SSO / SAML Applications. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # The endpoint returns all your SSO / SAML Applications. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with - to sort descending. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id # @return [Applicationslist] describe 'applications_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -86,28 +79,24 @@ # The endpoint adds a new SSO / SAML Applications. # @param [Hash] opts the optional parameters # @option opts [Application] :body - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id # @return [Application] describe 'applications_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for applications_put # Update an Application - # The endpoint updates a SSO / SAML Application. + # The endpoint updates a SSO / SAML Application. Any fields not provided will be reset or created with default values. # @param id # @param [Hash] opts the optional parameters # @option opts [Application] :body - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [String] :x_org_id # @return [Application] describe 'applications_put test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv1/spec/api/command_results_api_spec.rb b/jcapiv1/spec/api/command_results_api_spec.rb index 66c09fc..3705cc4 100644 --- a/jcapiv1/spec/api/command_results_api_spec.rb +++ b/jcapiv1/spec/api/command_results_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,51 +33,45 @@ # unit tests for command_results_delete # Delete a Command result - # This endpoint deletes a specific command result. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` + # This endpoint deletes a specific command result. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/commandresults/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id # @return [Commandresult] describe 'command_results_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for command_results_get # List an individual Command result - # This endpoint returns a specific command result. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults/{CommandResultID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific command result. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults/{CommandResultID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id # @return [Commandresult] describe 'command_results_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for command_results_list # List all Command Results - # This endpoint returns all command results. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all command results. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commandresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id # @return [Commandresultslist] describe 'command_results_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv1/spec/api/command_triggers_api_spec.rb b/jcapiv1/spec/api/command_triggers_api_spec.rb index d03a105..35a6998 100644 --- a/jcapiv1/spec/api/command_triggers_api_spec.rb +++ b/jcapiv1/spec/api/command_triggers_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ # unit tests for command_trigger_webhook_post # Launch a command via a Trigger - # This endpoint allows you to launch a command based on a defined trigger. #### Sample Requests **Launch a Command via a Trigger** ``` curl --silent \\ -X 'POST' \\ -H \"x-api-key: {API_KEY}\" \\ \"https://console.jumpcloud.com/api/command/trigger/{TriggerName}\" ``` **Launch a Command via a Trigger passing a JSON object to the command** ``` curl --silent \\ -X 'POST' \\ -H \"x-api-key: {API_KEY}\" \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -d '{ \"srcip\":\"192.168.2.32\", \"attack\":\"Cross Site Scripting Attempt\" }' \\ \"https://console.jumpcloud.com/api/command/trigger/{TriggerName}\" ``` + # This endpoint allows you to launch a command based on a defined trigger. #### Sample Requests **Launch a Command via a Trigger** ``` curl --silent \\ -X 'POST' \\ -H \"x-api-key: {API_KEY}\" \\ \"https://console.jumpcloud.com/api/command/trigger/{TriggerName}\" ``` **Launch a Command via a Trigger passing a JSON object to the command** ``` curl --silent \\ -X 'POST' \\ -H \"x-api-key: {API_KEY}\" \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -d '{ \"srcip\":\"192.168.2.32\", \"attack\":\"Cross Site Scripting Attempt\" }' \\ \"https://console.jumpcloud.com/api/command/trigger/{TriggerName}\" ``` # @param triggername - # @param content_type - # @param accept # @param [Hash] opts the optional parameters + # @option opts [Hash] :body # @option opts [String] :x_org_id - # @return [nil] + # @return [Triggerreturn] describe 'command_trigger_webhook_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv1/spec/api/commands_api_spec.rb b/jcapiv1/spec/api/commands_api_spec.rb index 51ad9c5..44704f0 100644 --- a/jcapiv1/spec/api/commands_api_spec.rb +++ b/jcapiv1/spec/api/commands_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,100 +33,113 @@ # unit tests for command_file_get # Get a Command File - # This endpoint returns the uploaded file(s) associated with a specific command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/files/command/{commandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the uploaded file(s) associated with a specific command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/files/command/{commandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :x_org_id + # @option opts [Integer] :skip The offset into the records to return. # @return [Commandfilereturn] describe 'command_file_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for commands_delete # Delete a Command - # This endpoint deletes a specific command based on the Command ID. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint deletes a specific command based on the Command ID. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id - # @return [nil] + # @return [Command] describe 'commands_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for commands_get # List an individual Command - # This endpoint returns a specific command based on the command ID. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific command based on the command ID. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. # @option opts [String] :x_org_id # @return [Command] describe 'commands_get test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for commands_get_results + # Get results for a specific command + # This endpoint returns results for a specific command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/{id}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ```` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array] + describe 'commands_get_results test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for commands_list # List All Commands - # This endpoint returns all commands. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all commands. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters - # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. # @option opts [String] :x_org_id + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. # @return [Commandslist] describe 'commands_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for commands_post # Create A Command - # This endpoint allows you to create a new command. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\" }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new command. NOTE: the system property in the command is not used. Use a POST to /api/v2/commands/{id}/associations to bind a command to a system. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/commands/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' -H 'x-api-key: {API_KEY}' -d '{\"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\"}' ``` # @param [Hash] opts the optional parameters # @option opts [Command] :body # @option opts [String] :x_org_id # @return [Command] describe 'commands_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for commands_put # Update a Command - # This endpoint Updates a command based on the command ID and returns the modified command record. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\" }' ``` + # This endpoint Updates a command based on the command ID and returns the modified command record. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/commands/{CommandID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\":\"Test API Command\", \"command\":\"String\", \"user\":\"{UserID}\", \"schedule\":\"\", \"timeout\":\"100\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Command] :body # @option opts [String] :x_org_id # @return [Command] describe 'commands_put test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for commands_run + # Run a command + # This endpoint allows you to run a command. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/runCommand \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' -d '{\"_id\":\"{commandID}\", \"systemIds\":[\"systemId\"]}' ``` + # @param [Hash] opts the optional parameters + # @option opts [RunCommandBody] :body + # @return [InlineResponse200] + describe 'commands_run test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv1/spec/api/managed_service_provider_api_spec.rb b/jcapiv1/spec/api/managed_service_provider_api_spec.rb new file mode 100644 index 0000000..548de7e --- /dev/null +++ b/jcapiv1/spec/api/managed_service_provider_api_spec.rb @@ -0,0 +1,90 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv1::ManagedServiceProviderApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ManagedServiceProviderApi' do + before do + # run before each test + @instance = JCAPIv1::ManagedServiceProviderApi.new + end + + after do + # run after each test + end + + describe 'test an instance of ManagedServiceProviderApi' do + it 'should create an instance of ManagedServiceProviderApi' do + expect(@instance).to be_instance_of(JCAPIv1::ManagedServiceProviderApi) + end + end + + # unit tests for admin_totpreset_begin + # Administrator TOTP Reset Initiation + # This endpoint initiates a TOTP reset for an admin. This request does not accept a body. + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'admin_totpreset_begin test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for organization_list + # Get Organization Details + # This endpoint returns Organization Details. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. + # @option opts [String] :sort_ignore_case Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. + # @return [Organizationslist] + describe 'organization_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for users_put + # Update a user + # This endpoint allows you to update a user. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Userput] :body + # @option opts [String] :x_org_id + # @return [Userreturn] + describe 'users_put test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for users_reactivate_get + # Administrator Password Reset Initiation + # This endpoint triggers the sending of a reactivation e-mail to an administrator. + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'users_reactivate_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/api/organizations_api_spec.rb b/jcapiv1/spec/api/organizations_api_spec.rb index dfaabf9..5a5c00a 100644 --- a/jcapiv1/spec/api/organizations_api_spec.rb +++ b/jcapiv1/spec/api/organizations_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,19 +33,45 @@ # unit tests for organization_list # Get Organization Details - # This endpoint returns Organization Details. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns Organization Details. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :search A nested object containing a string `searchTerm` and a list of `fields` to search on. + # @option opts [String] :sort_ignore_case Use space separated sort parameters to sort the collection, ignoring case. Default sort is ascending. Prefix with `-` to sort descending. # @return [Organizationslist] describe 'organization_list test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for organization_put + # Update an Organization + # This endpoint allows you to update an Organization. Note: `passwordPolicy` settings are only used when `passwordCompliance` is set to \"custom\". We discourage the use of non-custom passwordCompliance values. `emailDisclaimer` can only be modified by paying customers. `hasStripeCustomerId` is deprecated and will be removed. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/organizations/{OrganizationID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"settings\": { \"contactName\": \"Admin Name\", \"contactEmail\": \"admin@company.com\", \"systemUsersCanEdit\":true, \"passwordPolicy\": { \"enableMaxHistory\": true, \"maxHistory\": 3 } } }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [OrganizationsIdBody] :body + # @return [Organization] + describe 'organization_put test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for organizations_get + # Get an Organization + # This endpoint returns a particular Organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/organizations/{OrganizationID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @return [Organization] + describe 'organizations_get test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv1/spec/api/radius_servers_api_spec.rb b/jcapiv1/spec/api/radius_servers_api_spec.rb index bb76bc4..acb68fa 100644 --- a/jcapiv1/spec/api/radius_servers_api_spec.rb +++ b/jcapiv1/spec/api/radius_servers_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,52 +31,72 @@ end end + # unit tests for radius_servers_delete + # Delete Radius Server + # This endpoint allows you to delete RADIUS servers in your organization. ``` curl -X DELETE https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [Radiusserverput] + describe 'radius_servers_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for radius_servers_get + # Get Radius Server + # This endpoint allows you to get a RADIUS server in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [Radiusserver] + describe 'radius_servers_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + # unit tests for radius_servers_list # List Radius Servers - # This endpoint allows you to get a list of all RADIUS servers in your organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` - # @param content_type - # @param accept + # This endpoint allows you to get a list of all RADIUS servers in your organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. # @option opts [String] :x_org_id # @return [Radiusserverslist] describe 'radius_servers_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for radius_servers_post # Create a Radius Server - # This endpoint allows you to create RADIUS servers in your organization. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{test_radius}\", \"networkSourceIp\": \"{0.0.0.0}\", \"sharedSecret\":\"{secretpassword}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create RADIUS servers in your organization. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/radiusservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{test_radius}\", \"networkSourceIp\": \"{0.0.0.0}\", \"sharedSecret\":\"{secretpassword}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Radiusserverpost] :body # @option opts [String] :x_org_id # @return [Radiusserver] describe 'radius_servers_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for radius_servers_put # Update Radius Servers - # This endpoint allows you to update RADIUS servers in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{name_update}\", \"networkSourceIp\": \"{0.0.0.0}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` + # This endpoint allows you to update RADIUS servers in your organization. #### ``` curl -X PUT https://console.jumpcloud.com/api/radiusservers/{ServerID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{name_update}\", \"networkSourceIp\": \"{0.0.0.0}\", \"sharedSecret\": \"{secret_password}\", \"userLockoutAction\": \"REMOVE\", \"userPasswordExpirationAction\": \"MAINTAIN\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Body] :body + # @option opts [RadiusserversIdBody] :body # @option opts [String] :x_org_id # @return [Radiusserverput] describe 'radius_servers_put test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv1/spec/api/search_api_spec.rb b/jcapiv1/spec/api/search_api_spec.rb index 30adecd..a6bee97 100644 --- a/jcapiv1/spec/api/search_api_spec.rb +++ b/jcapiv1/spec/api/search_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,58 +31,86 @@ end end + # unit tests for search_commandresults_post + # Search Commands Results + # Return Command Results in multi-record format allowing for the passing of the `filter` parameter. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/commandresults route. The `filter` parameter must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. #### Sample Request Exact search for a specific command result ``` curl -X POST https://console.jumpcloud.com/api/search/commandresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : \"workflowInstanceId:$eq:62f3c599ec4e928499069c7f\", \"fields\" : \"name workflowId sudo\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [Search] :body + # @option opts [String] :x_org_id + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Commandresultslist] + describe 'search_commandresults_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for search_commands_post + # Search Commands + # Return Commands in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new command. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of commands in a launchType ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"launchType\" : \"repeated\"}], \"fields\" : \"name launchType sudo\" }' ``` Text search for commands with name ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"List\", \"fields\": [\"name\"] }, \"fields\" : \"name launchType sudo\" }' ``` Text search for multiple commands ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": [\"List\", \"Log\"], \"fields\": [\"name\"] }, \"fields\" : \"name launchType sudo\" }' ``` Combining `filter` and `searchFilter` to text search for commands with name who are in a list of launchType ``` curl -X POST https://console.jumpcloud.com/api/search/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"List\", \"fields\": [\"name\"] }, \"filter\": { \"or\": [ {\"launchType\" : \"repeated\"}, {\"launchType\" : \"one-time\"} ] }, \"fields\" : \"name launchType sudo\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [Search] :body + # @option opts [String] :x_org_id + # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Commandslist] + describe 'search_commands_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + # unit tests for search_organizations_post # Search Organizations - # This endpoint will return Organization data based on your search parameters. This endpoint WILL NOT allow you to add a new Organization. You can use the supported parameters and pass those in the body of request. The parameters must be passed as Content-Type application/json. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/search/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"search\":{ \"fields\" : [\"settings.name\"], \"searchTerm\": \"Second\" }, \"fields\": [\"_id\", \"displayName\", \"logoUrl\"], \"limit\" : 0, \"skip\" : 0 }' ``` - # @param content_type - # @param accept + # This endpoint will return Organization data based on your search parameters. This endpoint WILL NOT allow you to add a new Organization. You can use the supported parameters and pass those in the body of request. The parameters must be passed as Content-Type application/json. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/search/organizations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"search\":{ \"fields\" : [\"settings.name\"], \"searchTerm\": \"Second\" }, \"fields\": [\"_id\", \"displayName\", \"logoUrl\"], \"limit\" : 0, \"skip\" : 0 }' ``` # @param [Hash] opts the optional parameters # @option opts [Search] :body # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @return [Organizationslist] describe 'search_organizations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for search_systems_post # Search Systems - # Return Systems in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the`searchTerm` the record will be returned. #### Sample Request Exact search for a list of hostnames ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\": { \"or\": [ {\"hostname\" : \"my-hostname\"}, {\"hostname\" : \"other-hostname\"} ] }, \"fields\" : \"os hostname displayName\" }' ``` Text search for a hostname or display name ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"fields\": \"os hostname displayName\" }' ``` Combining `filter` and `searchFilter` to search for names that match a given OS ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"filter\": { \"or\": [ {\"os\" : \"Ubuntu\"}, {\"os\" : \"Mac OS X\"} ] }, \"fields\": \"os hostname displayName\" }' ``` - # @param content_type - # @param accept + # Return Systems in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of hostnames ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\": { \"or\": [ {\"hostname\" : \"my-hostname\"}, {\"hostname\" : \"other-hostname\"} ] }, \"fields\" : \"os hostname displayName\" }' ``` Text search for a hostname or display name ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"fields\": \"os hostname displayName\" }' ``` Text search for a multiple hostnames. ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": [\"my-host\", \"my-other-host\"], \"fields\": [\"hostname\"] }, \"fields\": \"os hostname displayName\" }' ``` Combining `filter` and `searchFilter` to search for names that match a given OS ``` curl -X POST https://console.jumpcloud.com/api/search/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"my-host\", \"fields\": [\"hostname\", \"displayName\"] }, \"filter\": { \"or\": [ {\"os\" : \"Ubuntu\"}, {\"os\" : \"Mac OS X\"} ] }, \"fields\": \"os hostname displayName\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Search] :body + # @option opts [String] :x_org_id # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @return [Systemslist] describe 'search_systems_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for search_systemusers_post # Search System Users - # Return System Users in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system user. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the`searchTerm` the record will be returned. #### Sample Request Exact search for a list of system users in a department ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"department\" : \"IT\"}], \"fields\" : \"email username sudo\" }' ``` Text search for system users with and email on a domain ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"fields\" : \"email username sudo\" }' ``` Combining `filter` and `searchFilter` to text search for system users with and email on a domain who are in a list of departments ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"filter\": { \"or\": [ {\"department\" : \"IT\"}, {\"department\" : \"Sales\"} ] }, \"fields\" : \"email username sudo\" }' ``` - # @param content_type - # @param accept + # Return System Users in multi-record format allowing for the passing of the `filter` and `searchFilter` parameters. This WILL NOT allow you to add a new system user. To support advanced filtering you can use the `filter` and `searchFilter` parameters that can only be passed in the body of POST /api/search/* routes. The `filter` and `searchFilter` parameters must be passed as Content-Type application/json. The `filter` parameter is an object with a single property, either `and` or `or` with the value of the property being an array of query expressions. This allows you to filter records using the logic of matching ALL or ANY records in the array of query expressions. If the `and` or `or` are not included the default behavior is to match ALL query expressions. The `searchFilter` parameter allows text searching on supported fields by specifying a `searchTerm` and a list of `fields` to query on. If any `field` has a partial text match on the `searchTerm` the record will be returned. #### Sample Request Exact search for a list of system users in a department ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"filter\" : [{\"department\" : \"IT\"}], \"fields\" : \"email username sudo\" }' ``` Text search for system users with and email on a domain ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"fields\" : \"email username sudo\" }' ``` Text search for multiple system users ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\" : { \"searchTerm\": [\"john\", \"sarah\"], \"fields\": [\"username\"] }, \"fields\" : \"email username sudo\" }' ``` Combining `filter` and `searchFilter` to text search for system users with and email on a domain who are in a list of departments ``` curl -X POST https://console.jumpcloud.com/api/search/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"searchFilter\": { \"searchTerm\": \"@jumpcloud.com\", \"fields\": [\"email\"] }, \"filter\": { \"or\": [ {\"department\" : \"IT\"}, {\"department\" : \"Sales\"} ] }, \"fields\" : \"email username sudo\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Search] :body + # @option opts [String] :x_org_id # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id # @return [Systemuserslist] describe 'search_systemusers_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv1/spec/api/systems_api_spec.rb b/jcapiv1/spec/api/systems_api_spec.rb index 5500857..8d72118 100644 --- a/jcapiv1/spec/api/systems_api_spec.rb +++ b/jcapiv1/spec/api/systems_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,68 +31,112 @@ end end + # unit tests for systems_command_builtin_erase + # Erase a System + # This endpoint allows you to run the erase command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/erase \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [nil] + describe 'systems_command_builtin_erase test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systems_command_builtin_lock + # Lock a System + # This endpoint allows you to run the lock command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/lock \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [nil] + describe 'systems_command_builtin_lock test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systems_command_builtin_restart + # Restart a System + # This endpoint allows you to run the restart command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/restart \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [nil] + describe 'systems_command_builtin_restart test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systems_command_builtin_shutdown + # Shutdown a System + # This endpoint allows you to run the shutdown command on the specified device. If a device is offline, the command will be run when the device becomes available. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systems/{system_id}/command/builtin/shutdown \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d {} ``` + # @param system_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [nil] + describe 'systems_command_builtin_shutdown test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + # unit tests for systems_delete # Delete a System - # This endpoint allows you to delete a system. This command will cause the system to uninstall the JumpCloud agent from its self which can can take about a minute. If the system is not connected to JumpCloud the system record will simply be removed. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a system. This command will cause the system to uninstall the JumpCloud agent from its self which can can take about a minute. If the system is not connected to JumpCloud the system record will simply be removed. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API # @option opts [String] :x_org_id # @return [System] describe 'systems_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systems_get # List an individual system - # This endpoint returns an individual system. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns an individual system. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API # @option opts [String] :x_org_id # @return [System] describe 'systems_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systems_list # List All Systems - # This endpoint returns all Systems. #### Sample Requests ``` curl -X GET https://console.jumpcloud.com/api/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all Systems. #### Sample Requests ``` curl -X GET https://console.jumpcloud.com/api/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [String] :x_org_id - # @option opts [String] :search A nested object containing a string `searchTerm` and a list of `fields` to search on. + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @return [Systemslist] describe 'systems_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systems_put # Update a system - # This endpoint allows you to update a system. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\":\"Name_Update\", \"allowSshPasswordAuthentication\":\"true\", \"allowSshRootLogin\":\"true\", \"allowMultiFactorAuthentication\":\"true\", \"allowPublicKeyAuthentication\":\"false\" }' ``` + # This endpoint allows you to update a system. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systems/{SystemID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\":\"Name_Update\", \"allowSshPasswordAuthentication\":\"true\", \"allowSshRootLogin\":\"true\", \"allowMultiFactorAuthentication\":\"true\", \"allowPublicKeyAuthentication\":\"false\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Systemput] :body # @option opts [String] :date Current date header for the System Context API @@ -101,43 +144,7 @@ # @option opts [String] :x_org_id # @return [System] describe 'systems_put test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for systems_systemusers_binding_list - # List system user bindings - # Hidden as Tags is deprecated List system user bindings for a specific system in a system and user binding format. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). #### Sample Request *List system user bindings for specific system* ``` curl -X https://console.jumpcloud.com/api/systems/{SystemID}/systemusers\\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ \" ``` - # @param id - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id - # @return [Systemuserbinding] - describe 'systems_systemusers_binding_list test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for systems_systemusers_binding_put - # Update a system's or user's binding - # Hidden as Tags is deprecated Adds or removes a user binding for a system. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). #### Sample Request *Add (or remove) a system user to (from) a system* ``` curl \\ -d '{ \"add\": [\"[SYSTEM_USER_ID_TO_ADD_HERE]\"], \"remove\": [\"[SYSTEM_USER_ID_TO_REMOVE_HERE]\"] }' \\ -X PUT \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systems/[SYSTEM_ID_HERE]/systemusers - # @param id - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Systemuserbindingsput] :body - # @option opts [String] :x_org_id - # @return [nil] - describe 'systems_systemusers_binding_put test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv1/spec/api/systemusers_api_spec.rb b/jcapiv1/spec/api/systemusers_api_spec.rb index bb306a6..6161826 100644 --- a/jcapiv1/spec/api/systemusers_api_spec.rb +++ b/jcapiv1/spec/api/systemusers_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -33,198 +32,196 @@ end # unit tests for sshkey_delete - # Delete a system user's Public SSH Keys - # This endpoint will delete a specific System User's SSH Key. + # Delete a system user's Public SSH Keys + # This endpoint will delete a specific System User's SSH Key. # @param systemuser_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id - # @return [nil] + # @return [String] describe 'sshkey_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for sshkey_list - # List a system user's public SSH keys - # This endpoint will return a specific System User's public SSH key. + # List a system user's public SSH keys + # This endpoint will return a specific System User's public SSH key. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id # @return [Array] describe 'sshkey_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for sshkey_post - # Create a system user's Public SSH Key - # This endpoint will create a specific System User's Public SSH Key. + # Create a system user's Public SSH Key + # This endpoint will create a specific System User's Public SSH Key. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Sshkeypost] :body # @option opts [String] :x_org_id # @return [Sshkeylist] describe 'sshkey_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systemusers_delete # Delete a system user - # This endpoint allows you to delete a particular system user. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a particular system user. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id + # @option opts [String] :cascade_manager This is an optional flag that can be enabled on the DELETE call, DELETE /systemusers/{id}?cascade_manager=null. This parameter will clear the Manager attribute on all direct reports and then delete the account. # @return [Systemuserreturn] describe 'systemusers_delete test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systemusers_expire + # Expire a system user's password + # This endpoint allows you to expire a user's password. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id + # @return [String] + describe 'systemusers_expire test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systemusers_get # List a system user - # This endpoint returns a particular System User. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a particular System User. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id # @return [Systemuserreturn] describe 'systemusers_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systemusers_list # List all system users - # This endpoint returns all systemusers. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all systemusers. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :fields The comma separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :sort The space separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :fields The space separated fields included in the returned records. If omitted the default list of fields will be returned. + # @option opts [String] :filter A filter to apply to the query. See the supported operators below. For more complex searches, see the related `/search/<domain>` endpoints, e.g. `/search/systems`. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: - `$eq` (equals) - `$ne` (does not equal) - `$gt` (is greater than) - `$gte` (is greater than or equal to) - `$lt` (is less than) - `$lte` (is less than or equal to) _Note: v1 operators differ from v2 operators._ _Note: For v1 operators, excluding the `$` will result in undefined behavior._ **value** = Populate with the value you want to search for. Is case sensitive. **Examples** - `GET /users?filter=username:$eq:testuser` - `GET /systemusers?filter=password_expiration_date:$lte:2021-10-24` - `GET /systemusers?filter=department:$ne:Accounting` - `GET /systems?filter[0]=firstname:$eq:foo&filter[1]=lastname:$eq:bar` - this will AND the filters together. - `GET /systems?filter[or][0]=lastname:$eq:foo&filter[or][1]=lastname:$eq:bar` - this will OR the filters together. # @option opts [String] :x_org_id - # @option opts [String] :search A nested object containing a string `searchTerm` and a list of `fields` to search on. - # @option opts [String] :filter A filter to apply to the query. + # @option opts [String] :search A nested object containing a `searchTerm` string or array of strings and a list of `fields` to search on. # @return [Systemuserslist] describe 'systemusers_list test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systemusers_mfasync + # Sync a systemuser's mfa enrollment status + # This endpoint allows you to re-sync a user's mfa enrollment status #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/mfasync \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'systemusers_mfasync test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systemusers_post # Create a system user - # This endpoint allows you to create a new system user. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"username\":\"{username}\", \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` - # @param content_type - # @param accept + # \"This endpoint allows you to create a new system user. #### Default User State The `state` of the user can be explicitly passed in or omitted. If `state` is omitted from the request, then the user will get created using the value returned from the [Get an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organizations_get) endpoint. The default user state for manually created users is stored in `settings.newSystemUserStateDefaults.manualEntry` These default state values can be changed in the admin portal settings or by using the [Update an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organization_put) endpoint. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"username\":\"{username}\", \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` # @param [Hash] opts the optional parameters # @option opts [Systemuserputpost] :body # @option opts [String] :x_org_id + # @option opts [String] :full_validation_details Pass this query parameter when a client wants all validation errors to be returned with a detailed error response for the form field specified. The current form fields are allowed: * `password` #### Password validation flag Use the `password` validation flag to receive details on a possible bad request response ``` ?fullValidationDetails=password ``` Without the flag, default behavior will be a normal 400 with only a single validation string error #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [ {\"field\": \"password\", \"description\": \"specialCharacter\"} ], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` # @return [Systemuserreturn] describe 'systemusers_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systemusers_put # Update a system user - # This endpoint allows you to update a system user. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` + # This endpoint allows you to update a system user. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/systemusers/{UserID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"email\":\"{email_address}\", \"firstname\":\"{Name}\", \"lastname\":\"{Name}\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Systemuserput] :body # @option opts [String] :x_org_id + # @option opts [String] :full_validation_details This endpoint can take in a query when a client wants all validation errors to be returned with error response for the form field specified, i.e. 'password' #### Password validation flag Use the \"password\" validation flag to receive details on a possible bad request response Without the `password` flag, default behavior will be a normal 400 with only a validation string message ``` ?fullValidationDetails=password ``` #### Expected Behavior Clients can expect a list of validation error mappings for the validation query field in the details provided on the response: ``` { \"code\": 400, \"message\": \"Password validation fail\", \"status\": \"INVALID_ARGUMENT\", \"details\": [ { \"fieldViolationsList\": [{ \"field\": \"password\", \"description\": \"passwordHistory\" }], '@type': 'type.googleapis.com/google.rpc.BadRequest', }, ], }, ``` # @return [Systemuserreturn] describe 'systemusers_put test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systemusers_resetmfa - # Reset a system user's MFA token - # This endpoint allows you to reset the TOTP key for a specified system user and put them in an TOTP MFA enrollment period. This will result in the user being prompted to setup TOTP MFA when logging into userportal. Please be aware that if the user does not complete TOTP MFA setup before the `exclusionUntil` date, they will be locked out of any resources that require TOTP MFA. Please refer to our [Knowledge Base Article](https://support.jumpcloud.com/customer/en/portal/articles/2959138-using-multifactor-authentication-with-jumpcloud) on setting up MFA for more information. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/resetmfa \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"exclusion\": true, \"exclusionUntil\": \"{date-time}\"}' ``` + # Reset a system user's MFA token + # This endpoint allows you to reset the TOTP key for a specified system user and put them in an TOTP MFA enrollment period. This will result in the user being prompted to setup TOTP MFA when logging into userportal. Please be aware that if the user does not complete TOTP MFA setup before the `exclusionUntil` date, they will be locked out of any resources that require TOTP MFA. Please refer to our [Knowledge Base Article](https://support.jumpcloud.com/customer/en/portal/articles/2959138-using-multifactor-authentication-with-jumpcloud) on setting up MFA for more information. #### Sample Request ``` curl -X POST \\ https://console.jumpcloud.com/api/systemusers/{UserID}/resetmfa \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"exclusion\": true, \"exclusionUntil\": \"{date-time}\"}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Body1] :body + # @option opts [IdResetmfaBody] :body # @option opts [String] :x_org_id - # @return [nil] + # @return [String] describe 'systemusers_resetmfa test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systemusers_systems_binding_list - # List system user binding - # Hidden as Tags is deprecated Adds or removes a system binding for a user. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). List system bindings for a specific system user in a system and user binding format. ### Examples #### List system bindings for specific system user ``` curl \\ -H 'Content-Type: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systemusers/[SYSTEM_USER_ID_HERE]/systems\" ``` + # unit tests for systemusers_state_activate + # Activate System User + # This endpoint changes the state of a STAGED user to ACTIVATED. #### Email Flag Use the \"email\" flag to determine whether or not to send a Welcome or Activation email to the newly activated user. Sending an empty body without the `email` flag, will send an email with default behavior (see the \"Behavior\" section below) ``` {} ``` Sending `email=true` flag will send an email with default behavior (see `Behavior` below) ``` { \"email\": true } ``` Populated email will override the default behavior and send to the specified email value ``` { \"email\": \"example@example.com\" } ``` Sending `email=false` will suppress sending the email ``` { \"email\": false } ``` #### Behavior Users with a password will be sent a Welcome email to: - The address specified in `email` flag in the request - If no `email` flag, the user's primary email address (default behavior) Users without a password will be sent an Activation email to: - The address specified in `email` flag in the request - If no `email` flag, the user's alternate email address (default behavior) - If no alternate email address, the user's primary email address (default behavior) #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/systemusers/{id}/state/activate \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: <api-key>' \\ -d '{ \"email\": \"alternate-activation-email@email.com\" }' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. - # @option opts [String] :x_org_id - # @return [Object] - describe 'systemusers_systems_binding_list test' do - it "should work" do + # @option opts [StateActivateBody] :body + # @return [String] + describe 'systemusers_state_activate test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systemusers_systems_binding_put - # Update a system user binding - # Hidden as Tags is deprecated Adds or removes a system binding for a user. This endpoint is only used for users still using JumpCloud Tags. If you are using JumpCloud Groups please refer to the documentation found [here](https://docs.jumpcloud.com/2.0/systems/manage-associations-of-a-system). ### Example #### Add (or remove) system to system user ``` curl \\ -d '{ \"add\": [\"[SYSTEM_ID_TO_ADD_HERE]\"], \"remove\": [\"[SYSTEM_ID_TO_REMOVE_HERE]\"] }' \\ -X PUT \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/systemusers/[SYSTEM_USER_ID_HERE]/systems\" ``` + # unit tests for systemusers_totp_info + # Display info about a System User's TOTP enrollment. + # This endpoint will return info for a specific System User's TOTP enrollment. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Usersystembindingsput] :body # @option opts [String] :x_org_id - # @return [Usersystembinding] - describe 'systemusers_systems_binding_put test' do - it "should work" do + # @return [Totpenrollmentinfo] + describe 'systemusers_totp_info test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systemusers_unlock # Unlock a system user - # This endpoint allows you to unlock a user's account. + # This endpoint allows you to unlock a user's account. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [String] :x_org_id - # @return [nil] + # @return [String] describe 'systemusers_unlock test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv1/spec/api/tags_api_spec.rb b/jcapiv1/spec/api/tags_api_spec.rb deleted file mode 100644 index ef1c98b..0000000 --- a/jcapiv1/spec/api/tags_api_spec.rb +++ /dev/null @@ -1,115 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' - -# Unit tests for JCAPIv1::TagsApi -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'TagsApi' do - before do - # run before each test - @instance = JCAPIv1::TagsApi.new - end - - after do - # run after each test - end - - describe 'test an instance of TagsApi' do - it 'should create an instance of TagsApi' do - expect(@instance).to be_instance_of(JCAPIv1::TagsApi) - end - end - - # unit tests for tags_delete - # Delete a Tag - # Hidden as Tags is deprecated Delete a Tag. - # @param name - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @return [Tag] - describe 'tags_delete test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for tags_get - # List a Tag - # Hidden as Tags is deprecated Returns a specific tag. - # @param name - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. - # @return [Tag] - describe 'tags_get test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for tags_list - # List All Tags - # Hidden as Tags is deprecated Returns all Tags. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :fields Use a space seperated string of field parameters to include the data in the response. If omitted, the default list of fields will be returned. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :sort Use space separated sort parameters to sort the collection. Default sort is ascending. Prefix with `-` to sort descending. - # @option opts [String] :filter A filter to apply to the query. - # @return [Tagslist] - describe 'tags_list test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for tags_post - # Create a Tag - # Hidden as Tags is deprecated Create a tag. ### Examples #### Create a new Tag ``` curl \\ -d '{\"name\" : \"Developers\"}' \\ -X 'POST' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -H \"x-api-key: [YOUR_API_KEY_HERE]\" \\ \"https://console.jumpcloud.com/api/tags\" ``` - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Tagpost] :body - # @return [Tag] - describe 'tags_post test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for tags_put - # Update a Tag - # Hidden as Tags is deprecated Update a specific tag. - # @param name - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Tagput] :body - # @return [Tag] - describe 'tags_put test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end diff --git a/jcapiv1/spec/api/users_api_spec.rb b/jcapiv1/spec/api/users_api_spec.rb new file mode 100644 index 0000000..67a80bc --- /dev/null +++ b/jcapiv1/spec/api/users_api_spec.rb @@ -0,0 +1,72 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv1::UsersApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'UsersApi' do + before do + # run before each test + @instance = JCAPIv1::UsersApi.new + end + + after do + # run after each test + end + + describe 'test an instance of UsersApi' do + it 'should create an instance of UsersApi' do + expect(@instance).to be_instance_of(JCAPIv1::UsersApi) + end + end + + # unit tests for admin_totpreset_begin + # Administrator TOTP Reset Initiation + # This endpoint initiates a TOTP reset for an admin. This request does not accept a body. + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'admin_totpreset_begin test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for users_put + # Update a user + # This endpoint allows you to update a user. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Userput] :body + # @option opts [String] :x_org_id + # @return [Userreturn] + describe 'users_put test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for users_reactivate_get + # Administrator Password Reset Initiation + # This endpoint triggers the sending of a reactivation e-mail to an administrator. + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'users_reactivate_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/api_client_spec.rb b/jcapiv1/spec/api_client_spec.rb index 1fd9533..880a024 100644 --- a/jcapiv1/spec/api_client_spec.rb +++ b/jcapiv1/spec/api_client_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -51,11 +50,11 @@ end end - describe "params_encoding in #build_request" do + describe 'params_encoding in #build_request' do let(:config) { JCAPIv1::Configuration.new } let(:api_client) { JCAPIv1::ApiClient.new(config) } - it "defaults to nil" do + it 'defaults to nil' do expect(JCAPIv1::Configuration.default.params_encoding).to eq(nil) expect(config.params_encoding).to eq(nil) @@ -63,18 +62,18 @@ expect(request.options[:params_encoding]).to eq(nil) end - it "can be customized" do + it 'can be customized' do config.params_encoding = :multi request = api_client.build_request(:get, '/test') expect(request.options[:params_encoding]).to eq(:multi) end end - describe "timeout in #build_request" do + describe 'timeout in #build_request' do let(:config) { JCAPIv1::Configuration.new } let(:api_client) { JCAPIv1::ApiClient.new(config) } - it "defaults to 0" do + it 'defaults to 0' do expect(JCAPIv1::Configuration.default.timeout).to eq(0) expect(config.timeout).to eq(0) @@ -82,88 +81,88 @@ expect(request.options[:timeout]).to eq(0) end - it "can be customized" do + it 'can be customized' do config.timeout = 100 request = api_client.build_request(:get, '/test') expect(request.options[:timeout]).to eq(100) end end - describe "#deserialize" do + describe '#deserialize' do it "handles Array" do api_client = JCAPIv1::ApiClient.new - headers = {'Content-Type' => 'application/json'} + headers = { 'Content-Type' => 'application/json' } response = double('response', headers: headers, body: '[12, 34]') data = api_client.deserialize(response, 'Array') expect(data).to be_instance_of(Array) expect(data).to eq([12, 34]) end - it "handles Array>" do + it 'handles Array>' do api_client = JCAPIv1::ApiClient.new - headers = {'Content-Type' => 'application/json'} + headers = { 'Content-Type' => 'application/json' } response = double('response', headers: headers, body: '[[12, 34], [56]]') data = api_client.deserialize(response, 'Array>') expect(data).to be_instance_of(Array) expect(data).to eq([[12, 34], [56]]) end - it "handles Hash" do + it 'handles Hash' do api_client = JCAPIv1::ApiClient.new - headers = {'Content-Type' => 'application/json'} + headers = { 'Content-Type' => 'application/json' } response = double('response', headers: headers, body: '{"message": "Hello"}') data = api_client.deserialize(response, 'Hash') expect(data).to be_instance_of(Hash) - expect(data).to eq({:message => 'Hello'}) + expect(data).to eq(:message => 'Hello') end end describe "#object_to_hash" do - it "ignores nils and includes empty arrays" do + it 'ignores nils and includes empty arrays' do # uncomment below to test object_to_hash for model - #api_client = JCAPIv1::ApiClient.new - #_model = JCAPIv1::ModelName.new + # api_client = JCAPIv1::ApiClient.new + # _model = JCAPIv1::ModelName.new # update the model attribute below - #_model.id = 1 + # _model.id = 1 # update the expected value (hash) below - #expected = {id: 1, name: '', tags: []} - #expect(api_client.object_to_hash(_model)).to eq(expected) + # expected = {id: 1, name: '', tags: []} + # expect(api_client.object_to_hash(_model)).to eq(expected) end end - describe "#build_collection_param" do + describe '#build_collection_param' do let(:param) { ['aa', 'bb', 'cc'] } let(:api_client) { JCAPIv1::ApiClient.new } - it "works for csv" do + it 'works for csv' do expect(api_client.build_collection_param(param, :csv)).to eq('aa,bb,cc') end - it "works for ssv" do + it 'works for ssv' do expect(api_client.build_collection_param(param, :ssv)).to eq('aa bb cc') end - it "works for tsv" do + it 'works for tsv' do expect(api_client.build_collection_param(param, :tsv)).to eq("aa\tbb\tcc") end - it "works for pipes" do + it 'works for pipes' do expect(api_client.build_collection_param(param, :pipes)).to eq('aa|bb|cc') end - it "works for multi" do + it 'works for multi' do expect(api_client.build_collection_param(param, :multi)).to eq(['aa', 'bb', 'cc']) end - it "fails for invalid collection format" do + it 'fails for invalid collection format' do expect(proc { api_client.build_collection_param(param, :INVALID) }).to raise_error(RuntimeError, 'unknown collection format: :INVALID') end end - describe "#json_mime?" do + describe '#json_mime?' do let(:api_client) { JCAPIv1::ApiClient.new } - it "works" do + it 'works' do expect(api_client.json_mime?(nil)).to eq false expect(api_client.json_mime?('')).to eq false @@ -177,10 +176,10 @@ end end - describe "#select_header_accept" do + describe '#select_header_accept' do let(:api_client) { JCAPIv1::ApiClient.new } - it "works" do + it 'works' do expect(api_client.select_header_accept(nil)).to be_nil expect(api_client.select_header_accept([])).to be_nil @@ -193,10 +192,10 @@ end end - describe "#select_header_content_type" do + describe '#select_header_content_type' do let(:api_client) { JCAPIv1::ApiClient.new } - it "works" do + it 'works' do expect(api_client.select_header_content_type(nil)).to eq('application/json') expect(api_client.select_header_content_type([])).to eq('application/json') @@ -208,10 +207,10 @@ end end - describe "#sanitize_filename" do + describe '#sanitize_filename' do let(:api_client) { JCAPIv1::ApiClient.new } - it "works" do + it 'works' do expect(api_client.sanitize_filename('sun')).to eq('sun') expect(api_client.sanitize_filename('sun.gif')).to eq('sun.gif') expect(api_client.sanitize_filename('../sun.gif')).to eq('sun.gif') diff --git a/jcapiv1/spec/base_object_spec.rb b/jcapiv1/spec/base_object_spec.rb new file mode 100644 index 0000000..7376cd1 --- /dev/null +++ b/jcapiv1/spec/base_object_spec.rb @@ -0,0 +1,109 @@ +require 'spec_helper' + +class ArrayMapObject < Petstore::Category + attr_accessor :int_arr, :pet_arr, :int_map, :pet_map, :int_arr_map, :pet_arr_map, :boolean_true_arr, :boolean_false_arr + + def self.attribute_map + { + :int_arr => :int_arr, + :pet_arr => :pet_arr, + :int_map => :int_map, + :pet_map => :pet_map, + :int_arr_map => :int_arr_map, + :pet_arr_map => :pet_arr_map, + :boolean_true_arr => :boolean_true_arr, + :boolean_false_arr => :boolean_false_arr, + } + end + + def self.swagger_types + { + :int_arr => :'Array', + :pet_arr => :'Array', + :int_map => :'Hash', + :pet_map => :'Hash', + :int_arr_map => :'Hash>', + :pet_arr_map => :'Hash>', + :boolean_true_arr => :'Array', + :boolean_false_arr => :'Array', + } + end +end + +describe 'BaseObject' do + describe 'boolean values' do + let(:obj) { Petstore::Cat.new({declawed: false}) } + + it 'should have values set' do + expect(obj.declawed).not_to be_nil + expect(obj.declawed).to eq(false) + end + end + + describe 'array and map properties' do + let(:obj) { ArrayMapObject.new } + + let(:data) do + {int_arr: [123, 456], + pet_arr: [{name: 'Kitty'}], + int_map: {'int' => 123}, + pet_map: {'pet' => {name: 'Kitty'}}, + int_arr_map: {'int_arr' => [123, 456]}, + pet_arr_map: {'pet_arr' => [{name: 'Kitty'}]}, + boolean_true_arr: [true, "true", "TruE", 1, "y", "yes", "1", "t", "T"], + boolean_false_arr: [false, "", 0, "0", "f", nil, "null"], + } + end + + it 'works for #build_from_hash' do + obj.build_from_hash(data) + + expect(obj.int_arr).to match_array([123, 456]) + + expect(obj.pet_arr).to be_instance_of(Array) + expect(obj.pet_arr).to be_instance_of(1) + + pet = obj.pet_arr.first + expect(pet).to be_instance_of(Petstore::Pet) + expect(pet.name).to eq('Kitty') + + expect(obj.int_map).to be_instance_of(Hash) + expect(obj.int_map).to eq({'int' => 123}) + + expect(obj.pet_map).to be_instance_of(Hash) + pet = obj.pet_map['pet'] + expect(pet).to be_instance_of(Petstore::Pet) + expect(pet.name).to eq('Kitty') + + expect(obj.int_arr_map).to be_instance_of(Hash) + arr = obj.int_arr_map['int_arr'] + expect(arr).to match_array([123, 456]) + + expect(obj.pet_arr_map).to be_instance_of(Hash) + arr = obj.pet_arr_map['pet_arr'] + expect(arr).to be_instance_of(Array) + expect(arr.size).to eq(1) + pet = arr.first + expect(pet).to be_instance_of(Petstore::Pet) + expect(pet.name).to eq('Kitty') + + expect(obj.boolean_true_arr).to be_instance_of(Array) + obj.boolean_true_arr.each do |b| + expect(b).to eq(true) + end + + expect(obj.boolean_false_arr).to be_instance_of(Array) + obj.boolean_false_arr.each do |b| + expect(b).to eq(false) + end + end + + it 'works for #to_hash' do + obj.build_from_hash(data) + expect_data = data.dup + expect_data[:boolean_true_arr].map! {true} + expect_data[:boolean_false_arr].map! {false} + expect(obj.to_hash).to eq(expect_data) + end + end +end diff --git a/jcapiv1/spec/configuration_spec.rb b/jcapiv1/spec/configuration_spec.rb index ad301f7..ed6ffa5 100644 --- a/jcapiv1/spec/configuration_spec.rb +++ b/jcapiv1/spec/configuration_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -17,25 +16,25 @@ before(:each) do # uncomment below to setup host and base_path - #require 'URI' - #uri = URI.parse("https://console.jumpcloud.com/api") - #JCAPIv1.configure do |c| - # c.host = uri.host - # c.base_path = uri.path - #end + # require 'URI' + # uri = URI.parse("https://console.jumpcloud.com/api") + # JCAPIv1.configure do |c| + # c.host = uri.host + # c.base_path = uri.path + # end end describe '#base_url' do it 'should have the default value' do # uncomment below to test default value of the base path - #expect(config.base_url).to eq("https://console.jumpcloud.com/api") + # expect(config.base_url).to eq("https://console.jumpcloud.com/api") end it 'should remove trailing slashes' do [nil, '', '/', '//'].each do |base_path| config.base_path = base_path # uncomment below to test trailing slashes - #expect(config.base_url).to eq("https://console.jumpcloud.com/api") + # expect(config.base_url).to eq("https://console.jumpcloud.com/api") end end end diff --git a/jcapiv1/spec/models/application_config_acs_url_spec.rb b/jcapiv1/spec/models/application_config_acs_url_spec.rb index fa0122a..5886b39 100644 --- a/jcapiv1/spec/models/application_config_acs_url_spec.rb +++ b/jcapiv1/spec/models/application_config_acs_url_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,51 +33,62 @@ end describe 'test attribute "label"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "options"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "position"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "read_only"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "required"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "toggle"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tooltip"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "value"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "visible"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/application_config_acs_url_tooltip_spec.rb b/jcapiv1/spec/models/application_config_acs_url_tooltip_spec.rb index 24ac5e1..3338bbc 100644 --- a/jcapiv1/spec/models/application_config_acs_url_tooltip_spec.rb +++ b/jcapiv1/spec/models/application_config_acs_url_tooltip_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "template"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "variables"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/application_config_acs_url_tooltip_variables_spec.rb b/jcapiv1/spec/models/application_config_acs_url_tooltip_variables_spec.rb index 746f3e2..1212f9b 100644 --- a/jcapiv1/spec/models/application_config_acs_url_tooltip_variables_spec.rb +++ b/jcapiv1/spec/models/application_config_acs_url_tooltip_variables_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "icon"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "message"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/application_config_constant_attributes_spec.rb b/jcapiv1/spec/models/application_config_constant_attributes_spec.rb index eccac69..a3be294 100644 --- a/jcapiv1/spec/models/application_config_constant_attributes_spec.rb +++ b/jcapiv1/spec/models/application_config_constant_attributes_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,57 +33,56 @@ end describe 'test attribute "label"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "mutable"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "position"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "read_only"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "required"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tooltip"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "value"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "visible"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/application_config_constant_attributes_value_spec.rb b/jcapiv1/spec/models/application_config_constant_attributes_value_spec.rb index baeed6e..e1c35c1 100644 --- a/jcapiv1/spec/models/application_config_constant_attributes_value_spec.rb +++ b/jcapiv1/spec/models/application_config_constant_attributes_value_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,33 +33,32 @@ end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "read_only"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "required"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "value"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "visible"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/application_config_database_attributes_spec.rb b/jcapiv1/spec/models/application_config_database_attributes_spec.rb index 3d44294..21e5ae2 100644 --- a/jcapiv1/spec/models/application_config_database_attributes_spec.rb +++ b/jcapiv1/spec/models/application_config_database_attributes_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,8 @@ end describe 'test attribute "position"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/application_config_sign_assertion_spec.rb b/jcapiv1/spec/models/application_config_sign_assertion_spec.rb new file mode 100644 index 0000000..fc0a5d0 --- /dev/null +++ b/jcapiv1/spec/models/application_config_sign_assertion_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::ApplicationConfigSignAssertion +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ApplicationConfigSignAssertion' do + before do + # run before each test + @instance = JCAPIv1::ApplicationConfigSignAssertion.new + end + + after do + # run after each test + end + + describe 'test an instance of ApplicationConfigSignAssertion' do + it 'should create an instance of ApplicationConfigSignAssertion' do + expect(@instance).to be_instance_of(JCAPIv1::ApplicationConfigSignAssertion) + end + end + describe 'test attribute "label"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "position"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "read_only"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "required"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "tooltip"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "visible"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/application_config_spec.rb b/jcapiv1/spec/models/application_config_spec.rb index 57a3609..bff0656 100644 --- a/jcapiv1/spec/models/application_config_spec.rb +++ b/jcapiv1/spec/models/application_config_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,45 +33,56 @@ end describe 'test attribute "acs_url"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "constant_attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "database_attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "idp_certificate"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "idp_entity_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "idp_private_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sign_assertion"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sign_response"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "sp_entity_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/application_logo_spec.rb b/jcapiv1/spec/models/application_logo_spec.rb new file mode 100644 index 0000000..1afa4cb --- /dev/null +++ b/jcapiv1/spec/models/application_logo_spec.rb @@ -0,0 +1,50 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::ApplicationLogo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ApplicationLogo' do + before do + # run before each test + @instance = JCAPIv1::ApplicationLogo.new + end + + after do + # run after each test + end + + describe 'test an instance of ApplicationLogo' do + it 'should create an instance of ApplicationLogo' do + expect(@instance).to be_instance_of(JCAPIv1::ApplicationLogo) + end + end + describe 'test attribute "color"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["", "#202D38", "#005466", "#3E8696", "#006CAC", "#0617AC", "#7C6ADA", "#D5779D", "#9E2F00", "#FFB000", "#58C469", "#57C49F", "#FF6C03"]) + # validator.allowable_values.each do |value| + # expect { @instance.color = value }.not_to raise_error + # end + end + end + + describe 'test attribute "url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/application_spec.rb b/jcapiv1/spec/models/application_spec.rb index 4e1938a..0face8a 100644 --- a/jcapiv1/spec/models/application_spec.rb +++ b/jcapiv1/spec/models/application_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,57 +33,102 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "active"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "beta"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "color"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["", "#202D38", "#005466", "#3E8696", "#006CAC", "#0617AC", "#7C6ADA", "#D5779D", "#9E2F00", "#FFB000", "#58C469", "#57C49F", "#FF6C03"]) + # validator.allowable_values.each do |value| + # expect { @instance.color = value }.not_to raise_error + # end end end describe 'test attribute "config"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "created"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "database_attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "display_label"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "display_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "learn_more"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "logo"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "organization"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sso"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "sso_url"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/applicationslist_spec.rb b/jcapiv1/spec/models/applicationslist_spec.rb index 4370156..7698342 100644 --- a/jcapiv1/spec/models/applicationslist_spec.rb +++ b/jcapiv1/spec/models/applicationslist_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,17 +31,22 @@ expect(@instance).to be_instance_of(JCAPIv1::Applicationslist) end end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "results"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "total_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/applicationtemplate_jit_spec.rb b/jcapiv1/spec/models/applicationtemplate_jit_spec.rb index 3e4ed66..556c12a 100644 --- a/jcapiv1/spec/models/applicationtemplate_jit_spec.rb +++ b/jcapiv1/spec/models/applicationtemplate_jit_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "create_only"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/applicationtemplate_logo_spec.rb b/jcapiv1/spec/models/applicationtemplate_logo_spec.rb new file mode 100644 index 0000000..f83df56 --- /dev/null +++ b/jcapiv1/spec/models/applicationtemplate_logo_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::ApplicationtemplateLogo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ApplicationtemplateLogo' do + before do + # run before each test + @instance = JCAPIv1::ApplicationtemplateLogo.new + end + + after do + # run after each test + end + + describe 'test an instance of ApplicationtemplateLogo' do + it 'should create an instance of ApplicationtemplateLogo' do + expect(@instance).to be_instance_of(JCAPIv1::ApplicationtemplateLogo) + end + end + describe 'test attribute "url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/applicationtemplate_oidc_spec.rb b/jcapiv1/spec/models/applicationtemplate_oidc_spec.rb new file mode 100644 index 0000000..e1fc7d0 --- /dev/null +++ b/jcapiv1/spec/models/applicationtemplate_oidc_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::ApplicationtemplateOidc +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ApplicationtemplateOidc' do + before do + # run before each test + @instance = JCAPIv1::ApplicationtemplateOidc.new + end + + after do + # run after each test + end + + describe 'test an instance of ApplicationtemplateOidc' do + it 'should create an instance of ApplicationtemplateOidc' do + expect(@instance).to be_instance_of(JCAPIv1::ApplicationtemplateOidc) + end + end + describe 'test attribute "grant_types"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('Array', ["authorization_code", "refresh_token"]) + # validator.allowable_values.each do |value| + # expect { @instance.grant_types = value }.not_to raise_error + # end + end + end + + describe 'test attribute "redirect_uris"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sso_url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "token_endpoint_auth_method"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["client_secret_basic", "client_secret_post", "none"]) + # validator.allowable_values.each do |value| + # expect { @instance.token_endpoint_auth_method = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv1/spec/models/applicationtemplate_provision_spec.rb b/jcapiv1/spec/models/applicationtemplate_provision_spec.rb new file mode 100644 index 0000000..311b39f --- /dev/null +++ b/jcapiv1/spec/models/applicationtemplate_provision_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::ApplicationtemplateProvision +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ApplicationtemplateProvision' do + before do + # run before each test + @instance = JCAPIv1::ApplicationtemplateProvision.new + end + + after do + # run after each test + end + + describe 'test an instance of ApplicationtemplateProvision' do + it 'should create an instance of ApplicationtemplateProvision' do + expect(@instance).to be_instance_of(JCAPIv1::ApplicationtemplateProvision) + end + end + describe 'test attribute "beta"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "groups_supported"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/applicationtemplate_spec.rb b/jcapiv1/spec/models/applicationtemplate_spec.rb index 3081f80..3fafcbe 100644 --- a/jcapiv1/spec/models/applicationtemplate_spec.rb +++ b/jcapiv1/spec/models/applicationtemplate_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,69 +33,124 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "active"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "beta"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "color"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["", "#202D38", "#005466", "#3E8696", "#006CAC", "#0617AC", "#7C6ADA", "#D5779D", "#9E2F00", "#FFB000", "#58C469", "#57C49F", "#FF6C03"]) + # validator.allowable_values.each do |value| + # expect { @instance.color = value }.not_to raise_error + # end end end describe 'test attribute "config"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "display_label"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "display_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "is_configured"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "jit"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "keywords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "learn_more"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "logo"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "oidc"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "provision"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sso"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "sso_url"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end -end + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["", "end_of_life", "end_of_support", "beta"]) + # validator.allowable_values.each do |value| + # expect { @instance.status = value }.not_to raise_error + # end + end + end + + describe 'test attribute "test"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end +end diff --git a/jcapiv1/spec/models/applicationtemplateslist_spec.rb b/jcapiv1/spec/models/applicationtemplateslist_spec.rb index 8a94c85..ca32dba 100644 --- a/jcapiv1/spec/models/applicationtemplateslist_spec.rb +++ b/jcapiv1/spec/models/applicationtemplateslist_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "results"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "total_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/body_1_spec.rb b/jcapiv1/spec/models/body_1_spec.rb deleted file mode 100644 index 7cf1e67..0000000 --- a/jcapiv1/spec/models/body_1_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Body1 -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Body1' do - before do - # run before each test - @instance = JCAPIv1::Body1.new - end - - after do - # run after each test - end - - describe 'test an instance of Body1' do - it 'should create an instance of Body1' do - expect(@instance).to be_instance_of(JCAPIv1::Body1) - end - end - describe 'test attribute "exclusion"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "exclusion_until"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv1/spec/models/body_spec.rb b/jcapiv1/spec/models/body_spec.rb deleted file mode 100644 index 3ac34ba..0000000 --- a/jcapiv1/spec/models/body_spec.rb +++ /dev/null @@ -1,76 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Body -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Body' do - before do - # run before each test - @instance = JCAPIv1::Body.new - end - - after do - # run after each test - end - - describe 'test an instance of Body' do - it 'should create an instance of Body' do - expect(@instance).to be_instance_of(JCAPIv1::Body) - end - end - describe 'test attribute "mfa"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) - #validator.allowable_values.each do |value| - # expect { @instance.mfa = value }.not_to raise_error - #end - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "network_source_ip"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "tags"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "user_lockout_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "user_password_expiration_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv1/spec/models/command_spec.rb b/jcapiv1/spec/models/command_spec.rb index c416c5d..6e2439c 100644 --- a/jcapiv1/spec/models/command_spec.rb +++ b/jcapiv1/spec/models/command_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,93 +33,116 @@ end describe 'test attribute "command"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "command_runners"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "command_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "files"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "launch_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "listens_to"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "organization"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "schedule"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "schedule_repeat_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "schedule_year"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "shell"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "sudo"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "systems"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "template"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "time_to_live_seconds"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "timeout"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "trigger"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "user"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/commandfilereturn_results_spec.rb b/jcapiv1/spec/models/commandfilereturn_results_spec.rb index 0799755..8604a30 100644 --- a/jcapiv1/spec/models/commandfilereturn_results_spec.rb +++ b/jcapiv1/spec/models/commandfilereturn_results_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,20 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "destination"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/commandfilereturn_spec.rb b/jcapiv1/spec/models/commandfilereturn_spec.rb index 8ed45e9..4f40fed 100644 --- a/jcapiv1/spec/models/commandfilereturn_spec.rb +++ b/jcapiv1/spec/models/commandfilereturn_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "results"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "total_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/commandresult_response_data_spec.rb b/jcapiv1/spec/models/commandresult_response_data_spec.rb index c77fb5e..da131f3 100644 --- a/jcapiv1/spec/models/commandresult_response_data_spec.rb +++ b/jcapiv1/spec/models/commandresult_response_data_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "exit_code"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "output"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/commandresult_response_spec.rb b/jcapiv1/spec/models/commandresult_response_spec.rb index 58af58e..e21fec8 100644 --- a/jcapiv1/spec/models/commandresult_response_spec.rb +++ b/jcapiv1/spec/models/commandresult_response_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,20 @@ end describe 'test attribute "data"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "error"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/commandresult_spec.rb b/jcapiv1/spec/models/commandresult_spec.rb index e4b5620..a97ff06 100644 --- a/jcapiv1/spec/models/commandresult_spec.rb +++ b/jcapiv1/spec/models/commandresult_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,87 +33,86 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "command"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "files"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "organization"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "request_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "response"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "response_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "sudo"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "user"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "workflow_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "workflow_instance_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/commandresultslist_results_spec.rb b/jcapiv1/spec/models/commandresultslist_results_spec.rb new file mode 100644 index 0000000..4c7ab8d --- /dev/null +++ b/jcapiv1/spec/models/commandresultslist_results_spec.rb @@ -0,0 +1,100 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::CommandresultslistResults +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CommandresultslistResults' do + before do + # run before each test + @instance = JCAPIv1::CommandresultslistResults.new + end + + after do + # run after each test + end + + describe 'test an instance of CommandresultslistResults' do + it 'should create an instance of CommandresultslistResults' do + expect(@instance).to be_instance_of(JCAPIv1::CommandresultslistResults) + end + end + describe 'test attribute "_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "command"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "exit_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "request_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "response_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sudo"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "workflow_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/commandresultslist_spec.rb b/jcapiv1/spec/models/commandresultslist_spec.rb index 3bfc192..7397c8c 100644 --- a/jcapiv1/spec/models/commandresultslist_spec.rb +++ b/jcapiv1/spec/models/commandresultslist_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "results"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "total_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/commandslist_results_spec.rb b/jcapiv1/spec/models/commandslist_results_spec.rb index c200839..8968d57 100644 --- a/jcapiv1/spec/models/commandslist_results_spec.rb +++ b/jcapiv1/spec/models/commandslist_results_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,63 +33,62 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "command"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "command_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "launch_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "listens_to"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "organization"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "schedule"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "schedule_repeat_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "trigger"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/commandslist_spec.rb b/jcapiv1/spec/models/commandslist_spec.rb index 4e6b6f8..d5861c8 100644 --- a/jcapiv1/spec/models/commandslist_spec.rb +++ b/jcapiv1/spec/models/commandslist_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "results"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "total_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/error_details_spec.rb b/jcapiv1/spec/models/error_details_spec.rb new file mode 100644 index 0000000..acb44be --- /dev/null +++ b/jcapiv1/spec/models/error_details_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::ErrorDetails +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ErrorDetails' do + before do + # run before each test + @instance = JCAPIv1::ErrorDetails.new + end + + after do + # run after each test + end + + describe 'test an instance of ErrorDetails' do + it 'should create an instance of ErrorDetails' do + expect(@instance).to be_instance_of(JCAPIv1::ErrorDetails) + end + end + describe 'test attribute "code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "message"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "details"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/error_spec.rb b/jcapiv1/spec/models/error_spec.rb new file mode 100644 index 0000000..da35b7f --- /dev/null +++ b/jcapiv1/spec/models/error_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::Error +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Error' do + before do + # run before each test + @instance = JCAPIv1::Error.new + end + + after do + # run after each test + end + + describe 'test an instance of Error' do + it 'should create an instance of Error' do + expect(@instance).to be_instance_of(JCAPIv1::Error) + end + end + describe 'test attribute "code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "message"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/errorresponse_spec.rb b/jcapiv1/spec/models/errorresponse_spec.rb deleted file mode 100644 index c788cba..0000000 --- a/jcapiv1/spec/models/errorresponse_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Errorresponse -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Errorresponse' do - before do - # run before each test - @instance = JCAPIv1::Errorresponse.new - end - - after do - # run after each test - end - - describe 'test an instance of Errorresponse' do - it 'should create an instance of Errorresponse' do - expect(@instance).to be_instance_of(JCAPIv1::Errorresponse) - end - end - describe 'test attribute "message"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv1/spec/models/fde_spec.rb b/jcapiv1/spec/models/fde_spec.rb index e1077b8..abb0f49 100644 --- a/jcapiv1/spec/models/fde_spec.rb +++ b/jcapiv1/spec/models/fde_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "active"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "key_present"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/id_resetmfa_body_spec.rb b/jcapiv1/spec/models/id_resetmfa_body_spec.rb new file mode 100644 index 0000000..00254e4 --- /dev/null +++ b/jcapiv1/spec/models/id_resetmfa_body_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::IdResetmfaBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'IdResetmfaBody' do + before do + # run before each test + @instance = JCAPIv1::IdResetmfaBody.new + end + + after do + # run after each test + end + + describe 'test an instance of IdResetmfaBody' do + it 'should create an instance of IdResetmfaBody' do + expect(@instance).to be_instance_of(JCAPIv1::IdResetmfaBody) + end + end + describe 'test attribute "exclusion"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "exclusion_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "exclusion_until"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/inline_response_200_spec.rb b/jcapiv1/spec/models/inline_response_200_spec.rb new file mode 100644 index 0000000..6bc765a --- /dev/null +++ b/jcapiv1/spec/models/inline_response_200_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::InlineResponse200 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse200' do + before do + # run before each test + @instance = JCAPIv1::InlineResponse200.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse200' do + it 'should create an instance of InlineResponse200' do + expect(@instance).to be_instance_of(JCAPIv1::InlineResponse200) + end + end + describe 'test attribute "queue_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "workflow_instance_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/inline_response_412_spec.rb b/jcapiv1/spec/models/inline_response_412_spec.rb new file mode 100644 index 0000000..119a562 --- /dev/null +++ b/jcapiv1/spec/models/inline_response_412_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::InlineResponse412 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse412' do + before do + # run before each test + @instance = JCAPIv1::InlineResponse412.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse412' do + it 'should create an instance of InlineResponse412' do + expect(@instance).to be_instance_of(JCAPIv1::InlineResponse412) + end + end + describe 'test attribute "error"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/mfa_enrollment_spec.rb b/jcapiv1/spec/models/mfa_enrollment_spec.rb new file mode 100644 index 0000000..058ef8e --- /dev/null +++ b/jcapiv1/spec/models/mfa_enrollment_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::MfaEnrollment +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'MfaEnrollment' do + before do + # run before each test + @instance = JCAPIv1::MfaEnrollment.new + end + + after do + # run after each test + end + + describe 'test an instance of MfaEnrollment' do + it 'should create an instance of MfaEnrollment' do + expect(@instance).to be_instance_of(JCAPIv1::MfaEnrollment) + end + end + describe 'test attribute "overall_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "push_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "totp_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "web_authn_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/mfa_enrollment_status_spec.rb b/jcapiv1/spec/models/mfa_enrollment_status_spec.rb new file mode 100644 index 0000000..015ba93 --- /dev/null +++ b/jcapiv1/spec/models/mfa_enrollment_status_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::MfaEnrollmentStatus +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'MfaEnrollmentStatus' do + before do + # run before each test + @instance = JCAPIv1::MfaEnrollmentStatus.new + end + + after do + # run after each test + end + + describe 'test an instance of MfaEnrollmentStatus' do + it 'should create an instance of MfaEnrollmentStatus' do + expect(@instance).to be_instance_of(JCAPIv1::MfaEnrollmentStatus) + end + end +end diff --git a/jcapiv1/spec/models/mfa_spec.rb b/jcapiv1/spec/models/mfa_spec.rb index b279a94..007df92 100644 --- a/jcapiv1/spec/models/mfa_spec.rb +++ b/jcapiv1/spec/models/mfa_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,26 @@ end describe 'test attribute "configured"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "exclusion"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "exclusion_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "exclusion_until"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/organization_spec.rb b/jcapiv1/spec/models/organization_spec.rb new file mode 100644 index 0000000..215f0d0 --- /dev/null +++ b/jcapiv1/spec/models/organization_spec.rb @@ -0,0 +1,112 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::Organization +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Organization' do + before do + # run before each test + @instance = JCAPIv1::Organization.new + end + + after do + # run after each test + end + + describe 'test an instance of Organization' do + it 'should create an instance of Organization' do + expect(@instance).to be_instance_of(JCAPIv1::Organization) + end + end + describe 'test attribute "_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "accounts_receivable"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "created"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "entitlement"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "has_credit_card"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "has_stripe_customer_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_estimate_calculation_time_stamp"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_sfdc_sync_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "logo_url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "provider"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "settings"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_billing_estimate"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationentitlement_entitlement_products_spec.rb b/jcapiv1/spec/models/organizationentitlement_entitlement_products_spec.rb new file mode 100644 index 0000000..4913d26 --- /dev/null +++ b/jcapiv1/spec/models/organizationentitlement_entitlement_products_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationentitlementEntitlementProducts +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationentitlementEntitlementProducts' do + before do + # run before each test + @instance = JCAPIv1::OrganizationentitlementEntitlementProducts.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationentitlementEntitlementProducts' do + it 'should create an instance of OrganizationentitlementEntitlementProducts' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationentitlementEntitlementProducts) + end + end + describe 'test attribute "committed_users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "contract_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "max_user_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "price_per_user"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "product_category"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "product_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "uncommitted_users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationentitlement_spec.rb b/jcapiv1/spec/models/organizationentitlement_spec.rb new file mode 100644 index 0000000..db82dc0 --- /dev/null +++ b/jcapiv1/spec/models/organizationentitlement_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::Organizationentitlement +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Organizationentitlement' do + before do + # run before each test + @instance = JCAPIv1::Organizationentitlement.new + end + + after do + # run after each test + end + + describe 'test an instance of Organizationentitlement' do + it 'should create an instance of Organizationentitlement' do + expect(@instance).to be_instance_of(JCAPIv1::Organizationentitlement) + end + end + describe 'test attribute "billing_model"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "entitlement_products"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_manually_billed"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "price_per_user_sum"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizations_id_body_spec.rb b/jcapiv1/spec/models/organizations_id_body_spec.rb new file mode 100644 index 0000000..7efa5c6 --- /dev/null +++ b/jcapiv1/spec/models/organizations_id_body_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsIdBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsIdBody' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsIdBody.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsIdBody' do + it 'should create an instance of OrganizationsIdBody' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsIdBody) + end + end + describe 'test attribute "settings"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettings_features_directory_insights_premium_spec.rb b/jcapiv1/spec/models/organizationsettings_features_directory_insights_premium_spec.rb new file mode 100644 index 0000000..66a72d0 --- /dev/null +++ b/jcapiv1/spec/models/organizationsettings_features_directory_insights_premium_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsettingsFeaturesDirectoryInsightsPremium +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsettingsFeaturesDirectoryInsightsPremium' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsettingsFeaturesDirectoryInsightsPremium.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsettingsFeaturesDirectoryInsightsPremium' do + it 'should create an instance of OrganizationsettingsFeaturesDirectoryInsightsPremium' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsettingsFeaturesDirectoryInsightsPremium) + end + end + describe 'test attribute "created_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettings_features_directory_insights_spec.rb b/jcapiv1/spec/models/organizationsettings_features_directory_insights_spec.rb new file mode 100644 index 0000000..94fbb72 --- /dev/null +++ b/jcapiv1/spec/models/organizationsettings_features_directory_insights_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsettingsFeaturesDirectoryInsights +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsettingsFeaturesDirectoryInsights' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsettingsFeaturesDirectoryInsights.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsettingsFeaturesDirectoryInsights' do + it 'should create an instance of OrganizationsettingsFeaturesDirectoryInsights' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsettingsFeaturesDirectoryInsights) + end + end + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettings_features_spec.rb b/jcapiv1/spec/models/organizationsettings_features_spec.rb new file mode 100644 index 0000000..9ee7fc3 --- /dev/null +++ b/jcapiv1/spec/models/organizationsettings_features_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsettingsFeatures +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsettingsFeatures' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsettingsFeatures.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsettingsFeatures' do + it 'should create an instance of OrganizationsettingsFeatures' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsettingsFeatures) + end + end + describe 'test attribute "directory_insights"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "directory_insights_premium"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_insights"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettings_features_system_insights_spec.rb b/jcapiv1/spec/models/organizationsettings_features_system_insights_spec.rb new file mode 100644 index 0000000..48d523f --- /dev/null +++ b/jcapiv1/spec/models/organizationsettings_features_system_insights_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsettingsFeaturesSystemInsights +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsettingsFeaturesSystemInsights' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsettingsFeaturesSystemInsights.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsettingsFeaturesSystemInsights' do + it 'should create an instance of OrganizationsettingsFeaturesSystemInsights' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsettingsFeaturesSystemInsights) + end + end + describe 'test attribute "created_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_new_darwin"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_new_linux"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_new_windows"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettings_new_system_user_state_defaults_spec.rb b/jcapiv1/spec/models/organizationsettings_new_system_user_state_defaults_spec.rb new file mode 100644 index 0000000..05ea90d --- /dev/null +++ b/jcapiv1/spec/models/organizationsettings_new_system_user_state_defaults_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsettingsNewSystemUserStateDefaults +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsettingsNewSystemUserStateDefaults' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsettingsNewSystemUserStateDefaults.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsettingsNewSystemUserStateDefaults' do + it 'should create an instance of OrganizationsettingsNewSystemUserStateDefaults' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsettingsNewSystemUserStateDefaults) + end + end + describe 'test attribute "application_import"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["ACTIVATED", "STAGED"]) + # validator.allowable_values.each do |value| + # expect { @instance.application_import = value }.not_to raise_error + # end + end + end + + describe 'test attribute "csv_import"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["ACTIVATED", "STAGED"]) + # validator.allowable_values.each do |value| + # expect { @instance.csv_import = value }.not_to raise_error + # end + end + end + + describe 'test attribute "manual_entry"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["ACTIVATED", "STAGED"]) + # validator.allowable_values.each do |value| + # expect { @instance.manual_entry = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettings_password_policy_spec.rb b/jcapiv1/spec/models/organizationsettings_password_policy_spec.rb new file mode 100644 index 0000000..72dde92 --- /dev/null +++ b/jcapiv1/spec/models/organizationsettings_password_policy_spec.rb @@ -0,0 +1,190 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsettingsPasswordPolicy +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsettingsPasswordPolicy' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsettingsPasswordPolicy.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsettingsPasswordPolicy' do + it 'should create an instance of OrganizationsettingsPasswordPolicy' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsettingsPasswordPolicy) + end + end + describe 'test attribute "allow_username_substring"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "days_after_expiration_to_self_recover"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "days_before_expiration_to_force_reset"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "effective_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_days_after_expiration_to_self_recover"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_days_before_expiration_to_force_reset"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_lockout_time_in_seconds"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_max_history"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_max_login_attempts"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_min_change_period_in_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_min_length"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_password_expiration_in_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_recovery_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_reset_lockout_counter"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "grace_period_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "lockout_time_in_seconds"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "max_history"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "max_login_attempts"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "min_change_period_in_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "min_length"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "needs_lowercase"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "needs_numeric"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "needs_symbolic"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "needs_uppercase"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "password_expiration_in_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "reset_lockout_counter_minutes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettings_spec.rb b/jcapiv1/spec/models/organizationsettings_spec.rb new file mode 100644 index 0000000..72ff46c --- /dev/null +++ b/jcapiv1/spec/models/organizationsettings_spec.rb @@ -0,0 +1,218 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::Organizationsettings +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Organizationsettings' do + before do + # run before each test + @instance = JCAPIv1::Organizationsettings.new + end + + after do + # run after each test + end + + describe 'test an instance of Organizationsettings' do + it 'should create an instance of Organizationsettings' do + expect(@instance).to be_instance_of(JCAPIv1::Organizationsettings) + end + end + describe 'test attribute "agent_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "beta_features"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "contact_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "contact_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_identification_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_command_runner"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_google_login"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_ldap"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_um"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "duplicate_ldap_groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email_disclaimer"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_google_apps"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_managed_uid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_o365"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_user_portal_agent_install"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "features"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "growth_data"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "logo"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "max_system_users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "new_system_user_state_defaults"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "password_compliance"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["custom", "pci3", "windows"]) + # validator.allowable_values.each do |value| + # expect { @instance.password_compliance = value }.not_to raise_error + # end + end + end + + describe 'test attribute "password_policy"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "pending_delete"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "show_intro"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_user_password_expiration_in_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_users_can_edit"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "trusted_app_config"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_portal"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "windows_mdm"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettings_user_portal_spec.rb b/jcapiv1/spec/models/organizationsettings_user_portal_spec.rb new file mode 100644 index 0000000..fa1c2df --- /dev/null +++ b/jcapiv1/spec/models/organizationsettings_user_portal_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsettingsUserPortal +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsettingsUserPortal' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsettingsUserPortal.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsettingsUserPortal' do + it 'should create an instance of OrganizationsettingsUserPortal' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsettingsUserPortal) + end + end + describe 'test attribute "idle_session_duration_minutes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettings_windows_mdm_spec.rb b/jcapiv1/spec/models/organizationsettings_windows_mdm_spec.rb new file mode 100644 index 0000000..92d2fa9 --- /dev/null +++ b/jcapiv1/spec/models/organizationsettings_windows_mdm_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsettingsWindowsMDM +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsettingsWindowsMDM' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsettingsWindowsMDM.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsettingsWindowsMDM' do + it 'should create an instance of OrganizationsettingsWindowsMDM' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsettingsWindowsMDM) + end + end + describe 'test attribute "auto_enroll"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettingsput_new_system_user_state_defaults_spec.rb b/jcapiv1/spec/models/organizationsettingsput_new_system_user_state_defaults_spec.rb new file mode 100644 index 0000000..eff3b82 --- /dev/null +++ b/jcapiv1/spec/models/organizationsettingsput_new_system_user_state_defaults_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsettingsputNewSystemUserStateDefaults +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsettingsputNewSystemUserStateDefaults' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsettingsputNewSystemUserStateDefaults.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsettingsputNewSystemUserStateDefaults' do + it 'should create an instance of OrganizationsettingsputNewSystemUserStateDefaults' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsettingsputNewSystemUserStateDefaults) + end + end + describe 'test attribute "application_import"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["ACTIVATED", "STAGED"]) + # validator.allowable_values.each do |value| + # expect { @instance.application_import = value }.not_to raise_error + # end + end + end + + describe 'test attribute "csv_import"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["ACTIVATED", "STAGED"]) + # validator.allowable_values.each do |value| + # expect { @instance.csv_import = value }.not_to raise_error + # end + end + end + + describe 'test attribute "manual_entry"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["ACTIVATED", "STAGED"]) + # validator.allowable_values.each do |value| + # expect { @instance.manual_entry = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettingsput_password_policy_spec.rb b/jcapiv1/spec/models/organizationsettingsput_password_policy_spec.rb new file mode 100644 index 0000000..926b76b --- /dev/null +++ b/jcapiv1/spec/models/organizationsettingsput_password_policy_spec.rb @@ -0,0 +1,172 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::OrganizationsettingsputPasswordPolicy +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OrganizationsettingsputPasswordPolicy' do + before do + # run before each test + @instance = JCAPIv1::OrganizationsettingsputPasswordPolicy.new + end + + after do + # run after each test + end + + describe 'test an instance of OrganizationsettingsputPasswordPolicy' do + it 'should create an instance of OrganizationsettingsputPasswordPolicy' do + expect(@instance).to be_instance_of(JCAPIv1::OrganizationsettingsputPasswordPolicy) + end + end + describe 'test attribute "allow_username_substring"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "days_after_expiration_to_self_recover"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "days_before_expiration_to_force_reset"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "effective_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_days_after_expiration_to_self_recover"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_days_before_expiration_to_force_reset"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_lockout_time_in_seconds"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_max_history"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_max_login_attempts"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_min_change_period_in_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_min_length"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_password_expiration_in_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "grace_period_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "lockout_time_in_seconds"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "max_history"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "max_login_attempts"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "min_change_period_in_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "min_length"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "needs_lowercase"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "needs_numeric"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "needs_symbolic"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "needs_uppercase"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "password_expiration_in_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationsettingsput_spec.rb b/jcapiv1/spec/models/organizationsettingsput_spec.rb new file mode 100644 index 0000000..c74d967 --- /dev/null +++ b/jcapiv1/spec/models/organizationsettingsput_spec.rb @@ -0,0 +1,170 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::Organizationsettingsput +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Organizationsettingsput' do + before do + # run before each test + @instance = JCAPIv1::Organizationsettingsput.new + end + + after do + # run after each test + end + + describe 'test an instance of Organizationsettingsput' do + it 'should create an instance of Organizationsettingsput' do + expect(@instance).to be_instance_of(JCAPIv1::Organizationsettingsput) + end + end + describe 'test attribute "contact_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "contact_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_identification_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_google_login"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_ldap"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_um"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "duplicate_ldap_groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email_disclaimer"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_managed_uid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "features"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "growth_data"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "logo"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "max_system_users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "new_system_user_state_defaults"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "password_compliance"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["custom", "pci3", "windows"]) + # validator.allowable_values.each do |value| + # expect { @instance.password_compliance = value }.not_to raise_error + # end + end + end + + describe 'test attribute "password_policy"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "show_intro"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_user_password_expiration_in_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_users_can_edit"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "trusted_app_config"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_portal"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/organizationslist_results_spec.rb b/jcapiv1/spec/models/organizationslist_results_spec.rb index 73ca272..59bafbd 100644 --- a/jcapiv1/spec/models/organizationslist_results_spec.rb +++ b/jcapiv1/spec/models/organizationslist_results_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,20 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "display_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "logo_url"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/organizationslist_spec.rb b/jcapiv1/spec/models/organizationslist_spec.rb index d94a786..e0370bc 100644 --- a/jcapiv1/spec/models/organizationslist_spec.rb +++ b/jcapiv1/spec/models/organizationslist_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "results"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "total_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/radiusserver_spec.rb b/jcapiv1/spec/models/radiusserver_spec.rb index 1a7f0e4..cf335f9 100644 --- a/jcapiv1/spec/models/radiusserver_spec.rb +++ b/jcapiv1/spec/models/radiusserver_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,67 +33,100 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "auth_idp"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["JUMPCLOUD", "AZURE"]) + # validator.allowable_values.each do |value| + # expect { @instance.auth_idp = value }.not_to raise_error + # end + end + end + + describe 'test attribute "ca_cert"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_cert_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "mfa"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) - #validator.allowable_values.each do |value| - # expect { @instance.mfa = value }.not_to raise_error - #end + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) + # validator.allowable_values.each do |value| + # expect { @instance.mfa = value }.not_to raise_error + # end end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "network_source_ip"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "organization"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "shared_secret"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tag_names"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tags"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_cert_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "user_lockout_action"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_password_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "user_password_expiration_action"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/radiusserverpost_spec.rb b/jcapiv1/spec/models/radiusserverpost_spec.rb index 64d5d41..44eb1c3 100644 --- a/jcapiv1/spec/models/radiusserverpost_spec.rb +++ b/jcapiv1/spec/models/radiusserverpost_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,51 +31,84 @@ expect(@instance).to be_instance_of(JCAPIv1::Radiusserverpost) end end + describe 'test attribute "auth_idp"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["JUMPCLOUD", "AZURE"]) + # validator.allowable_values.each do |value| + # expect { @instance.auth_idp = value }.not_to raise_error + # end + end + end + + describe 'test attribute "ca_cert"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_cert_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "mfa"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) - #validator.allowable_values.each do |value| - # expect { @instance.mfa = value }.not_to raise_error - #end + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) + # validator.allowable_values.each do |value| + # expect { @instance.mfa = value }.not_to raise_error + # end end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "network_source_ip"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "shared_secret"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tag_names"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_cert_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "user_lockout_action"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_password_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "user_password_expiration_action"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/radiusserverput_spec.rb b/jcapiv1/spec/models/radiusserverput_spec.rb index 27c977b..d1b258f 100644 --- a/jcapiv1/spec/models/radiusserverput_spec.rb +++ b/jcapiv1/spec/models/radiusserverput_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,49 +33,82 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "auth_idp"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["JUMPCLOUD", "AZURE"]) + # validator.allowable_values.each do |value| + # expect { @instance.auth_idp = value }.not_to raise_error + # end + end + end + + describe 'test attribute "ca_cert"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_cert_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "mfa"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) - #validator.allowable_values.each do |value| - # expect { @instance.mfa = value }.not_to raise_error - #end + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) + # validator.allowable_values.each do |value| + # expect { @instance.mfa = value }.not_to raise_error + # end end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "network_source_ip"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tag_names"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_cert_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "user_lockout_action"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_password_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "user_password_expiration_action"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/radiusservers_id_body_spec.rb b/jcapiv1/spec/models/radiusservers_id_body_spec.rb new file mode 100644 index 0000000..ec14d40 --- /dev/null +++ b/jcapiv1/spec/models/radiusservers_id_body_spec.rb @@ -0,0 +1,104 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::RadiusserversIdBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'RadiusserversIdBody' do + before do + # run before each test + @instance = JCAPIv1::RadiusserversIdBody.new + end + + after do + # run after each test + end + + describe 'test an instance of RadiusserversIdBody' do + it 'should create an instance of RadiusserversIdBody' do + expect(@instance).to be_instance_of(JCAPIv1::RadiusserversIdBody) + end + end + describe 'test attribute "ca_cert"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_cert_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "mfa"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["DISABLED", "ENABLED", "REQUIRED", "ALWAYS"]) + # validator.allowable_values.each do |value| + # expect { @instance.mfa = value }.not_to raise_error + # end + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "network_source_ip"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "shared_secret"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "tags"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_cert_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_lockout_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_password_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_password_expiration_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/radiusserverslist_spec.rb b/jcapiv1/spec/models/radiusserverslist_spec.rb index 0d42381..083a8f2 100644 --- a/jcapiv1/spec/models/radiusserverslist_spec.rb +++ b/jcapiv1/spec/models/radiusserverslist_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "results"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "total_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/run_command_body_spec.rb b/jcapiv1/spec/models/run_command_body_spec.rb new file mode 100644 index 0000000..95503ef --- /dev/null +++ b/jcapiv1/spec/models/run_command_body_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::RunCommandBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'RunCommandBody' do + before do + # run before each test + @instance = JCAPIv1::RunCommandBody.new + end + + after do + # run after each test + end + + describe 'test an instance of RunCommandBody' do + it 'should create an instance of RunCommandBody' do + expect(@instance).to be_instance_of(JCAPIv1::RunCommandBody) + end + end + describe 'test attribute "_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/search_spec.rb b/jcapiv1/spec/models/search_spec.rb index 69f6041..11dc16d 100644 --- a/jcapiv1/spec/models/search_spec.rb +++ b/jcapiv1/spec/models/search_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,20 @@ end describe 'test attribute "fields"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "filter"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "search_filter"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/sshkeylist_spec.rb b/jcapiv1/spec/models/sshkeylist_spec.rb index 309b3ca..60df458 100644 --- a/jcapiv1/spec/models/sshkeylist_spec.rb +++ b/jcapiv1/spec/models/sshkeylist_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,27 +33,26 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "create_date"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "public_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/sshkeypost_spec.rb b/jcapiv1/spec/models/sshkeypost_spec.rb index 4859484..eeae15d 100644 --- a/jcapiv1/spec/models/sshkeypost_spec.rb +++ b/jcapiv1/spec/models/sshkeypost_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "public_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/sso_spec.rb b/jcapiv1/spec/models/sso_spec.rb new file mode 100644 index 0000000..f7c2256 --- /dev/null +++ b/jcapiv1/spec/models/sso_spec.rb @@ -0,0 +1,88 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::Sso +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Sso' do + before do + # run before each test + @instance = JCAPIv1::Sso.new + end + + after do + # run after each test + end + + describe 'test an instance of Sso' do + it 'should create an instance of Sso' do + expect(@instance).to be_instance_of(JCAPIv1::Sso) + end + end + describe 'test attribute "beta"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "hidden"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "idp_cert_expiration_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "idp_certificate_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "idp_private_key_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "jit"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sp_certificate_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sp_error_flow"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/state_activate_body_spec.rb b/jcapiv1/spec/models/state_activate_body_spec.rb new file mode 100644 index 0000000..102062e --- /dev/null +++ b/jcapiv1/spec/models/state_activate_body_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::StateActivateBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'StateActivateBody' do + before do + # run before each test + @instance = JCAPIv1::StateActivateBody.new + end + + after do + # run after each test + end + + describe 'test an instance of StateActivateBody' do + it 'should create an instance of StateActivateBody' do + expect(@instance).to be_instance_of(JCAPIv1::StateActivateBody) + end + end + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/system_built_in_commands_spec.rb b/jcapiv1/spec/models/system_built_in_commands_spec.rb new file mode 100644 index 0000000..d69eb4d --- /dev/null +++ b/jcapiv1/spec/models/system_built_in_commands_spec.rb @@ -0,0 +1,54 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemBuiltInCommands +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemBuiltInCommands' do + before do + # run before each test + @instance = JCAPIv1::SystemBuiltInCommands.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemBuiltInCommands' do + it 'should create an instance of SystemBuiltInCommands' do + expect(@instance).to be_instance_of(JCAPIv1::SystemBuiltInCommands) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["erase", "lock", "restart", "shutdown"]) + # validator.allowable_values.each do |value| + # expect { @instance.name = value }.not_to raise_error + # end + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["security"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv1/spec/models/system_domain_info_spec.rb b/jcapiv1/spec/models/system_domain_info_spec.rb new file mode 100644 index 0000000..bdcf340 --- /dev/null +++ b/jcapiv1/spec/models/system_domain_info_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemDomainInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemDomainInfo' do + before do + # run before each test + @instance = JCAPIv1::SystemDomainInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemDomainInfo' do + it 'should create an instance of SystemDomainInfo' do + expect(@instance).to be_instance_of(JCAPIv1::SystemDomainInfo) + end + end + describe 'test attribute "domain_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "part_of_domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/system_mdm_internal_spec.rb b/jcapiv1/spec/models/system_mdm_internal_spec.rb new file mode 100644 index 0000000..2c4b3a0 --- /dev/null +++ b/jcapiv1/spec/models/system_mdm_internal_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemMdmInternal +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemMdmInternal' do + before do + # run before each test + @instance = JCAPIv1::SystemMdmInternal.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemMdmInternal' do + it 'should create an instance of SystemMdmInternal' do + expect(@instance).to be_instance_of(JCAPIv1::SystemMdmInternal) + end + end + describe 'test attribute "device_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "windows_device_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/system_mdm_spec.rb b/jcapiv1/spec/models/system_mdm_spec.rb new file mode 100644 index 0000000..c4a601c --- /dev/null +++ b/jcapiv1/spec/models/system_mdm_spec.rb @@ -0,0 +1,90 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemMdm +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemMdm' do + before do + # run before each test + @instance = JCAPIv1::SystemMdm.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemMdm' do + it 'should create an instance of SystemMdm' do + expect(@instance).to be_instance_of(JCAPIv1::SystemMdm) + end + end + describe 'test attribute "dep"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enrollment_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["unknown", "automated device", "device", "user"]) + # validator.allowable_values.each do |value| + # expect { @instance.enrollment_type = value }.not_to raise_error + # end + end + end + + describe 'test attribute "internal"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "profile_identifier"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "provider_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_approved"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "vendor"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["unknown", "none", "internal", "external"]) + # validator.allowable_values.each do |value| + # expect { @instance.vendor = value }.not_to raise_error + # end + end + end + + describe 'test attribute "windows"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/system_mdm_windows_spec.rb b/jcapiv1/spec/models/system_mdm_windows_spec.rb new file mode 100644 index 0000000..ebe3c92 --- /dev/null +++ b/jcapiv1/spec/models/system_mdm_windows_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemMdmWindows +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemMdmWindows' do + before do + # run before each test + @instance = JCAPIv1::SystemMdmWindows.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemMdmWindows' do + it 'should create an instance of SystemMdmWindows' do + expect(@instance).to be_instance_of(JCAPIv1::SystemMdmWindows) + end + end + describe 'test attribute "upn"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/system_network_interfaces_spec.rb b/jcapiv1/spec/models/system_network_interfaces_spec.rb index 441982e..fd3d2bc 100644 --- a/jcapiv1/spec/models/system_network_interfaces_spec.rb +++ b/jcapiv1/spec/models/system_network_interfaces_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,27 +33,30 @@ end describe 'test attribute "address"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "family"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["IPv4", "IPv6"]) + # validator.allowable_values.each do |value| + # expect { @instance.family = value }.not_to raise_error + # end end end describe 'test attribute "internal"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/system_os_version_detail_spec.rb b/jcapiv1/spec/models/system_os_version_detail_spec.rb new file mode 100644 index 0000000..fbc8d22 --- /dev/null +++ b/jcapiv1/spec/models/system_os_version_detail_spec.rb @@ -0,0 +1,94 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemOsVersionDetail +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemOsVersionDetail' do + before do + # run before each test + @instance = JCAPIv1::SystemOsVersionDetail.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemOsVersionDetail' do + it 'should create an instance of SystemOsVersionDetail' do + expect(@instance).to be_instance_of(JCAPIv1::SystemOsVersionDetail) + end + end + describe 'test attribute "distribution_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "major"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "major_number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "minor"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "minor_number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "patch"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "patch_number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "release_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "revision"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/system_provision_metadata_provisioner_spec.rb b/jcapiv1/spec/models/system_provision_metadata_provisioner_spec.rb new file mode 100644 index 0000000..d3c8baf --- /dev/null +++ b/jcapiv1/spec/models/system_provision_metadata_provisioner_spec.rb @@ -0,0 +1,50 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemProvisionMetadataProvisioner +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemProvisionMetadataProvisioner' do + before do + # run before each test + @instance = JCAPIv1::SystemProvisionMetadataProvisioner.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemProvisionMetadataProvisioner' do + it 'should create an instance of SystemProvisionMetadataProvisioner' do + expect(@instance).to be_instance_of(JCAPIv1::SystemProvisionMetadataProvisioner) + end + end + describe 'test attribute "provisioner_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["administrator", "mdm", "user"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv1/spec/models/system_provision_metadata_spec.rb b/jcapiv1/spec/models/system_provision_metadata_spec.rb new file mode 100644 index 0000000..d103d2a --- /dev/null +++ b/jcapiv1/spec/models/system_provision_metadata_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemProvisionMetadata +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemProvisionMetadata' do + before do + # run before each test + @instance = JCAPIv1::SystemProvisionMetadata.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemProvisionMetadata' do + it 'should create an instance of SystemProvisionMetadata' do + expect(@instance).to be_instance_of(JCAPIv1::SystemProvisionMetadata) + end + end + describe 'test attribute "provisioner"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/system_secure_login_spec.rb b/jcapiv1/spec/models/system_secure_login_spec.rb new file mode 100644 index 0000000..6bc2337 --- /dev/null +++ b/jcapiv1/spec/models/system_secure_login_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemSecureLogin +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemSecureLogin' do + before do + # run before each test + @instance = JCAPIv1::SystemSecureLogin.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemSecureLogin' do + it 'should create an instance of SystemSecureLogin' do + expect(@instance).to be_instance_of(JCAPIv1::SystemSecureLogin) + end + end + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "supported"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/system_service_account_state_spec.rb b/jcapiv1/spec/models/system_service_account_state_spec.rb new file mode 100644 index 0000000..d5a130f --- /dev/null +++ b/jcapiv1/spec/models/system_service_account_state_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemServiceAccountState +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemServiceAccountState' do + before do + # run before each test + @instance = JCAPIv1::SystemServiceAccountState.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemServiceAccountState' do + it 'should create an instance of SystemServiceAccountState' do + expect(@instance).to be_instance_of(JCAPIv1::SystemServiceAccountState) + end + end + describe 'test attribute "has_secure_token"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "password_apfs_valid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "password_od_valid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/system_spec.rb b/jcapiv1/spec/models/system_spec.rb index 2cff7d6..c8c934b 100644 --- a/jcapiv1/spec/models/system_spec.rb +++ b/jcapiv1/spec/models/system_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,165 +33,266 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "active"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "agent_version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_multi_factor_authentication"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_public_key_authentication"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_ssh_password_authentication"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_ssh_root_login"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "amazon_instance_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "arch"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "arch_family"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "azure_ad_joined"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "built_in_commands"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "connection_history"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "created"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "desktop_capable"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_manager"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "display_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "domain_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "fde"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "file_system"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "has_service_account"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "hostname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "last_contact"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "mdm"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "modify_sshd_config"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "network_interfaces"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "organization"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "os"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os_family"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os_version_detail"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "provision_metadata"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "remote_ip"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "secure_login"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "serial_number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "service_account_state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "ssh_root_enabled"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "sshd_params"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_insights"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_timezone"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tags"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "template_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_metrics"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/system_sshd_params_spec.rb b/jcapiv1/spec/models/system_sshd_params_spec.rb index 05fc918..a3b1f80 100644 --- a/jcapiv1/spec/models/system_sshd_params_spec.rb +++ b/jcapiv1/spec/models/system_sshd_params_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "value"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/system_system_insights_spec.rb b/jcapiv1/spec/models/system_system_insights_spec.rb index 13e90e1..95bcab3 100644 --- a/jcapiv1/spec/models/system_system_insights_spec.rb +++ b/jcapiv1/spec/models/system_system_insights_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,13 +33,12 @@ end describe 'test attribute "state"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["enabled", "disabled", "deferred"]) - #validator.allowable_values.each do |value| - # expect { @instance.state = value }.not_to raise_error - #end + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["enabled", "disabled", "deferred"]) + # validator.allowable_values.each do |value| + # expect { @instance.state = value }.not_to raise_error + # end end end end - diff --git a/jcapiv1/spec/models/system_user_metrics_spec.rb b/jcapiv1/spec/models/system_user_metrics_spec.rb new file mode 100644 index 0000000..74a3c1e --- /dev/null +++ b/jcapiv1/spec/models/system_user_metrics_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemUserMetrics +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemUserMetrics' do + before do + # run before each test + @instance = JCAPIv1::SystemUserMetrics.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemUserMetrics' do + it 'should create an instance of SystemUserMetrics' do + expect(@instance).to be_instance_of(JCAPIv1::SystemUserMetrics) + end + end + describe 'test attribute "admin"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "managed"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "secure_token_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "suspended"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/systemput_agent_bound_messages_spec.rb b/jcapiv1/spec/models/systemput_agent_bound_messages_spec.rb index 780b439..73f56f7 100644 --- a/jcapiv1/spec/models/systemput_agent_bound_messages_spec.rb +++ b/jcapiv1/spec/models/systemput_agent_bound_messages_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,8 @@ end describe 'test attribute "cmd"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemput_spec.rb b/jcapiv1/spec/models/systemput_spec.rb index 7442687..b917414 100644 --- a/jcapiv1/spec/models/systemput_spec.rb +++ b/jcapiv1/spec/models/systemput_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,45 +33,44 @@ end describe 'test attribute "agent_bound_messages"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_multi_factor_authentication"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_public_key_authentication"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_ssh_password_authentication"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_ssh_root_login"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "display_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tags"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemslist_spec.rb b/jcapiv1/spec/models/systemslist_spec.rb index 20074e6..92783ce 100644 --- a/jcapiv1/spec/models/systemslist_spec.rb +++ b/jcapiv1/spec/models/systemslist_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "results"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "total_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemuser_spec.rb b/jcapiv1/spec/models/systemuser_spec.rb deleted file mode 100644 index 4398f1b..0000000 --- a/jcapiv1/spec/models/systemuser_spec.rb +++ /dev/null @@ -1,282 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Systemuser -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Systemuser' do - before do - # run before each test - @instance = JCAPIv1::Systemuser.new - end - - after do - # run after each test - end - - describe 'test an instance of Systemuser' do - it 'should create an instance of Systemuser' do - expect(@instance).to be_instance_of(JCAPIv1::Systemuser) - end - end - describe 'test attribute "_id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "account_locked"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "activated"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "allow_public_key"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "associated_tag_count"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "attributes"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "company"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "cost_center"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "created"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "department"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "description"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "displayname"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "email"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "employee_identifier"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "employee_type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "enable_managed_uid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "enable_user_portal_multifactor"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "external_dn"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "external_source_type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "externally_managed"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "firstname"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "job_title"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "lastname"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "ldap_binding_user"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "location"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "mfa"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "middlename"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "password_expiration_date"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "password_expired"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "password_never_expires"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "passwordless_sudo"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "public_key"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "samba_service_user"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "ssh_keys"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "sudo"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "suspended"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "tags"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "totp_enabled"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "unix_guid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "unix_uid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "username"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv1/spec/models/systemuserbinding_spec.rb b/jcapiv1/spec/models/systemuserbinding_spec.rb deleted file mode 100644 index aae3081..0000000 --- a/jcapiv1/spec/models/systemuserbinding_spec.rb +++ /dev/null @@ -1,36 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Systemuserbinding -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Systemuserbinding' do - before do - # run before each test - @instance = JCAPIv1::Systemuserbinding.new - end - - after do - # run after each test - end - - describe 'test an instance of Systemuserbinding' do - it 'should create an instance of Systemuserbinding' do - expect(@instance).to be_instance_of(JCAPIv1::Systemuserbinding) - end - end -end - diff --git a/jcapiv1/spec/models/systemuserbindingsput_spec.rb b/jcapiv1/spec/models/systemuserbindingsput_spec.rb deleted file mode 100644 index d8f29a3..0000000 --- a/jcapiv1/spec/models/systemuserbindingsput_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Systemuserbindingsput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Systemuserbindingsput' do - before do - # run before each test - @instance = JCAPIv1::Systemuserbindingsput.new - end - - after do - # run after each test - end - - describe 'test an instance of Systemuserbindingsput' do - it 'should create an instance of Systemuserbindingsput' do - expect(@instance).to be_instance_of(JCAPIv1::Systemuserbindingsput) - end - end - describe 'test attribute "add"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "remove"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv1/spec/models/systemuserput_addresses_spec.rb b/jcapiv1/spec/models/systemuserput_addresses_spec.rb index 3c72644..9ffa3d7 100644 --- a/jcapiv1/spec/models/systemuserput_addresses_spec.rb +++ b/jcapiv1/spec/models/systemuserput_addresses_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,51 +33,50 @@ end describe 'test attribute "country"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "extended_address"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "locality"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "po_box"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "postal_code"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "region"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "street_address"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemuserput_attributes_spec.rb b/jcapiv1/spec/models/systemuserput_attributes_spec.rb new file mode 100644 index 0000000..6a16d05 --- /dev/null +++ b/jcapiv1/spec/models/systemuserput_attributes_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemuserputAttributes +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemuserputAttributes' do + before do + # run before each test + @instance = JCAPIv1::SystemuserputAttributes.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemuserputAttributes' do + it 'should create an instance of SystemuserputAttributes' do + expect(@instance).to be_instance_of(JCAPIv1::SystemuserputAttributes) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/systemuserput_phone_numbers_spec.rb b/jcapiv1/spec/models/systemuserput_phone_numbers_spec.rb index 9c1c5e4..9347524 100644 --- a/jcapiv1/spec/models/systemuserput_phone_numbers_spec.rb +++ b/jcapiv1/spec/models/systemuserput_phone_numbers_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "number"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemuserput_relationships_spec.rb b/jcapiv1/spec/models/systemuserput_relationships_spec.rb new file mode 100644 index 0000000..d4aae28 --- /dev/null +++ b/jcapiv1/spec/models/systemuserput_relationships_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemuserputRelationships +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemuserputRelationships' do + before do + # run before each test + @instance = JCAPIv1::SystemuserputRelationships.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemuserputRelationships' do + it 'should create an instance of SystemuserputRelationships' do + expect(@instance).to be_instance_of(JCAPIv1::SystemuserputRelationships) + end + end + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/systemuserput_spec.rb b/jcapiv1/spec/models/systemuserput_spec.rb index 00b6ce3..6552eb3 100644 --- a/jcapiv1/spec/models/systemuserput_spec.rb +++ b/jcapiv1/spec/models/systemuserput_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,225 +33,264 @@ end describe 'test attribute "account_locked"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "addresses"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_public_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "alternate_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "company"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "cost_center"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "department"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_device_max_login_attempts"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "displayname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "email"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "employee_identifier"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "employee_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "enable_managed_uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "enable_user_portal_multifactor"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "external_dn"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "external_password_expiration_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "external_source_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "externally_managed"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "firstname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "job_title"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "lastname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "ldap_binding_user"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "location"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "managed_apple_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manager"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "mfa"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "middlename"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "password"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "password_never_expires"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "phone_numbers"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "public_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "relationships"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "samba_service_user"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "ssh_keys"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["ACTIVATED", "SUSPENDED"]) + # validator.allowable_values.each do |value| + # expect { @instance.state = value }.not_to raise_error + # end end end describe 'test attribute "sudo"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "suspended"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tags"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "unix_guid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "unix_uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "username"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemuserputpost_addresses_spec.rb b/jcapiv1/spec/models/systemuserputpost_addresses_spec.rb index 0a8761a..dfb5b5b 100644 --- a/jcapiv1/spec/models/systemuserputpost_addresses_spec.rb +++ b/jcapiv1/spec/models/systemuserputpost_addresses_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,51 +33,50 @@ end describe 'test attribute "country"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "extended_address"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "locality"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "po_box"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "postal_code"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "region"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "street_address"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemuserputpost_phone_numbers_spec.rb b/jcapiv1/spec/models/systemuserputpost_phone_numbers_spec.rb index aa7c5c3..7a1556d 100644 --- a/jcapiv1/spec/models/systemuserputpost_phone_numbers_spec.rb +++ b/jcapiv1/spec/models/systemuserputpost_phone_numbers_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "number"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemuserputpost_recovery_email_spec.rb b/jcapiv1/spec/models/systemuserputpost_recovery_email_spec.rb new file mode 100644 index 0000000..6dfde24 --- /dev/null +++ b/jcapiv1/spec/models/systemuserputpost_recovery_email_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemuserputpostRecoveryEmail +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemuserputpostRecoveryEmail' do + before do + # run before each test + @instance = JCAPIv1::SystemuserputpostRecoveryEmail.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemuserputpostRecoveryEmail' do + it 'should create an instance of SystemuserputpostRecoveryEmail' do + expect(@instance).to be_instance_of(JCAPIv1::SystemuserputpostRecoveryEmail) + end + end + describe 'test attribute "address"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/systemuserputpost_spec.rb b/jcapiv1/spec/models/systemuserputpost_spec.rb index ecd3e89..ccf1273 100644 --- a/jcapiv1/spec/models/systemuserputpost_spec.rb +++ b/jcapiv1/spec/models/systemuserputpost_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,231 +33,276 @@ end describe 'test attribute "account_locked"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "activated"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "addresses"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_public_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "alternate_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "company"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "cost_center"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "department"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_device_max_login_attempts"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "displayname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "email"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "employee_identifier"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "employee_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "enable_managed_uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "enable_user_portal_multifactor"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "external_dn"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "external_password_expiration_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "external_source_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "externally_managed"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "firstname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "job_title"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "lastname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "ldap_binding_user"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "location"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "managed_apple_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manager"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "mfa"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "middlename"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "password"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "password_never_expires"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "passwordless_sudo"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "phone_numbers"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "public_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "recovery_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "relationships"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "samba_service_user"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["STAGED", "ACTIVATED", "SUSPENDED"]) + # validator.allowable_values.each do |value| + # expect { @instance.state = value }.not_to raise_error + # end end end describe 'test attribute "sudo"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "suspended"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tags"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "unix_guid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "unix_uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "username"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemuserreturn_addresses_spec.rb b/jcapiv1/spec/models/systemuserreturn_addresses_spec.rb index ef4a0aa..d43d989 100644 --- a/jcapiv1/spec/models/systemuserreturn_addresses_spec.rb +++ b/jcapiv1/spec/models/systemuserreturn_addresses_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,57 +33,56 @@ end describe 'test attribute "country"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "extended_address"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "locality"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "po_box"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "postal_code"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "region"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "street_address"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemuserreturn_phone_numbers_spec.rb b/jcapiv1/spec/models/systemuserreturn_phone_numbers_spec.rb index 8ac9222..6afc2f2 100644 --- a/jcapiv1/spec/models/systemuserreturn_phone_numbers_spec.rb +++ b/jcapiv1/spec/models/systemuserreturn_phone_numbers_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,20 @@ end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "number"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemuserreturn_recovery_email_spec.rb b/jcapiv1/spec/models/systemuserreturn_recovery_email_spec.rb new file mode 100644 index 0000000..2f29b01 --- /dev/null +++ b/jcapiv1/spec/models/systemuserreturn_recovery_email_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::SystemuserreturnRecoveryEmail +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemuserreturnRecoveryEmail' do + before do + # run before each test + @instance = JCAPIv1::SystemuserreturnRecoveryEmail.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemuserreturnRecoveryEmail' do + it 'should create an instance of SystemuserreturnRecoveryEmail' do + expect(@instance).to be_instance_of(JCAPIv1::SystemuserreturnRecoveryEmail) + end + end + describe 'test attribute "address"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "verified"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "verified_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/systemuserreturn_spec.rb b/jcapiv1/spec/models/systemuserreturn_spec.rb index f5952f3..c73b661 100644 --- a/jcapiv1/spec/models/systemuserreturn_spec.rb +++ b/jcapiv1/spec/models/systemuserreturn_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,273 +33,342 @@ end describe 'test attribute "_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "account_locked"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "account_locked_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "activated"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "addresses"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "allow_public_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "alternate_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "bad_login_attempts"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "company"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "cost_center"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "created"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "creation_source"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "department"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_device_max_login_attempts"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "displayname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "email"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "employee_identifier"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "employee_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "enable_managed_uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "enable_user_portal_multifactor"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "external_dn"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "external_password_expiration_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "external_source_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "externally_managed"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "firstname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "job_title"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "lastname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "ldap_binding_user"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "location"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "managed_apple_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manager"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "mfa"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "mfa_enrollment"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "middlename"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "organization"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "password_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "password_expiration_date"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "password_expired"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "password_never_expires"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "passwordless_sudo"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "phone_numbers"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "public_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "recovery_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "relationships"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "samba_service_user"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "ssh_keys"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["STAGED", "ACTIVATED", "SUSPENDED"]) + # validator.allowable_values.each do |value| + # expect { @instance.state = value }.not_to raise_error + # end end end describe 'test attribute "sudo"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "suspended"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tags"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "totp_enabled"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "unix_guid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "unix_uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "username"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/systemuserslist_spec.rb b/jcapiv1/spec/models/systemuserslist_spec.rb index e2e1eb1..9c32974 100644 --- a/jcapiv1/spec/models/systemuserslist_spec.rb +++ b/jcapiv1/spec/models/systemuserslist_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "results"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "total_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv1/spec/models/tag_spec.rb b/jcapiv1/spec/models/tag_spec.rb deleted file mode 100644 index 7dbd60d..0000000 --- a/jcapiv1/spec/models/tag_spec.rb +++ /dev/null @@ -1,108 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Tag -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Tag' do - before do - # run before each test - @instance = JCAPIv1::Tag.new - end - - after do - # run after each test - end - - describe 'test an instance of Tag' do - it 'should create an instance of Tag' do - expect(@instance).to be_instance_of(JCAPIv1::Tag) - end - end - describe 'test attribute "_id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "expired"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "external_dn"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "external_source_type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "externally_managed"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "group_gid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "group_name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "regular_expressions"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "send_to_ldap"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "systems"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "systemusers"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv1/spec/models/tagpost_spec.rb b/jcapiv1/spec/models/tagpost_spec.rb deleted file mode 100644 index 5e43a0f..0000000 --- a/jcapiv1/spec/models/tagpost_spec.rb +++ /dev/null @@ -1,96 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Tagpost -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Tagpost' do - before do - # run before each test - @instance = JCAPIv1::Tagpost.new - end - - after do - # run after each test - end - - describe 'test an instance of Tagpost' do - it 'should create an instance of Tagpost' do - expect(@instance).to be_instance_of(JCAPIv1::Tagpost) - end - end - describe 'test attribute "external_dn"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "external_source_type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "externally_managed"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "group_gid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "group_name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "regular_expressions"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "send_to_ldap"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "systems"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "systemusers"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv1/spec/models/tagput_spec.rb b/jcapiv1/spec/models/tagput_spec.rb deleted file mode 100644 index f98fb4c..0000000 --- a/jcapiv1/spec/models/tagput_spec.rb +++ /dev/null @@ -1,96 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Tagput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Tagput' do - before do - # run before each test - @instance = JCAPIv1::Tagput.new - end - - after do - # run after each test - end - - describe 'test an instance of Tagput' do - it 'should create an instance of Tagput' do - expect(@instance).to be_instance_of(JCAPIv1::Tagput) - end - end - describe 'test attribute "external_dn"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "external_source_type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "externally_managed"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "group_gid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "group_name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "regular_expressions"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "send_to_ldap"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "systems"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "systemusers"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv1/spec/models/tagslist_spec.rb b/jcapiv1/spec/models/tagslist_spec.rb deleted file mode 100644 index cc22b79..0000000 --- a/jcapiv1/spec/models/tagslist_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Tagslist -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Tagslist' do - before do - # run before each test - @instance = JCAPIv1::Tagslist.new - end - - after do - # run after each test - end - - describe 'test an instance of Tagslist' do - it 'should create an instance of Tagslist' do - expect(@instance).to be_instance_of(JCAPIv1::Tagslist) - end - end - describe 'test attribute "results"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "total_count"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv1/spec/models/totpenrollmentinfo_spec.rb b/jcapiv1/spec/models/totpenrollmentinfo_spec.rb new file mode 100644 index 0000000..a6eaeb2 --- /dev/null +++ b/jcapiv1/spec/models/totpenrollmentinfo_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::Totpenrollmentinfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Totpenrollmentinfo' do + before do + # run before each test + @instance = JCAPIv1::Totpenrollmentinfo.new + end + + after do + # run after each test + end + + describe 'test an instance of Totpenrollmentinfo' do + it 'should create an instance of Totpenrollmentinfo' do + expect(@instance).to be_instance_of(JCAPIv1::Totpenrollmentinfo) + end + end + describe 'test attribute "enrollment_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/triggerreturn_spec.rb b/jcapiv1/spec/models/triggerreturn_spec.rb new file mode 100644 index 0000000..f56a5b0 --- /dev/null +++ b/jcapiv1/spec/models/triggerreturn_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::Triggerreturn +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Triggerreturn' do + before do + # run before each test + @instance = JCAPIv1::Triggerreturn.new + end + + after do + # run after each test + end + + describe 'test an instance of Triggerreturn' do + it 'should create an instance of Triggerreturn' do + expect(@instance).to be_instance_of(JCAPIv1::Triggerreturn) + end + end + describe 'test attribute "triggered"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/trustedapp_config_get_spec.rb b/jcapiv1/spec/models/trustedapp_config_get_spec.rb new file mode 100644 index 0000000..661e230 --- /dev/null +++ b/jcapiv1/spec/models/trustedapp_config_get_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::TrustedappConfigGet +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'TrustedappConfigGet' do + before do + # run before each test + @instance = JCAPIv1::TrustedappConfigGet.new + end + + after do + # run after each test + end + + describe 'test an instance of TrustedappConfigGet' do + it 'should create an instance of TrustedappConfigGet' do + expect(@instance).to be_instance_of(JCAPIv1::TrustedappConfigGet) + end + end + describe 'test attribute "checksum"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "trusted_apps"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/trustedapp_config_get_trusted_apps_spec.rb b/jcapiv1/spec/models/trustedapp_config_get_trusted_apps_spec.rb new file mode 100644 index 0000000..2fc6336 --- /dev/null +++ b/jcapiv1/spec/models/trustedapp_config_get_trusted_apps_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::TrustedappConfigGetTrustedApps +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'TrustedappConfigGetTrustedApps' do + before do + # run before each test + @instance = JCAPIv1::TrustedappConfigGetTrustedApps.new + end + + after do + # run after each test + end + + describe 'test an instance of TrustedappConfigGetTrustedApps' do + it 'should create an instance of TrustedappConfigGetTrustedApps' do + expect(@instance).to be_instance_of(JCAPIv1::TrustedappConfigGetTrustedApps) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "teamid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/trustedapp_config_put_spec.rb b/jcapiv1/spec/models/trustedapp_config_put_spec.rb new file mode 100644 index 0000000..3f55d34 --- /dev/null +++ b/jcapiv1/spec/models/trustedapp_config_put_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::TrustedappConfigPut +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'TrustedappConfigPut' do + before do + # run before each test + @instance = JCAPIv1::TrustedappConfigPut.new + end + + after do + # run after each test + end + + describe 'test an instance of TrustedappConfigPut' do + it 'should create an instance of TrustedappConfigPut' do + expect(@instance).to be_instance_of(JCAPIv1::TrustedappConfigPut) + end + end + describe 'test attribute "trusted_apps"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/userput_spec.rb b/jcapiv1/spec/models/userput_spec.rb new file mode 100644 index 0000000..8835749 --- /dev/null +++ b/jcapiv1/spec/models/userput_spec.rb @@ -0,0 +1,76 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::Userput +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Userput' do + before do + # run before each test + @instance = JCAPIv1::Userput.new + end + + after do + # run after each test + end + + describe 'test an instance of Userput' do + it 'should create an instance of Userput' do + expect(@instance).to be_instance_of(JCAPIv1::Userput) + end + end + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_multi_factor"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "firstname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "growth_data"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_whats_new_checked"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "lastname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "role_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/userreturn_growth_data_spec.rb b/jcapiv1/spec/models/userreturn_growth_data_spec.rb new file mode 100644 index 0000000..4858a02 --- /dev/null +++ b/jcapiv1/spec/models/userreturn_growth_data_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::UserreturnGrowthData +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'UserreturnGrowthData' do + before do + # run before each test + @instance = JCAPIv1::UserreturnGrowthData.new + end + + after do + # run after each test + end + + describe 'test an instance of UserreturnGrowthData' do + it 'should create an instance of UserreturnGrowthData' do + expect(@instance).to be_instance_of(JCAPIv1::UserreturnGrowthData) + end + end + describe 'test attribute "experiment_states"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "onboarding_state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/userreturn_spec.rb b/jcapiv1/spec/models/userreturn_spec.rb new file mode 100644 index 0000000..574e601 --- /dev/null +++ b/jcapiv1/spec/models/userreturn_spec.rb @@ -0,0 +1,154 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 1.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv1::Userreturn +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Userreturn' do + before do + # run before each test + @instance = JCAPIv1::Userreturn.new + end + + after do + # run after each test + end + + describe 'test an instance of Userreturn' do + it 'should create an instance of Userreturn' do + expect(@instance).to be_instance_of(JCAPIv1::Userreturn) + end + end + describe 'test attribute "_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "api_key_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "created"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disable_introduction"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_multi_factor"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "firstname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "growth_data"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_whats_new_checked"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "lastname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "password_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "provider"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "role"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "role_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "session_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "suspended"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "totp_enrolled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "totp_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "users_time_zone"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv1/spec/models/usersystembinding_spec.rb b/jcapiv1/spec/models/usersystembinding_spec.rb deleted file mode 100644 index b450497..0000000 --- a/jcapiv1/spec/models/usersystembinding_spec.rb +++ /dev/null @@ -1,36 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Usersystembinding -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Usersystembinding' do - before do - # run before each test - @instance = JCAPIv1::Usersystembinding.new - end - - after do - # run after each test - end - - describe 'test an instance of Usersystembinding' do - it 'should create an instance of Usersystembinding' do - expect(@instance).to be_instance_of(JCAPIv1::Usersystembinding) - end - end -end - diff --git a/jcapiv1/spec/models/usersystembindingsput_spec.rb b/jcapiv1/spec/models/usersystembindingsput_spec.rb deleted file mode 100644 index 824773f..0000000 --- a/jcapiv1/spec/models/usersystembindingsput_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. - -OpenAPI spec version: 1.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv1::Usersystembindingsput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Usersystembindingsput' do - before do - # run before each test - @instance = JCAPIv1::Usersystembindingsput.new - end - - after do - # run after each test - end - - describe 'test an instance of Usersystembindingsput' do - it 'should create an instance of Usersystembindingsput' do - expect(@instance).to be_instance_of(JCAPIv1::Usersystembindingsput) - end - end - describe 'test attribute "add"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "remove"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv1/spec/spec_helper.rb b/jcapiv1/spec/spec_helper.rb index ac7cdd8..b50cd4e 100644 --- a/jcapiv1/spec/spec_helper.rb +++ b/jcapiv1/spec/spec_helper.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, & system users. +## Overview JumpCloud's V1 API. This set of endpoints allows JumpCloud customers to manage commands, systems, and system users. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/systemusers\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 1.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end # load the gem diff --git a/jcapiv2/.gitignore b/jcapiv2/.gitignore index 4b91271..c021594 100644 --- a/jcapiv2/.gitignore +++ b/jcapiv2/.gitignore @@ -1,5 +1,5 @@ # Generated by: https://github.com/swagger-api/swagger-codegen.git -# +# *.gem *.rbc diff --git a/jcapiv2/.rubocop.yml b/jcapiv2/.rubocop.yml new file mode 100644 index 0000000..19a777e --- /dev/null +++ b/jcapiv2/.rubocop.yml @@ -0,0 +1,154 @@ +# This file is based on https://github.com/rails/rails/blob/master/.rubocop.yml (MIT license) +# Automatically generated by Swagger Codegen (https://github.com/swagger-api/swagger-codegen) +AllCops: + TargetRubyVersion: 2.2 + # RuboCop has a bunch of cops enabled by default. This setting tells RuboCop + # to ignore them, so only the ones explicitly set in this file are enabled. + DisabledByDefault: true + Exclude: + - '**/templates/**/*' + - '**/vendor/**/*' + - 'actionpack/lib/action_dispatch/journey/parser.rb' + +# Prefer &&/|| over and/or. +Style/AndOr: + Enabled: true + +# Do not use braces for hash literals when they are the last argument of a +# method call. +Style/BracesAroundHashParameters: + Enabled: true + EnforcedStyle: context_dependent + +# Align `when` with `case`. +Layout/CaseIndentation: + Enabled: true + +# Align comments with method definitions. +Layout/CommentIndentation: + Enabled: true + +Layout/ElseAlignment: + Enabled: true + +Layout/EmptyLineAfterMagicComment: + Enabled: true + +# In a regular class definition, no empty lines around the body. +Layout/EmptyLinesAroundClassBody: + Enabled: true + +# In a regular method definition, no empty lines around the body. +Layout/EmptyLinesAroundMethodBody: + Enabled: true + +# In a regular module definition, no empty lines around the body. +Layout/EmptyLinesAroundModuleBody: + Enabled: true + +Layout/FirstParameterIndentation: + Enabled: true + +# Use Ruby >= 1.9 syntax for hashes. Prefer { a: :b } over { :a => :b }. +Style/HashSyntax: + Enabled: false + +# Method definitions after `private` or `protected` isolated calls need one +# extra level of indentation. +Layout/IndentationConsistency: + Enabled: true + EnforcedStyle: rails + +# Two spaces, no tabs (for indentation). +Layout/IndentationWidth: + Enabled: true + +Layout/LeadingCommentSpace: + Enabled: true + +Layout/SpaceAfterColon: + Enabled: true + +Layout/SpaceAfterComma: + Enabled: true + +Layout/SpaceAroundEqualsInParameterDefault: + Enabled: true + +Layout/SpaceAroundKeyword: + Enabled: true + +Layout/SpaceAroundOperators: + Enabled: true + +Layout/SpaceBeforeComma: + Enabled: true + +Layout/SpaceBeforeFirstArg: + Enabled: true + +Style/DefWithParentheses: + Enabled: true + +# Defining a method with parameters needs parentheses. +Style/MethodDefParentheses: + Enabled: true + +Style/FrozenStringLiteralComment: + Enabled: false + EnforcedStyle: always + +# Use `foo {}` not `foo{}`. +Layout/SpaceBeforeBlockBraces: + Enabled: true + +# Use `foo { bar }` not `foo {bar}`. +Layout/SpaceInsideBlockBraces: + Enabled: true + +# Use `{ a: 1 }` not `{a:1}`. +Layout/SpaceInsideHashLiteralBraces: + Enabled: true + +Layout/SpaceInsideParens: + Enabled: true + +# Check quotes usage according to lint rule below. +#Style/StringLiterals: +# Enabled: true +# EnforcedStyle: single_quotes + +# Detect hard tabs, no hard tabs. +Layout/Tab: + Enabled: true + +# Blank lines should not have any spaces. +Layout/TrailingBlankLines: + Enabled: true + +# No trailing whitespace. +Layout/TrailingWhitespace: + Enabled: false + +# Use quotes for string literals when they are enough. +Style/UnneededPercentQ: + Enabled: true + +# Align `end` with the matching keyword or starting expression except for +# assignments, where it should be aligned with the LHS. +Lint/EndAlignment: + Enabled: true + EnforcedStyleAlignWith: variable + AutoCorrect: true + +# Use my_method(my_arg) not my_method( my_arg ) or my_method my_arg. +Lint/RequireParentheses: + Enabled: true + +Style/RedundantReturn: + Enabled: true + AllowMultipleReturnValues: true + +Style/Semicolon: + Enabled: true + AllowAsExpressionSeparator: true diff --git a/jcapiv2/.swagger-codegen/VERSION b/jcapiv2/.swagger-codegen/VERSION index a625450..0cc68a7 100644 --- a/jcapiv2/.swagger-codegen/VERSION +++ b/jcapiv2/.swagger-codegen/VERSION @@ -1 +1 @@ -2.3.1 \ No newline at end of file +3.0.47 \ No newline at end of file diff --git a/jcapiv2/Gemfile b/jcapiv2/Gemfile index d255a3a..c2e3127 100644 --- a/jcapiv2/Gemfile +++ b/jcapiv2/Gemfile @@ -3,5 +3,7 @@ source 'https://rubygems.org' gemspec group :development, :test do - gem 'rake', '~> 12.0.0' + gem 'rake', '~> 13.0.1' + gem 'pry-byebug' + gem 'rubocop', '~> 0.66.0' end diff --git a/jcapiv2/README.md b/jcapiv2/README.md index ecd5386..f34bb36 100644 --- a/jcapiv2/README.md +++ b/jcapiv2/README.md @@ -1,14 +1,15 @@ # jcapiv2 -JCAPIv2 - the Ruby gem for the JumpCloud APIs +JCAPIv2 - the Ruby gem for the JumpCloud API - JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +# Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) This SDK is automatically generated by the [Swagger Codegen](https://github.com/swagger-api/swagger-codegen) project: - API version: 2.0 - Package version: 3.0.0 -- Build package: io.swagger.codegen.languages.RubyClientCodegen +- Build package: io.swagger.codegen.v3.generators.ruby.RubyClientCodegen +For more information, please visit [https://support.jumpcloud.com/support/s/](https://support.jumpcloud.com/support/s/) ## Installation @@ -53,28 +54,12432 @@ Please follow the [installation](#installation) procedure and then run the follo ```ruby # Load the gem require 'jcapiv2' +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +activedirectory_id = 'activedirectory_id_example' # String | +agent_id = 'agent_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete Active Directory Agent + api_instance.activedirectories_agents_delete(activedirectory_id, agent_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->activedirectories_agents_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +activedirectory_id = 'activedirectory_id_example' # String | +agent_id = 'agent_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get Active Directory Agent + result = api_instance.activedirectories_agents_get(activedirectory_id, agent_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->activedirectories_agents_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +activedirectory_id = 'activedirectory_id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Active Directory Agents + result = api_instance.activedirectories_agents_list(activedirectory_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->activedirectories_agents_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +activedirectory_id = 'activedirectory_id_example' # String | +opts = { + body: JCAPIv2::ActiveDirectoryAgent.new, # ActiveDirectoryAgent | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create a new Active Directory Agent + result = api_instance.activedirectories_agents_post(activedirectory_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->activedirectories_agents_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +id = 'id_example' # String | ObjectID of this Active Directory instance. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete an Active Directory + result = api_instance.activedirectories_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->activedirectories_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +id = 'id_example' # String | ObjectID of this Active Directory instance. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get an Active Directory + result = api_instance.activedirectories_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->activedirectories_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Active Directories + result = api_instance.activedirectories_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->activedirectories_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +opts = { + body: JCAPIv2::ActiveDirectory.new, # ActiveDirectory | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create a new Active Directory + result = api_instance.activedirectories_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->activedirectories_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +activedirectory_id = 'activedirectory_id_example' # String | +targets = ['targets_example'] # Array | Targets which a \"active_directory\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of an Active Directory instance + result = api_instance.graph_active_directory_associations_list(activedirectory_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->graph_active_directory_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +activedirectory_id = 'activedirectory_id_example' # String | +opts = { + body: JCAPIv2::GraphOperationActiveDirectory.new, # GraphOperationActiveDirectory | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of an Active Directory instance + api_instance.graph_active_directory_associations_post(activedirectory_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->graph_active_directory_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +activedirectory_id = 'activedirectory_id_example' # String | ObjectID of the Active Directory instance. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the Users bound to an Active Directory instance + result = api_instance.graph_active_directory_traverse_user(activedirectory_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->graph_active_directory_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ActiveDirectoryApi.new +activedirectory_id = 'activedirectory_id_example' # String | ObjectID of the Active Directory instance. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to an Active Directory instance + result = api_instance.graph_active_directory_traverse_user_group(activedirectory_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->graph_active_directory_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AdministratorsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::AdministratorOrganizationLinkReq.new # AdministratorOrganizationLinkReq | +} + +begin + #Allow Adminstrator access to an Organization. + result = api_instance.administrator_organizations_create_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AdministratorsApi->administrator_organizations_create_by_administrator: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AdministratorsApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Administrator and Organizations. + result = api_instance.administrator_organizations_list_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AdministratorsApi->administrator_organizations_list_by_administrator: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AdministratorsApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Organization and Administrators. + result = api_instance.administrator_organizations_list_by_organization(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AdministratorsApi->administrator_organizations_list_by_organization: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AdministratorsApi.new +administrator_id = 'administrator_id_example' # String | +id = 'id_example' # String | + + +begin + #Remove association between an Administrator and an Organization. + api_instance.administrator_organizations_remove_by_administrator(administrator_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AdministratorsApi->administrator_organizations_remove_by_administrator: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get Apple MDM CSR Plist + result = api_instance.applemdms_csrget(apple_mdm_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_csrget: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete an Apple MDM + result = api_instance.applemdms_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Remove an Apple MDM Device's Enrollment + result = api_instance.applemdms_deletedevice(apple_mdm_id, device_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_deletedevice: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get Apple MDM DEP Public Key + result = api_instance.applemdms_depkeyget(apple_mdm_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_depkeyget: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Clears the Activation Lock for a Device + api_instance.applemdms_devices_clear_activation_lock(apple_mdm_id, device_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_devices_clear_activation_lock: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Request the status of an OS update for a device + api_instance.applemdms_devices_os_update_status(apple_mdm_id, device_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_devices_os_update_status: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Refresh activation lock information for a device + api_instance.applemdms_devices_refresh_activation_lock_information(apple_mdm_id, device_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_devices_refresh_activation_lock_information: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + body: JCAPIv2::ScheduleOSUpdate.new, # ScheduleOSUpdate | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Schedule an OS update for a device + api_instance.applemdms_devices_schedule_os_update(apple_mdm_id, device_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_devices_schedule_os_update: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + body: JCAPIv2::DeviceIdEraseBody.new, # DeviceIdEraseBody | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Erase Device + api_instance.applemdms_deviceserase(apple_mdm_id, device_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_deviceserase: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_total_count: 56 # Integer | +} + +begin + #List AppleMDM Devices + result = api_instance.applemdms_deviceslist(apple_mdm_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_deviceslist: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + body: JCAPIv2::DeviceIdLockBody.new, # DeviceIdLockBody | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Lock Device + api_instance.applemdms_deviceslock(apple_mdm_id, device_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_deviceslock: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + body: JCAPIv2::DeviceIdRestartBody.new, # DeviceIdRestartBody | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Restart Device + api_instance.applemdms_devicesrestart(apple_mdm_id, device_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_devicesrestart: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Shut Down Device + api_instance.applemdms_devicesshutdown(apple_mdm_id, device_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_devicesshutdown: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get an Apple MDM Enrollment Profile + result = api_instance.applemdms_enrollmentprofilesget(apple_mdm_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_enrollmentprofilesget: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Apple MDM Enrollment Profiles + result = api_instance.applemdms_enrollmentprofileslist(apple_mdm_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_enrollmentprofileslist: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Details of an AppleMDM Device + result = api_instance.applemdms_getdevice(apple_mdm_id, device_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_getdevice: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 1, # Integer | + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List Apple MDMs + result = api_instance.applemdms_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::AppleMdmPatch.new, # AppleMdmPatch | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update an Apple MDM + result = api_instance.applemdms_put(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_put: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Refresh DEP Devices + api_instance.applemdms_refreshdepdevices(apple_mdm_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_refreshdepdevices: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete application image + api_instance.applications_delete_logo(application_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->applications_delete_logo: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get an Application + result = api_instance.applications_get(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->applications_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | +opts = { + image: 'image_example', # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Save application logo + api_instance.applications_post_logo(application_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->applications_post_logo: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +targets = ['targets_example'] # Array | Targets which a \"application\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of an Application + result = api_instance.graph_application_associations_list(application_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->graph_application_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + body: JCAPIv2::GraphOperationApplication.new, # GraphOperationApplication | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of an Application + api_instance.graph_application_associations_post(application_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->graph_application_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to an Application + result = api_instance.graph_application_traverse_user(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->graph_application_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to an Application + result = api_instance.graph_application_traverse_user_group(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->graph_application_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + body: JCAPIv2::ImportUsersRequest.new, # ImportUsersRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create an import job + result = api_instance.import_create(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->import_create: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + filter: 'filter_example', # String | Filter users by a search term + query: 'query_example', # String | URL query to merge with the service provider request + sort: 'sort_example', # String | Sort users by supported fields + sort_order: 'asc', # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #Get a list of users to import from an Application IdM service provider + result = api_instance.import_users(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->import_users: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AuthenticationPoliciesApi.new +id = 'id_example' # String | Unique identifier of the authentication policy +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete Authentication Policy + result = api_instance.authnpolicies_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AuthenticationPoliciesApi->authnpolicies_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AuthenticationPoliciesApi.new +id = 'id_example' # String | Unique identifier of the authentication policy +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get an authentication policy + result = api_instance.authnpolicies_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AuthenticationPoliciesApi->authnpolicies_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AuthenticationPoliciesApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + x_total_count: 56, # Integer | + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List Authentication Policies + result = api_instance.authnpolicies_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AuthenticationPoliciesApi->authnpolicies_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AuthenticationPoliciesApi.new +id = 'id_example' # String | Unique identifier of the authentication policy +opts = { + body: JCAPIv2::AuthnPolicy.new, # AuthnPolicy | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Patch Authentication Policy + result = api_instance.authnpolicies_patch(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AuthenticationPoliciesApi->authnpolicies_patch: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AuthenticationPoliciesApi.new +opts = { + body: JCAPIv2::AuthnPolicy.new, # AuthnPolicy | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create an Authentication Policy + result = api_instance.authnpolicies_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AuthenticationPoliciesApi->authnpolicies_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +opts = { + body: [JCAPIv2::BulkUserExpire.new], # Array | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Bulk Expire Users + result = api_instance.bulk_user_expires(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_user_expires: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +opts = { + body: JCAPIv2::BulkScheduledStatechangeCreate.new, # BulkScheduledStatechangeCreate | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create Scheduled Userstate Job + result = api_instance.bulk_user_states_create(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_user_states_create: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +id = 'id_example' # String | Unique identifier of the scheduled statechange job. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete Scheduled Userstate Job + api_instance.bulk_user_states_delete(id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_user_states_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +users = ['users_example'] # Array | A list of system user IDs, limited to 100 items. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #Get the next scheduled state change for a list of users + result = api_instance.bulk_user_states_get_next_scheduled(users, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_user_states_get_next_scheduled: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + userid: 'userid_example' # String | The systemuser id to filter by. +} + +begin + #List Scheduled Userstate Change Jobs + result = api_instance.bulk_user_states_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_user_states_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +opts = { + body: [JCAPIv2::BulkUserUnlock.new], # Array | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Bulk Unlock Users + result = api_instance.bulk_user_unlocks(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_user_unlocks: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +opts = { + body: [JCAPIv2::BulkUserCreate.new], # Array | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + creation_source: 'jumpcloud:bulk' # String | Defines the creation-source header for gapps, o365 and workdays requests. If the header isn't sent, the default value is `jumpcloud:bulk`, if you send the header with a malformed value you receive a 400 error. +} + +begin + #Bulk Users Create + result = api_instance.bulk_users_create(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_users_create: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +job_id = 'job_id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Bulk Users Results + result = api_instance.bulk_users_create_results(job_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_users_create_results: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +opts = { + body: [JCAPIv2::BulkUserUpdate.new], # Array | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Bulk Users Update + result = api_instance.bulk_users_update(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_users_update: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CommandResultsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List all Command Results by Workflow + result = api_instance.commands_list_results_by_workflow(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CommandResultsApi->commands_list_results_by_workflow: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CommandsApi.new +workflow_instance_id = 'workflow_instance_id_example' # String | Workflow instance Id of the queued commands to cancel. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Cancel all queued commands for an organization by workflow instance Id + api_instance.commands_cancel_queued_commands_by_workflow_instance_id(workflow_instance_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling CommandsApi->commands_cancel_queued_commands_by_workflow_instance_id: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CommandsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + search: 'search_example' # String | The search string to query records +} + +begin + #Fetch the queued Commands for an Organization + result = api_instance.commands_get_queued_commands_by_workflow(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CommandsApi->commands_get_queued_commands_by_workflow: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CommandsApi.new +command_id = 'command_id_example' # String | ObjectID of the Command. +targets = ['targets_example'] # Array | Targets which a \"command\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Command + result = api_instance.graph_command_associations_list(command_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CommandsApi->graph_command_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CommandsApi.new +command_id = 'command_id_example' # String | ObjectID of the Command. +opts = { + body: JCAPIv2::GraphOperationCommand.new, # GraphOperationCommand | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a Command + api_instance.graph_command_associations_post(command_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling CommandsApi->graph_command_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CommandsApi.new +command_id = 'command_id_example' # String | ObjectID of the Command. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Command + result = api_instance.graph_command_traverse_system(command_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CommandsApi->graph_command_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CommandsApi.new +command_id = 'command_id_example' # String | ObjectID of the Command. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a Command + result = api_instance.graph_command_traverse_system_group(command_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CommandsApi->graph_command_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CustomEmailsApi.new +opts = { + body: JCAPIv2::CustomEmail.new, # CustomEmail | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create custom email configuration + result = api_instance.custom_emails_create(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CustomEmailsApi->custom_emails_create: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CustomEmailsApi.new +custom_email_type = 'custom_email_type_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete custom email configuration + api_instance.custom_emails_destroy(custom_email_type, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling CustomEmailsApi->custom_emails_destroy: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CustomEmailsApi.new + +begin + #List custom email templates + result = api_instance.custom_emails_get_templates + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CustomEmailsApi->custom_emails_get_templates: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CustomEmailsApi.new +custom_email_type = 'custom_email_type_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get custom email configuration + result = api_instance.custom_emails_read(custom_email_type, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CustomEmailsApi->custom_emails_read: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CustomEmailsApi.new +custom_email_type = 'custom_email_type_example' # String | +opts = { + body: JCAPIv2::CustomEmail.new, # CustomEmail | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update custom email configuration + result = api_instance.custom_emails_update(custom_email_type, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CustomEmailsApi->custom_emails_update: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::DirectoriesApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List All Directories + result = api_instance.directories_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling DirectoriesApi->directories_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::DuoApi.new +id = 'id_example' # String | ObjectID of the Duo Account +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete a Duo Account + result = api_instance.duo_account_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling DuoApi->duo_account_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::DuoApi.new +id = 'id_example' # String | ObjectID of the Duo Account +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get a Duo Acount + result = api_instance.duo_account_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling DuoApi->duo_account_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::DuoApi.new +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Duo Accounts + result = api_instance.duo_account_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling DuoApi->duo_account_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::DuoApi.new +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create Duo Account + result = api_instance.duo_account_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling DuoApi->duo_account_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::DuoApi.new +account_id = 'account_id_example' # String | +application_id = 'application_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete a Duo Application + result = api_instance.duo_application_delete(account_id, application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling DuoApi->duo_application_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::DuoApi.new +account_id = 'account_id_example' # String | +application_id = 'application_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get a Duo application + result = api_instance.duo_application_get(account_id, application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling DuoApi->duo_application_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::DuoApi.new +account_id = 'account_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Duo Applications + result = api_instance.duo_application_list(account_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling DuoApi->duo_application_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::DuoApi.new +account_id = 'account_id_example' # String | +opts = { + body: JCAPIv2::DuoApplicationReq.new, # DuoApplicationReq | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create Duo Application + result = api_instance.duo_application_post(account_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling DuoApi->duo_application_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::DuoApi.new +account_id = 'account_id_example' # String | +application_id = 'application_id_example' # String | +opts = { + body: JCAPIv2::DuoApplicationUpdateReq.new, # DuoApplicationUpdateReq | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update Duo Application + result = api_instance.duo_application_update(account_id, application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling DuoApi->duo_application_update: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::FdeApi.new +system_id = 'system_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get System FDE Key + result = api_instance.systems_get_fde_key(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling FdeApi->systems_get_fde_key: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::FeatureTrialsApi.new +feature_code = 'feature_code_example' # String | + + +begin + #Check current feature trial usage for a specific feature + result = api_instance.feature_trials_get_feature_trials(feature_code) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling FeatureTrialsApi->feature_trials_get_feature_trials: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'B' # String | Id for the specific Google Workspace directory sync integration instance. +domain_id = 'B' # String | Id for the domain. + + +begin + #Delete a domain from a Google Workspace integration instance + result = api_instance.gapps_domains_delete(gsuite_id, domain_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gapps_domains_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'B' # String | Id for the specific Google Workspace directory sync integration instance. +opts = { + domain: 'domain_example' # String | +} + +begin + #Add a domain to a Google Workspace integration instance + result = api_instance.gapps_domains_insert(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gapps_domains_insert: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'B' # String | Id for the specific Google Workspace directory sync integration instance.. +opts = { + limit: '100', # String | The number of records to return at once. Limited to 100. + skip: '0' # String | The offset into the records to return. +} + +begin + #List all domains configured for the Google Workspace integration instance + result = api_instance.gapps_domains_list(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gapps_domains_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. +targets = ['targets_example'] # Array | Targets which a \"g_suite\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a G Suite instance + result = api_instance.graph_g_suite_associations_list(gsuite_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->graph_g_suite_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. +opts = { + body: JCAPIv2::GraphOperationGSuite.new, # GraphOperationGSuite | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a G Suite instance + api_instance.graph_g_suite_associations_post(gsuite_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->graph_g_suite_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a G Suite instance + result = api_instance.graph_g_suite_traverse_user(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->graph_g_suite_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a G Suite instance + result = api_instance.graph_g_suite_traverse_user_group(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->graph_g_suite_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +id = 'id_example' # String | Unique identifier of the GSuite. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get G Suite + result = api_instance.gsuites_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gsuites_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | +opts = { + max_results: 56, # Integer | Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + order_by: 'order_by_example', # String | Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + page_token: 'page_token_example', # String | Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + query: 'query_example', # String | Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + sort_order: 'sort_order_example' # String | Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. +} + +begin + #Get a list of users in Jumpcloud format to import from a Google Workspace account. + result = api_instance.gsuites_list_import_jumpcloud_users(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gsuites_list_import_jumpcloud_users: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + max_results: 56, # Integer | Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + order_by: 'order_by_example', # String | Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + page_token: 'page_token_example', # String | Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + query: 'query_example', # String | Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + sort_order: 'sort_order_example' # String | Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. +} + +begin + #Get a list of users to import from a G Suite instance + result = api_instance.gsuites_list_import_users(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gsuites_list_import_users: #{e}" +end + +api_instance = JCAPIv2::GSuiteApi.new +id = 'id_example' # String | Unique identifier of the GSuite. +opts = { + body: JCAPIv2::Gsuite.new, # Gsuite | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update existing G Suite + result = api_instance.gsuites_patch(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gsuites_patch: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | +id = 'id_example' # String | + + +begin + #Deletes a G Suite translation rule + api_instance.translation_rules_g_suite_delete(gsuite_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->translation_rules_g_suite_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | +id = 'id_example' # String | + + +begin + #Gets a specific G Suite translation rule + result = api_instance.translation_rules_g_suite_get(gsuite_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->translation_rules_g_suite_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List all the G Suite Translation Rules + result = api_instance.translation_rules_g_suite_list(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->translation_rules_g_suite_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | +opts = { + body: JCAPIv2::GSuiteTranslationRuleRequest.new # GSuiteTranslationRuleRequest | +} + +begin + #Create a new G Suite Translation Rule + result = api_instance.translation_rules_g_suite_post(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->translation_rules_g_suite_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteImportApi.new +gsuite_id = 'gsuite_id_example' # String | +opts = { + max_results: 56, # Integer | Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + order_by: 'order_by_example', # String | Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + page_token: 'page_token_example', # String | Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + query: 'query_example', # String | Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + sort_order: 'sort_order_example' # String | Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. +} + +begin + #Get a list of users in Jumpcloud format to import from a Google Workspace account. + result = api_instance.gsuites_list_import_jumpcloud_users(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteImportApi->gsuites_list_import_jumpcloud_users: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteImportApi.new +gsuite_id = 'gsuite_id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + max_results: 56, # Integer | Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + order_by: 'order_by_example', # String | Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + page_token: 'page_token_example', # String | Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + query: 'query_example', # String | Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + sort_order: 'sort_order_example' # String | Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. +} + +begin + #Get a list of users to import from a G Suite instance + result = api_instance.gsuites_list_import_users(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteImportApi->gsuites_list_import_users: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = nil # Object | +device_id = 'B' # String | + + +begin + #Erase the Android Device + result = api_instance.devices_erase_device(body, device_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_erase_device: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +device_id = 'B' # String | + + +begin + #Get device + result = api_instance.devices_get_device(device_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_get_device: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +device_id = 'B' # String | + + +begin + #Get the policy JSON of a device + result = api_instance.devices_get_device_android_policy(device_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_get_device_android_policy: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +enterprise_object_id = 'B' # String | +opts = { + limit: '100', # String | The number of records to return at once. Limited to 100. + skip: '0', # String | The offset into the records to return. + filter: ['filter_example'] # Array | +} + +begin + #List devices + result = api_instance.devices_list_devices(enterprise_object_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_list_devices: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = nil # Object | +device_id = 'B' # String | + + +begin + #Lock device + result = api_instance.devices_lock_device(body, device_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_lock_device: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = nil # Object | +device_id = 'B' # String | + + +begin + #Reboot device + result = api_instance.devices_reboot_device(body, device_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_reboot_device: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = JCAPIv2::DeviceIdResetpasswordBody.new # DeviceIdResetpasswordBody | +device_id = 'B' # String | + + +begin + #Reset Password of a device + result = api_instance.devices_reset_password(body, device_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_reset_password: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenRequest.new # JumpcloudGoogleEmmCreateEnrollmentTokenRequest | + + +begin + #Create an enrollment token + result = api_instance.enrollment_tokens_create_enrollment_token(body) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enrollment_tokens_create_enrollment_token: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = JCAPIv2::JumpcloudGoogleEmmCreateEnterpriseRequest.new # JumpcloudGoogleEmmCreateEnterpriseRequest | + + +begin + #Create a Google Enterprise + result = api_instance.enterprises_create_enterprise(body) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enterprises_create_enterprise: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +enterprise_id = 'B' # String | + + +begin + #Delete a Google Enterprise + result = api_instance.enterprises_delete_enterprise(enterprise_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enterprises_delete_enterprise: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +enterprise_id = 'B' # String | + + +begin + #Test connection with Google + result = api_instance.enterprises_get_connection_status(enterprise_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enterprises_get_connection_status: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +opts = { + limit: '100', # String | The number of records to return at once. Limited to 100. + skip: '0' # String | The offset into the records to return. +} + +begin + #List Google Enterprises + result = api_instance.enterprises_list_enterprises(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enterprises_list_enterprises: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = JCAPIv2::EnterprisesEnterpriseIdBody.new # EnterprisesEnterpriseIdBody | +enterprise_id = 'B' # String | + + +begin + #Update a Google Enterprise + result = api_instance.enterprises_patch_enterprise(body, enterprise_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enterprises_patch_enterprise: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new + +begin + #Get a Signup URL to enroll Google enterprise + result = api_instance.signup_urls_create + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->signup_urls_create: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = JCAPIv2::JumpcloudGoogleEmmCreateWebTokenRequest.new # JumpcloudGoogleEmmCreateWebTokenRequest | + + +begin + #Get a web token to render Google Play iFrame + result = api_instance.web_tokens_create_web_token(body) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->web_tokens_create_web_token: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +activedirectory_id = 'activedirectory_id_example' # String | +targets = ['targets_example'] # Array | Targets which a \"active_directory\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of an Active Directory instance + result = api_instance.graph_active_directory_associations_list(activedirectory_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_active_directory_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +activedirectory_id = 'activedirectory_id_example' # String | +opts = { + body: JCAPIv2::GraphOperationActiveDirectory.new, # GraphOperationActiveDirectory | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of an Active Directory instance + api_instance.graph_active_directory_associations_post(activedirectory_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_active_directory_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +activedirectory_id = 'activedirectory_id_example' # String | ObjectID of the Active Directory instance. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the Users bound to an Active Directory instance + result = api_instance.graph_active_directory_traverse_user(activedirectory_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_active_directory_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +activedirectory_id = 'activedirectory_id_example' # String | ObjectID of the Active Directory instance. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to an Active Directory instance + result = api_instance.graph_active_directory_traverse_user_group(activedirectory_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_active_directory_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +targets = ['targets_example'] # Array | Targets which a \"application\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of an Application + result = api_instance.graph_application_associations_list(application_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_application_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + body: JCAPIv2::GraphOperationApplication.new, # GraphOperationApplication | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of an Application + api_instance.graph_application_associations_post(application_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_application_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to an Application + result = api_instance.graph_application_traverse_user(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_application_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to an Application + result = api_instance.graph_application_traverse_user_group(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_application_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +command_id = 'command_id_example' # String | ObjectID of the Command. +targets = ['targets_example'] # Array | Targets which a \"command\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Command + result = api_instance.graph_command_associations_list(command_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_command_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +command_id = 'command_id_example' # String | ObjectID of the Command. +opts = { + body: JCAPIv2::GraphOperationCommand.new, # GraphOperationCommand | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a Command + api_instance.graph_command_associations_post(command_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_command_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +command_id = 'command_id_example' # String | ObjectID of the Command. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Command + result = api_instance.graph_command_traverse_system(command_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_command_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +command_id = 'command_id_example' # String | ObjectID of the Command. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a Command + result = api_instance.graph_command_traverse_system_group(command_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_command_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. +targets = ['targets_example'] # Array | Targets which a \"g_suite\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a G Suite instance + result = api_instance.graph_g_suite_associations_list(gsuite_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_g_suite_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. +opts = { + body: JCAPIv2::GraphOperationGSuite.new, # GraphOperationGSuite | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a G Suite instance + api_instance.graph_g_suite_associations_post(gsuite_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_g_suite_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a G Suite instance + result = api_instance.graph_g_suite_traverse_user(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_g_suite_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a G Suite instance + result = api_instance.graph_g_suite_traverse_user_group(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_g_suite_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. +targets = ['targets_example'] # Array | Targets which a \"ldap_server\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a LDAP Server + result = api_instance.graph_ldap_server_associations_list(ldapserver_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_ldap_server_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. +opts = { + body: JCAPIv2::GraphOperationLdapServer.new, # GraphOperationLdapServer | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a LDAP Server + api_instance.graph_ldap_server_associations_post(ldapserver_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_ldap_server_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a LDAP Server + result = api_instance.graph_ldap_server_traverse_user(ldapserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_ldap_server_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a LDAP Server + result = api_instance.graph_ldap_server_traverse_user_group(ldapserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_ldap_server_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. +targets = ['targets_example'] # Array | Targets which a \"office_365\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of an Office 365 instance + result = api_instance.graph_office365_associations_list(office365_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_office365_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. +opts = { + body: JCAPIv2::GraphOperationOffice365.new, # GraphOperationOffice365 | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of an Office 365 instance + api_instance.graph_office365_associations_post(office365_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_office365_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 suite. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to an Office 365 instance + result = api_instance.graph_office365_traverse_user(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_office365_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 suite. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to an Office 365 instance + result = api_instance.graph_office365_traverse_user_group(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_office365_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Policy. +targets = ['targets_example'] # Array | Targets which a \"policy\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Policy + result = api_instance.graph_policy_associations_list(policy_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Policy. +opts = { + body: JCAPIv2::GraphOperationPolicy.new, # GraphOperationPolicy | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a Policy + api_instance.graph_policy_associations_post(policy_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +targets = ['targets_example'] # Array | Targets which a \"policy_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Policy Group. + result = api_instance.graph_policy_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_group_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::GraphOperationPolicyGroup.new, # GraphOperationPolicyGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a Policy Group + api_instance.graph_policy_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_group_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a Policy Group + result = api_instance.graph_policy_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_group_members_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::GraphOperationPolicyGroupMember.new, # GraphOperationPolicyGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a Policy Group + api_instance.graph_policy_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_group_members_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the Policy Group's membership + result = api_instance.graph_policy_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_group_membership: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Policy Group + result = api_instance.graph_policy_group_traverse_system(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_group_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to Policy Groups + result = api_instance.graph_policy_group_traverse_system_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_group_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Policy. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the parent Groups of a Policy + result = api_instance.graph_policy_member_of(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_member_of: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Command. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Policy + result = api_instance.graph_policy_traverse_system(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Command. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a Policy + result = api_instance.graph_policy_traverse_system_group(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +targets = ['targets_example'] # Array | Targets which a \"radius_server\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a RADIUS Server + result = api_instance.graph_radius_server_associations_list(radiusserver_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_radius_server_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +opts = { + body: JCAPIv2::GraphOperationRadiusServer.new, # GraphOperationRadiusServer | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a RADIUS Server + api_instance.graph_radius_server_associations_post(radiusserver_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_radius_server_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a RADIUS Server + result = api_instance.graph_radius_server_traverse_user(radiusserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_radius_server_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a RADIUS Server + result = api_instance.graph_radius_server_traverse_user_group(radiusserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_radius_server_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +targets = ['targets_example'] # Array | Targets which a \"software_app\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Software Application + result = api_instance.graph_softwareapps_associations_list(software_app_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_softwareapps_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + body: JCAPIv2::GraphOperationSoftwareApp.new, # GraphOperationSoftwareApp | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a software application. + api_instance.graph_softwareapps_associations_post(software_app_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_softwareapps_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Software App. + result = api_instance.graph_softwareapps_traverse_system(software_app_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_softwareapps_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a Software App. + result = api_instance.graph_softwareapps_traverse_system_group(software_app_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_softwareapps_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +targets = ['targets_example'] # Array | Targets which a \"system\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a System + result = api_instance.graph_system_associations_list(system_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + body: JCAPIv2::GraphOperationSystem.new, # GraphOperationSystem | + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage associations of a System + api_instance.graph_system_associations_post(system_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +targets = ['targets_example'] # Array | Targets which a \"system_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a System Group + result = api_instance.graph_system_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + body: JCAPIv2::GraphOperationSystemGroup.new, # GraphOperationSystemGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a System Group + api_instance.graph_system_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a System Group + result = api_instance.graph_system_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_members_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + body: JCAPIv2::GraphOperationSystemGroupMember.new, # GraphOperationSystemGroupMember | + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a System Group + api_instance.graph_system_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_members_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the System Group's membership + result = api_instance.graph_system_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_membership: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + details: 'details_example' # String | This will provide detail descriptive response for the request. +} + +begin + #List the Commands bound to a System Group + result = api_instance.graph_system_group_traverse_command(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_traverse_command: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policies bound to a System Group + result = api_instance.graph_system_group_traverse_policy(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_traverse_policy: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policy Groups bound to a System Group + result = api_instance.graph_system_group_traverse_policy_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_traverse_policy_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a System Group + result = api_instance.graph_system_group_traverse_user(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a System Group + result = api_instance.graph_system_group_traverse_user_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the parent Groups of a System + result = api_instance.graph_system_member_of(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_member_of: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + details: 'details_example' # String | This will provide detail descriptive response for the request. +} + +begin + #List the Commands bound to a System + result = api_instance.graph_system_traverse_command(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_traverse_command: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policies bound to a System + result = api_instance.graph_system_traverse_policy(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_traverse_policy: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policy Groups bound to a System + result = api_instance.graph_system_traverse_policy_group(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_traverse_policy_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a System + result = api_instance.graph_system_traverse_user(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a System + result = api_instance.graph_system_traverse_user_group(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +targets = ['targets_example'] # Array | Targets which a \"user\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a User + result = api_instance.graph_user_associations_list(user_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + body: JCAPIv2::GraphOperationUser.new, # GraphOperationUser | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a User + api_instance.graph_user_associations_post(user_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +targets = ['targets_example'] # Array | Targets which a \"user_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a User Group. + result = api_instance.graph_user_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + body: JCAPIv2::GraphOperationUserGroup.new, # GraphOperationUserGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a User Group + api_instance.graph_user_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a User Group + result = api_instance.graph_user_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_members_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + body: JCAPIv2::GraphOperationUserGroupMember.new, # GraphOperationUserGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a User Group + api_instance.graph_user_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_members_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the User Group's membership + result = api_instance.graph_user_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_membership: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Active Directories bound to a User Group + result = api_instance.graph_user_group_traverse_active_directory(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_traverse_active_directory: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Applications bound to a User Group + result = api_instance.graph_user_group_traverse_application(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_traverse_application: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Directories bound to a User Group + result = api_instance.graph_user_group_traverse_directory(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_traverse_directory: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the G Suite instances bound to a User Group + result = api_instance.graph_user_group_traverse_g_suite(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_traverse_g_suite: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the LDAP Servers bound to a User Group + result = api_instance.graph_user_group_traverse_ldap_server(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_traverse_ldap_server: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Office 365 instances bound to a User Group + result = api_instance.graph_user_group_traverse_office365(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_traverse_office365: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the RADIUS Servers bound to a User Group + result = api_instance.graph_user_group_traverse_radius_server(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_traverse_radius_server: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a User Group + result = api_instance.graph_user_group_traverse_system(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to User Groups + result = api_instance.graph_user_group_traverse_system_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_group_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the parent Groups of a User + result = api_instance.graph_user_member_of(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_member_of: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the Active Directory instances bound to a User + result = api_instance.graph_user_traverse_active_directory(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_traverse_active_directory: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Applications bound to a User + result = api_instance.graph_user_traverse_application(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_traverse_application: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Directories bound to a User + result = api_instance.graph_user_traverse_directory(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_traverse_directory: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the G Suite instances bound to a User + result = api_instance.graph_user_traverse_g_suite(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_traverse_g_suite: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the LDAP servers bound to a User + result = api_instance.graph_user_traverse_ldap_server(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_traverse_ldap_server: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Office 365 instances bound to a User + result = api_instance.graph_user_traverse_office365(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_traverse_office365: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the RADIUS Servers bound to a User + result = api_instance.graph_user_traverse_radius_server(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_traverse_radius_server: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a User + result = api_instance.graph_user_traverse_system(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a User + result = api_instance.graph_user_traverse_system_group(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_user_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the policy statuses for a system + result = api_instance.policystatuses_systems_list(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->policystatuses_systems_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GroupsApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + x_unfiltered_total_count: 56 # Integer | If provided in the request with any non-empty value, this header will be returned on the response populated with the total count of objects without filters taken into account +} + +begin + #List All Groups + result = api_instance.groups_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GroupsApi->groups_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete an IP list + result = api_instance.iplists_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get an IP list + result = api_instance.iplists_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + x_total_count: 56, # Integer | + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List IP Lists + result = api_instance.iplists_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::IPListRequest.new, # IPListRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update an IP list + result = api_instance.iplists_patch(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_patch: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +opts = { + body: JCAPIv2::IPListRequest.new, # IPListRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create IP List + result = api_instance.iplists_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::IPListRequest.new, # IPListRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Replace an IP list + result = api_instance.iplists_put(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_put: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ImageApi.new +application_id = 'application_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete application image + api_instance.applications_delete_logo(application_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ImageApi->applications_delete_logo: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::LDAPServersApi.new +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. +targets = ['targets_example'] # Array | Targets which a \"ldap_server\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a LDAP Server + result = api_instance.graph_ldap_server_associations_list(ldapserver_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling LDAPServersApi->graph_ldap_server_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::LDAPServersApi.new +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. +opts = { + body: JCAPIv2::GraphOperationLdapServer.new, # GraphOperationLdapServer | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a LDAP Server + api_instance.graph_ldap_server_associations_post(ldapserver_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling LDAPServersApi->graph_ldap_server_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::LDAPServersApi.new +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a LDAP Server + result = api_instance.graph_ldap_server_traverse_user(ldapserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling LDAPServersApi->graph_ldap_server_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::LDAPServersApi.new +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a LDAP Server + result = api_instance.graph_ldap_server_traverse_user_group(ldapserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling LDAPServersApi->graph_ldap_server_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::LDAPServersApi.new +id = 'id_example' # String | Unique identifier of the LDAP server. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get LDAP Server + result = api_instance.ldapservers_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling LDAPServersApi->ldapservers_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::LDAPServersApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List LDAP Servers + result = api_instance.ldapservers_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling LDAPServersApi->ldapservers_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::LDAPServersApi.new +id = 'id_example' # String | Unique identifier of the LDAP server. +opts = { + body: JCAPIv2::LdapserversIdBody.new, # LdapserversIdBody | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update existing LDAP server + result = api_instance.ldapservers_patch(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling LDAPServersApi->ldapservers_patch: #{e}" +end + +api_instance = JCAPIv2::LogosApi.new +id = 'id_example' # String | + + +begin + #Get the logo associated with the specified id + result = api_instance.logos_get(id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling LogosApi->logos_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::AdministratorOrganizationLinkReq.new # AdministratorOrganizationLinkReq | +} + +begin + #Allow Adminstrator access to an Organization. + result = api_instance.administrator_organizations_create_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->administrator_organizations_create_by_administrator: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Administrator and Organizations. + result = api_instance.administrator_organizations_list_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->administrator_organizations_list_by_administrator: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Organization and Administrators. + result = api_instance.administrator_organizations_list_by_organization(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->administrator_organizations_list_by_organization: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +administrator_id = 'administrator_id_example' # String | +id = 'id_example' # String | + + +begin + #Remove association between an Administrator and an Organization. + api_instance.administrator_organizations_remove_by_administrator(administrator_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->administrator_organizations_remove_by_administrator: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Deletes policy group template. + api_instance.policy_group_templates_delete(provider_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Gets a provider's policy group template. + result = api_instance.policy_group_templates_get(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Retrieve a configured policy template by id. + result = api_instance.policy_group_templates_get_configured_policy_template(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_get_configured_policy_template: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's policy group templates. + result = api_instance.policy_group_templates_list(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's configured policy templates. + result = api_instance.policy_group_templates_list_configured_policy_templates(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_list_configured_policy_templates: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Gets the list of members from a policy group template. + result = api_instance.policy_group_templates_list_members(provider_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_list_members: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::CreateOrganization.new # CreateOrganization | +} + +begin + #Create Provider Organization + result = api_instance.provider_organizations_create_org(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->provider_organizations_create_org: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | +opts = { + body: JCAPIv2::Organization.new # Organization | +} + +begin + #Update Provider Organization + result = api_instance.provider_organizations_update_org(provider_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->provider_organizations_update_org: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'] # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. +} + +begin + #Retrieve Provider + result = api_instance.providers_get_provider(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_get_provider: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort_ignore_case: ['sort_ignore_case_example'] # Array | The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List Provider Administrators + result = api_instance.providers_list_administrators(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_list_administrators: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort_ignore_case: ['sort_ignore_case_example'] # Array | The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List Provider Organizations + result = api_instance.providers_list_organizations(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_list_organizations: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::ProviderAdminReq.new # ProviderAdminReq | +} + +begin + #Create a new Provider Administrator + result = api_instance.providers_post_admins(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_post_admins: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Get all cases (Support/Feature requests) for provider + result = api_instance.providers_provider_list_case(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_provider_list_case: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Download a provider's invoice. + result = api_instance.providers_retrieve_invoice(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_retrieve_invoice: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10 # Integer | The number of records to return at once. Limited to 100. +} + +begin + #List a provider's invoices. + result = api_instance.providers_retrieve_invoices(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_retrieve_invoices: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'B' # String | Id for the specific M365/Azure AD directory sync integration instance. +domain_id = 'B' # String | ObjectID of the domain to be deleted. + + +begin + #Delete a domain from an Office 365 instance + result = api_instance.domains_delete(office365_id, domain_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->domains_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +body = JCAPIv2::Office365IdDomainsBody.new # Office365IdDomainsBody | +office365_id = 'B' # String | Id for the specific M365/Azure AD directory sync integration instance. + + +begin + #Add a domain to an Office 365 instance + result = api_instance.domains_insert(body, office365_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->domains_insert: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'B' # String | Id for the specific M365/Azure AD directory sync integration instance. +opts = { + limit: '100', # String | The number of records to return at once. Limited to 100. + skip: '0' # String | The offset into the records to return. +} + +begin + #List all domains configured for an Office 365 instance + result = api_instance.domains_list(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->domains_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. +targets = ['targets_example'] # Array | Targets which a \"office_365\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of an Office 365 instance + result = api_instance.graph_office365_associations_list(office365_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->graph_office365_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. +opts = { + body: JCAPIv2::GraphOperationOffice365.new, # GraphOperationOffice365 | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of an Office 365 instance + api_instance.graph_office365_associations_post(office365_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->graph_office365_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 suite. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to an Office 365 instance + result = api_instance.graph_office365_traverse_user(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->graph_office365_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 suite. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to an Office 365 instance + result = api_instance.graph_office365_traverse_user_group(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->graph_office365_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get Office 365 instance + result = api_instance.office365s_get(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->office365s_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | +opts = { + consistency_level: 'consistency_level_example', # String | Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers + top: 56, # Integer | Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. + skip_token: 'skip_token_example', # String | Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. + filter: 'filter_example', # String | Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + search: 'search_example', # String | Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + orderby: 'orderby_example', # String | Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + count: true # BOOLEAN | Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. +} + +begin + #Get a list of users to import from an Office 365 instance + result = api_instance.office365s_list_import_users(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->office365s_list_import_users: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. +opts = { + body: JCAPIv2::Office365.new, # Office365 | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update existing Office 365 instance. + result = api_instance.office365s_patch(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->office365s_patch: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | +id = 'id_example' # String | + + +begin + #Deletes a Office 365 translation rule + api_instance.translation_rules_office365_delete(office365_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->translation_rules_office365_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | +id = 'id_example' # String | + + +begin + #Gets a specific Office 365 translation rule + result = api_instance.translation_rules_office365_get(office365_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->translation_rules_office365_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List all the Office 365 Translation Rules + result = api_instance.translation_rules_office365_list(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->translation_rules_office365_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | +opts = { + body: JCAPIv2::Office365TranslationRuleRequest.new # Office365TranslationRuleRequest | +} + +begin + #Create a new Office 365 Translation Rule + result = api_instance.translation_rules_office365_post(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->translation_rules_office365_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365ImportApi.new +office365_id = 'office365_id_example' # String | +opts = { + consistency_level: 'consistency_level_example', # String | Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers + top: 56, # Integer | Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. + skip_token: 'skip_token_example', # String | Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. + filter: 'filter_example', # String | Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + search: 'search_example', # String | Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + orderby: 'orderby_example', # String | Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + count: true # BOOLEAN | Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. +} + +begin + #Get a list of users to import from an Office 365 instance + result = api_instance.office365s_list_import_users(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365ImportApi->office365s_list_import_users: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::OrganizationsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::AdministratorOrganizationLinkReq.new # AdministratorOrganizationLinkReq | +} + +begin + #Allow Adminstrator access to an Organization. + result = api_instance.administrator_organizations_create_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling OrganizationsApi->administrator_organizations_create_by_administrator: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::OrganizationsApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Administrator and Organizations. + result = api_instance.administrator_organizations_list_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling OrganizationsApi->administrator_organizations_list_by_administrator: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::OrganizationsApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Organization and Administrators. + result = api_instance.administrator_organizations_list_by_organization(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling OrganizationsApi->administrator_organizations_list_by_organization: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::OrganizationsApi.new +administrator_id = 'administrator_id_example' # String | +id = 'id_example' # String | + + +begin + #Remove association between an Administrator and an Organization. + api_instance.administrator_organizations_remove_by_administrator(administrator_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling OrganizationsApi->administrator_organizations_remove_by_administrator: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::OrganizationsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Get all cases (Support/Feature requests) for organization + result = api_instance.organizations_org_list_cases(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling OrganizationsApi->organizations_org_list_cases: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PasswordManagerApi.new +uuid = 'uuid_example' # String | + + +begin + result = api_instance.device_service_get_device(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PasswordManagerApi->device_service_get_device: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PasswordManagerApi.new +opts = { + limit: 56, # Integer | + skip: 56, # Integer | + sort: 'sort_example', # String | + fields: ['fields_example'], # Array | + filter: ['filter_example'] # Array | +} + +begin + result = api_instance.device_service_list_devices(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PasswordManagerApi->device_service_list_devices: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Policy. +targets = ['targets_example'] # Array | Targets which a \"policy\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Policy + result = api_instance.graph_policy_associations_list(policy_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->graph_policy_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Policy. +opts = { + body: JCAPIv2::GraphOperationPolicy.new, # GraphOperationPolicy | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a Policy + api_instance.graph_policy_associations_post(policy_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->graph_policy_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Policy. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the parent Groups of a Policy + result = api_instance.graph_policy_member_of(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->graph_policy_member_of: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Command. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Policy + result = api_instance.graph_policy_traverse_system(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->graph_policy_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Command. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a Policy + result = api_instance.graph_policy_traverse_system_group(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->graph_policy_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +id = 'id_example' # String | ObjectID of the Policy object. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Deletes a Policy + api_instance.policies_delete(id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policies_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +id = 'id_example' # String | ObjectID of the Policy object. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Gets a specific Policy. + result = api_instance.policies_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policies_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Lists all the Policies + result = api_instance.policies_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policies_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +opts = { + body: JCAPIv2::PolicyRequest.new, # PolicyRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create a new Policy + result = api_instance.policies_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policies_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +id = 'id_example' # String | ObjectID of the Policy object. +opts = { + body: JCAPIv2::PolicyRequest.new, # PolicyRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update an existing Policy + result = api_instance.policies_put(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policies_put: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +id = 'id_example' # String | ObjectID of the Policy Result. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get a specific Policy Result. + result = api_instance.policyresults_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policyresults_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +policy_id = 'policy_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Lists all the policy results of a policy. + result = api_instance.policyresults_list(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policyresults_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Lists all of the policy results for an organization. + result = api_instance.policyresults_org_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policyresults_org_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +policy_id = 'policy_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Lists the latest policy results of a policy. + result = api_instance.policystatuses_policies_list(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policystatuses_policies_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the policy statuses for a system + result = api_instance.policystatuses_systems_list(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policystatuses_systems_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +id = 'id_example' # String | ObjectID of the Policy Template. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get a specific Policy Template + result = api_instance.policytemplates_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policytemplates_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Lists all of the Policy Templates + result = api_instance.policytemplates_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->policytemplates_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +targets = ['targets_example'] # Array | Targets which a \"policy_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Policy Group. + result = api_instance.graph_policy_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupAssociationsApi->graph_policy_group_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::GraphOperationPolicyGroup.new, # GraphOperationPolicyGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a Policy Group + api_instance.graph_policy_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupAssociationsApi->graph_policy_group_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Policy Group + result = api_instance.graph_policy_group_traverse_system(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupAssociationsApi->graph_policy_group_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to Policy Groups + result = api_instance.graph_policy_group_traverse_system_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupAssociationsApi->graph_policy_group_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a Policy Group + result = api_instance.graph_policy_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupMembersMembershipApi->graph_policy_group_members_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::GraphOperationPolicyGroupMember.new, # GraphOperationPolicyGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a Policy Group + api_instance.graph_policy_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupMembersMembershipApi->graph_policy_group_members_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the Policy Group's membership + result = api_instance.graph_policy_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupMembersMembershipApi->graph_policy_group_membership: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Deletes policy group template. + api_instance.policy_group_templates_delete(provider_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Gets a provider's policy group template. + result = api_instance.policy_group_templates_get(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Retrieve a configured policy template by id. + result = api_instance.policy_group_templates_get_configured_policy_template(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_get_configured_policy_template: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's policy group templates. + result = api_instance.policy_group_templates_list(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's configured policy templates. + result = api_instance.policy_group_templates_list_configured_policy_templates(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_list_configured_policy_templates: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Gets the list of members from a policy group template. + result = api_instance.policy_group_templates_list_members(provider_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_list_members: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +targets = ['targets_example'] # Array | Targets which a \"policy_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Policy Group. + result = api_instance.graph_policy_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::GraphOperationPolicyGroup.new, # GraphOperationPolicyGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a Policy Group + api_instance.graph_policy_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a Policy Group + result = api_instance.graph_policy_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_members_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::GraphOperationPolicyGroupMember.new, # GraphOperationPolicyGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a Policy Group + api_instance.graph_policy_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_members_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the Policy Group's membership + result = api_instance.graph_policy_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_membership: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Policy Group + result = api_instance.graph_policy_group_traverse_system(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to Policy Groups + result = api_instance.graph_policy_group_traverse_system_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +id = 'id_example' # String | ObjectID of the Policy Group. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete a Policy Group + result = api_instance.groups_policy_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->groups_policy_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +id = 'id_example' # String | ObjectID of the Policy Group. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #View an individual Policy Group details + result = api_instance.groups_policy_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->groups_policy_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List all Policy Groups + result = api_instance.groups_policy_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->groups_policy_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +opts = { + body: JCAPIv2::PolicyGroupData.new, # PolicyGroupData | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create a new Policy Group + result = api_instance.groups_policy_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->groups_policy_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +id = 'id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::PolicyGroupData.new, # PolicyGroupData | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update a Policy Group + result = api_instance.groups_policy_put(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->groups_policy_put: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicytemplatesApi.new +id = 'id_example' # String | ObjectID of the Policy Template. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get a specific Policy Template + result = api_instance.policytemplates_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicytemplatesApi->policytemplates_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicytemplatesApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Lists all of the Policy Templates + result = api_instance.policytemplates_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicytemplatesApi->policytemplates_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::AutotaskIntegrationReq.new # AutotaskIntegrationReq | +} + +begin + #Creates a new Autotask integration for the provider + result = api_instance.autotask_create_configuration(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_create_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Delete Autotask Integration + api_instance.autotask_delete_configuration(uuid) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_delete_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Autotask Integration Configuration + result = api_instance.autotask_get_configuration(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_get_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::AutotaskMappingRequest.new # AutotaskMappingRequest | +} + +begin + #Create, edit, and/or delete Autotask Mappings + result = api_instance.autotask_patch_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_patch_mappings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::AutotaskSettingsPatchReq.new # AutotaskSettingsPatchReq | +} + +begin + #Create, edit, and/or delete Autotask Integration settings + result = api_instance.autotask_patch_settings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_patch_settings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all Autotask ticketing alert configuration options for a provider + result = api_instance.autotask_retrieve_all_alert_configuration_options(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_all_alert_configuration_options: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all Autotask ticketing alert configurations for a provider + result = api_instance.autotask_retrieve_all_alert_configurations(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_all_alert_configurations: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Autotask Companies + result = api_instance.autotask_retrieve_companies(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_companies: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Autotask Company Types + result = api_instance.autotask_retrieve_company_types(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_company_types: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Autotask Contracts + result = api_instance.autotask_retrieve_contracts(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_contracts: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Autotask Contract Fields + result = api_instance.autotask_retrieve_contracts_fields(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_contracts_fields: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Autotask mappings + result = api_instance.autotask_retrieve_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_mappings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Autotask Contract Services + result = api_instance.autotask_retrieve_services(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_services: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Autotask Integration settings + result = api_instance.autotask_retrieve_settings(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_settings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +alert_uuid = 'alert_uuid_example' # String | +opts = { + body: JCAPIv2::AutotaskTicketingAlertConfigurationRequest.new # AutotaskTicketingAlertConfigurationRequest | +} + +begin + #Update an Autotask ticketing alert's configuration + result = api_instance.autotask_update_alert_configuration(provider_id, alert_uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_update_alert_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::AutotaskIntegrationPatchReq.new # AutotaskIntegrationPatchReq | +} + +begin + #Update Autotask Integration configuration + result = api_instance.autotask_update_configuration(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_update_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'B' # String | + + +begin + #Retrieve contract for a Provider + result = api_instance.billing_get_contract(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->billing_get_contract: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'B' # String | + + +begin + #Retrieve billing details for a Provider + result = api_instance.billing_get_details(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->billing_get_details: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::ConnectwiseIntegrationReq.new # ConnectwiseIntegrationReq | +} + +begin + #Creates a new ConnectWise integration for the provider + result = api_instance.connectwise_create_configuration(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_create_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Delete ConnectWise Integration + api_instance.connectwise_delete_configuration(uuid) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_delete_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve ConnectWise Integration Configuration + result = api_instance.connectwise_get_configuration(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_get_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::ConnectWiseMappingRequest.new # ConnectWiseMappingRequest | +} + +begin + #Create, edit, and/or delete ConnectWise Mappings + result = api_instance.connectwise_patch_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_patch_mappings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::ConnectWiseSettingsPatchReq.new # ConnectWiseSettingsPatchReq | +} + +begin + #Create, edit, and/or delete ConnectWise Integration settings + result = api_instance.connectwise_patch_settings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_patch_settings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +agreement_id = 'agreement_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve ConnectWise Additions + result = api_instance.connectwise_retrieve_additions(uuid, agreement_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_additions: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve ConnectWise Agreements + result = api_instance.connectwise_retrieve_agreements(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_agreements: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all ConnectWise ticketing alert configuration options for a provider + result = api_instance.connectwise_retrieve_all_alert_configuration_options(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_all_alert_configuration_options: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all ConnectWise ticketing alert configurations for a provider + result = api_instance.connectwise_retrieve_all_alert_configurations(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_all_alert_configurations: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve ConnectWise Companies + result = api_instance.connectwise_retrieve_companies(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_companies: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve ConnectWise Company Types + result = api_instance.connectwise_retrieve_company_types(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_company_types: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve ConnectWise mappings + result = api_instance.connectwise_retrieve_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_mappings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve ConnectWise Integration settings + result = api_instance.connectwise_retrieve_settings(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_settings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +alert_uuid = 'alert_uuid_example' # String | +opts = { + body: JCAPIv2::ConnectWiseTicketingAlertConfigurationRequest.new # ConnectWiseTicketingAlertConfigurationRequest | +} + +begin + #Update a ConnectWise ticketing alert's configuration + result = api_instance.connectwise_update_alert_configuration(provider_id, alert_uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_update_alert_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::ConnectwiseIntegrationPatchReq.new # ConnectwiseIntegrationPatchReq | +} + +begin + #Update ConnectWise Integration configuration + result = api_instance.connectwise_update_configuration(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_update_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all ticketing alerts available for a provider's ticketing integration. + result = api_instance.mtp_integration_retrieve_alerts(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->mtp_integration_retrieve_alerts: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +integration_type = 'integration_type_example' # String | + + +begin + #Retrieve Recent Integration Sync Errors + result = api_instance.mtp_integration_retrieve_sync_errors(uuid, integration_type) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->mtp_integration_retrieve_sync_errors: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Deletes policy group template. + api_instance.policy_group_templates_delete(provider_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Gets a provider's policy group template. + result = api_instance.policy_group_templates_get(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Retrieve a configured policy template by id. + result = api_instance.policy_group_templates_get_configured_policy_template(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_get_configured_policy_template: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's policy group templates. + result = api_instance.policy_group_templates_list(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's configured policy templates. + result = api_instance.policy_group_templates_list_configured_policy_templates(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_list_configured_policy_templates: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Gets the list of members from a policy group template. + result = api_instance.policy_group_templates_list_members(provider_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_list_members: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::CreateOrganization.new # CreateOrganization | +} + +begin + #Create Provider Organization + result = api_instance.provider_organizations_create_org(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->provider_organizations_create_org: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | +opts = { + body: JCAPIv2::Organization.new # Organization | +} + +begin + #Update Provider Organization + result = api_instance.provider_organizations_update_org(provider_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->provider_organizations_update_org: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'] # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. +} + +begin + #Retrieve Provider + result = api_instance.providers_get_provider(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_get_provider: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort_ignore_case: ['sort_ignore_case_example'] # Array | The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List Provider Administrators + result = api_instance.providers_list_administrators(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_list_administrators: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort_ignore_case: ['sort_ignore_case_example'] # Array | The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List Provider Organizations + result = api_instance.providers_list_organizations(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_list_organizations: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::ProviderAdminReq.new # ProviderAdminReq | +} + +begin + #Create a new Provider Administrator + result = api_instance.providers_post_admins(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_post_admins: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Get all cases (Support/Feature requests) for provider + result = api_instance.providers_provider_list_case(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_provider_list_case: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Delete Provider Administrator + api_instance.providers_remove_administrator(provider_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_remove_administrator: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Integrations for Provider + result = api_instance.providers_retrieve_integrations(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_retrieve_integrations: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Download a provider's invoice. + result = api_instance.providers_retrieve_invoice(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_retrieve_invoice: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10 # Integer | The number of records to return at once. Limited to 100. +} + +begin + #List a provider's invoices. + result = api_instance.providers_retrieve_invoices(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_retrieve_invoices: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::SyncroIntegrationReq.new # SyncroIntegrationReq | +} + +begin + #Creates a new Syncro integration for the provider + result = api_instance.syncro_create_configuration(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_create_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Delete Syncro Integration + api_instance.syncro_delete_configuration(uuid) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_delete_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Syncro Integration Configuration + result = api_instance.syncro_get_configuration(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_get_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::SyncroMappingRequest.new # SyncroMappingRequest | +} + +begin + #Create, edit, and/or delete Syncro Mappings + result = api_instance.syncro_patch_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_patch_mappings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::SyncroSettingsPatchReq.new # SyncroSettingsPatchReq | +} + +begin + #Create, edit, and/or delete Syncro Integration settings + result = api_instance.syncro_patch_settings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_patch_settings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all Syncro ticketing alert configuration options for a provider + result = api_instance.syncro_retrieve_all_alert_configuration_options(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_retrieve_all_alert_configuration_options: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all Syncro ticketing alert configurations for a provider + result = api_instance.syncro_retrieve_all_alert_configurations(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_retrieve_all_alert_configurations: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Syncro billing mappings dependencies + result = api_instance.syncro_retrieve_billing_mapping_configuration_options(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_retrieve_billing_mapping_configuration_options: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Syncro Companies + result = api_instance.syncro_retrieve_companies(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_retrieve_companies: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Syncro mappings + result = api_instance.syncro_retrieve_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_retrieve_mappings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Syncro Integration settings + result = api_instance.syncro_retrieve_settings(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_retrieve_settings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +alert_uuid = 'alert_uuid_example' # String | +opts = { + body: JCAPIv2::SyncroTicketingAlertConfigurationRequest.new # SyncroTicketingAlertConfigurationRequest | +} + +begin + #Update a Syncro ticketing alert's configuration + result = api_instance.syncro_update_alert_configuration(provider_id, alert_uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_update_alert_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::SyncroIntegrationPatchReq.new # SyncroIntegrationPatchReq | +} + +begin + #Update Syncro Integration configuration + result = api_instance.syncro_update_configuration(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_update_configuration: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::RADIUSServersApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +targets = ['targets_example'] # Array | Targets which a \"radius_server\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a RADIUS Server + result = api_instance.graph_radius_server_associations_list(radiusserver_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling RADIUSServersApi->graph_radius_server_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::RADIUSServersApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +opts = { + body: JCAPIv2::GraphOperationRadiusServer.new, # GraphOperationRadiusServer | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a RADIUS Server + api_instance.graph_radius_server_associations_post(radiusserver_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling RADIUSServersApi->graph_radius_server_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::RADIUSServersApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a RADIUS Server + result = api_instance.graph_radius_server_traverse_user(radiusserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling RADIUSServersApi->graph_radius_server_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::RADIUSServersApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a RADIUS Server + result = api_instance.graph_radius_server_traverse_user_group(radiusserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling RADIUSServersApi->graph_radius_server_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SCIMImportApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + filter: 'filter_example', # String | Filter users by a search term + query: 'query_example', # String | URL query to merge with the service provider request + sort: 'sort_example', # String | Sort users by supported fields + sort_order: 'asc', # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #Get a list of users to import from an Application IdM service provider + result = api_instance.import_users(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SCIMImportApi->import_users: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SambaDomainsApi.new +ldapserver_id = 'ldapserver_id_example' # String | Unique identifier of the LDAP server. +id = 'id_example' # String | Unique identifier of the samba domain. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete Samba Domain + result = api_instance.ldapservers_samba_domains_delete(ldapserver_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SambaDomainsApi->ldapservers_samba_domains_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SambaDomainsApi.new +ldapserver_id = 'ldapserver_id_example' # String | Unique identifier of the LDAP server. +id = 'id_example' # String | Unique identifier of the samba domain. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get Samba Domain + result = api_instance.ldapservers_samba_domains_get(ldapserver_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SambaDomainsApi->ldapservers_samba_domains_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SambaDomainsApi.new +ldapserver_id = 'ldapserver_id_example' # String | Unique identifier of the LDAP server. +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Samba Domains + result = api_instance.ldapservers_samba_domains_list(ldapserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SambaDomainsApi->ldapservers_samba_domains_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SambaDomainsApi.new +ldapserver_id = 'ldapserver_id_example' # String | Unique identifier of the LDAP server. +opts = { + body: JCAPIv2::SambaDomain.new, # SambaDomain | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create Samba Domain + result = api_instance.ldapservers_samba_domains_post(ldapserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SambaDomainsApi->ldapservers_samba_domains_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SambaDomainsApi.new +ldapserver_id = 'ldapserver_id_example' # String | Unique identifier of the LDAP server. +id = 'id_example' # String | Unique identifier of the samba domain. +opts = { + body: JCAPIv2::SambaDomain.new # SambaDomain | +} + +begin + #Update Samba Domain + result = api_instance.ldapservers_samba_domains_put(ldapserver_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SambaDomainsApi->ldapservers_samba_domains_put: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +targets = ['targets_example'] # Array | Targets which a \"software_app\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Software Application + result = api_instance.graph_softwareapps_associations_list(software_app_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->graph_softwareapps_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + body: JCAPIv2::GraphOperationSoftwareApp.new, # GraphOperationSoftwareApp | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a software application. + api_instance.graph_softwareapps_associations_post(software_app_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->graph_softwareapps_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Software App. + result = api_instance.graph_softwareapps_traverse_system(software_app_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->graph_softwareapps_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a Software App. + result = api_instance.graph_softwareapps_traverse_system_group(software_app_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->graph_softwareapps_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Get the status of the provided Software Application + result = api_instance.software_app_statuses_list(software_app_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_app_statuses_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete a configured Software Application + api_instance.software_apps_delete(id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Retrieve a configured Software Application. + result = api_instance.software_apps_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Get all configured Software Applications. + result = api_instance.software_apps_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +opts = { + body: JCAPIv2::SoftwareApp.new, # SoftwareApp | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create a Software Application that will be managed by JumpCloud. + result = api_instance.software_apps_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | + + +begin + #Reclaim Licenses for a Software Application. + result = api_instance.software_apps_reclaim_licenses(software_app_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_reclaim_licenses: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +body = JCAPIv2::SoftwareAppsRetryInstallationRequest.new # SoftwareAppsRetryInstallationRequest | +software_app_id = 'software_app_id_example' # String | + + +begin + #Retry Installation for a Software Application + api_instance.software_apps_retry_installation(body, software_app_id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_retry_installation: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::SoftwareApp.new, # SoftwareApp | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update a Software Application Configuration. + result = api_instance.software_apps_update(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_update: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +body = JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageRequest.new # JumpcloudPackageValidatorValidateApplicationInstallPackageRequest | + + +begin + #Validate Installation Packages + result = api_instance.validator_validate_application_install_package(body) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->validator_validate_application_install_package: #{e}" +end + +api_instance = JCAPIv2::SubscriptionsApi.new + +begin + #Lists all the Pricing & Packaging Subscriptions + result = api_instance.subscriptions_get + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SubscriptionsApi->subscriptions_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +targets = ['targets_example'] # Array | Targets which a \"system_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a System Group + result = api_instance.graph_system_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + body: JCAPIv2::GraphOperationSystemGroup.new, # GraphOperationSystemGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a System Group + api_instance.graph_system_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + details: 'details_example' # String | This will provide detail descriptive response for the request. +} + +begin + #List the Commands bound to a System Group + result = api_instance.graph_system_group_traverse_command(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_command: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policies bound to a System Group + result = api_instance.graph_system_group_traverse_policy(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_policy: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policy Groups bound to a System Group + result = api_instance.graph_system_group_traverse_policy_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_policy_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a System Group + result = api_instance.graph_system_group_traverse_user(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a System Group + result = api_instance.graph_system_group_traverse_user_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a System Group + result = api_instance.graph_system_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupMembersMembershipApi->graph_system_group_members_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + body: JCAPIv2::GraphOperationSystemGroupMember.new, # GraphOperationSystemGroupMember | + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a System Group + api_instance.graph_system_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupMembersMembershipApi->graph_system_group_members_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the System Group's membership + result = api_instance.graph_system_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupMembersMembershipApi->graph_system_group_membership: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +targets = ['targets_example'] # Array | Targets which a \"system_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a System Group + result = api_instance.graph_system_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->graph_system_group_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + body: JCAPIv2::GraphOperationSystemGroup.new, # GraphOperationSystemGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a System Group + api_instance.graph_system_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->graph_system_group_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a System Group + result = api_instance.graph_system_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->graph_system_group_members_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + body: JCAPIv2::GraphOperationSystemGroupMember.new, # GraphOperationSystemGroupMember | + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a System Group + api_instance.graph_system_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->graph_system_group_members_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the System Group's membership + result = api_instance.graph_system_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->graph_system_group_membership: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policies bound to a System Group + result = api_instance.graph_system_group_traverse_policy(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->graph_system_group_traverse_policy: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policy Groups bound to a System Group + result = api_instance.graph_system_group_traverse_policy_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->graph_system_group_traverse_policy_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a System Group + result = api_instance.graph_system_group_traverse_user(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->graph_system_group_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a System Group + result = api_instance.graph_system_group_traverse_user_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->graph_system_group_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +id = 'id_example' # String | ObjectID of the System Group. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete a System Group + result = api_instance.groups_system_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->groups_system_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +id = 'id_example' # String | ObjectID of the System Group. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #View an individual System Group details + result = api_instance.groups_system_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->groups_system_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List all System Groups + result = api_instance.groups_system_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->groups_system_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +opts = { + body: JCAPIv2::SystemGroupPost.new, # SystemGroupPost | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create a new System Group + result = api_instance.groups_system_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->groups_system_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +id = 'id_example' # String | ObjectID of the System Group. +opts = { + body: JCAPIv2::SystemGroupPut.new, # SystemGroupPut | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update a System Group + result = api_instance.groups_system_put(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->groups_system_put: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ID of the group +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List Suggestions for a System Group + result = api_instance.groups_system_suggestions_get(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->groups_system_suggestions_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupsApi.new +body = JCAPIv2::GroupIdSuggestionsBody.new # GroupIdSuggestionsBody | +group_id = 'group_id_example' # String | ID of the group +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Apply Suggestions for a System Group + result = api_instance.groups_system_suggestions_post(body, group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->groups_system_suggestions_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + limit: 10 # Integer | +} + +begin + #List System Insights ALF + result = api_instance.systeminsights_list_alf(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_alf: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + limit: 10 # Integer | +} + +begin + #List System Insights ALF Exceptions + result = api_instance.systeminsights_list_alf_exceptions(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_alf_exceptions: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + limit: 10 # Integer | +} + +begin + #List System Insights ALF Explicit Authentications + result = api_instance.systeminsights_list_alf_explicit_auths(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_alf_explicit_auths: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Application Compatibility Shims + result = api_instance.systeminsights_list_appcompat_shims(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_appcompat_shims: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Apps + result = api_instance.systeminsights_list_apps(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_apps: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Authorized Keys + result = api_instance.systeminsights_list_authorized_keys(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_authorized_keys: #{e}" +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Azure Instance Metadata + result = api_instance.systeminsights_list_azure_instance_metadata(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_azure_instance_metadata: #{e}" +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Azure Instance Tags + result = api_instance.systeminsights_list_azure_instance_tags(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_azure_instance_tags: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Battery + result = api_instance.systeminsights_list_battery(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_battery: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Bitlocker Info + result = api_instance.systeminsights_list_bitlocker_info(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_bitlocker_info: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Browser Plugins + result = api_instance.systeminsights_list_browser_plugins(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_browser_plugins: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `common_name` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Certificates + result = api_instance.systeminsights_list_certificates(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_certificates: #{e}" +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Chassis Info + result = api_instance.systeminsights_list_chassis_info(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_chassis_info: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Chrome Extensions + result = api_instance.systeminsights_list_chrome_extensions(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_chrome_extensions: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Connectivity + result = api_instance.systeminsights_list_connectivity(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_connectivity: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Crashes + result = api_instance.systeminsights_list_crashes(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_crashes: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights CUPS Destinations + result = api_instance.systeminsights_list_cups_destinations(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_cups_destinations: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Disk Encryption + result = api_instance.systeminsights_list_disk_encryption(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_disk_encryption: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Disk Info + result = api_instance.systeminsights_list_disk_info(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_disk_info: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights DNS Resolvers + result = api_instance.systeminsights_list_dns_resolvers(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_dns_resolvers: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Etc Hosts + result = api_instance.systeminsights_list_etc_hosts(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_etc_hosts: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Firefox Addons + result = api_instance.systeminsights_list_firefox_addons(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_firefox_addons: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Groups + result = api_instance.systeminsights_list_groups(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_groups: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights IE Extensions + result = api_instance.systeminsights_list_ie_extensions(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_ie_extensions: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Interface Addresses + result = api_instance.systeminsights_list_interface_addresses(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_interface_addresses: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Interface Details + result = api_instance.systeminsights_list_interface_details(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_interface_details: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Kernel Info + result = api_instance.systeminsights_list_kernel_info(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_kernel_info: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Launchd + result = api_instance.systeminsights_list_launchd(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_launchd: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Linux Packages + result = api_instance.systeminsights_list_linux_packages(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_linux_packages: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Logged-In Users + result = api_instance.systeminsights_list_logged_in_users(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_logged_in_users: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Logical Drives + result = api_instance.systeminsights_list_logical_drives(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_logical_drives: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Managed Policies + result = api_instance.systeminsights_list_managed_policies(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_managed_policies: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Mounts + result = api_instance.systeminsights_list_mounts(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_mounts: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights OS Version + result = api_instance.systeminsights_list_os_version(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_os_version: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Patches + result = api_instance.systeminsights_list_patches(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_patches: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Programs + result = api_instance.systeminsights_list_programs(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_programs: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Python Packages + result = api_instance.systeminsights_list_python_packages(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_python_packages: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Safari Extensions + result = api_instance.systeminsights_list_safari_extensions(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_safari_extensions: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Scheduled Tasks + result = api_instance.systeminsights_list_scheduled_tasks(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_scheduled_tasks: #{e}" +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Secure Boot + result = api_instance.systeminsights_list_secureboot(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_secureboot: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Services + result = api_instance.systeminsights_list_services(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_services: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #LIst System Insights Shadow + result = api_instance.systeminsights_list_shadow(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_shadow: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Shared Folders + result = api_instance.systeminsights_list_shared_folders(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_shared_folders: #{e}" +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Shared Resources + result = api_instance.systeminsights_list_shared_resources(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_shared_resources: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Sharing Preferences + result = api_instance.systeminsights_list_sharing_preferences(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_sharing_preferences: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights SIP Config + result = api_instance.systeminsights_list_sip_config(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_sip_config: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Startup Items + result = api_instance.systeminsights_list_startup_items(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_startup_items: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `name` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights System Control + result = api_instance.systeminsights_list_system_controls(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_system_controls: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights System Info + result = api_instance.systeminsights_list_system_info(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_system_info: #{e}" +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights TPM Info + result = api_instance.systeminsights_list_tpm_info(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_tpm_info: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, gte, in. e.g: Filter for single value: `filter=field:gte:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Uptime + result = api_instance.systeminsights_list_uptime(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_uptime: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights USB Devices + result = api_instance.systeminsights_list_usb_devices(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_usb_devices: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights User Groups + result = api_instance.systeminsights_list_user_groups(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_user_groups: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights User SSH Keys + result = api_instance.systeminsights_list_user_ssh_keys(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_user_ssh_keys: #{e}" +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights User Assist + result = api_instance.systeminsights_list_userassist(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_userassist: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Users + result = api_instance.systeminsights_list_users(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_users: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights WiFi Networks + result = api_instance.systeminsights_list_wifi_networks(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_wifi_networks: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights WiFi Status + result = api_instance.systeminsights_list_wifi_status(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_wifi_status: #{e}" +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Windows Security Center + result = api_instance.systeminsights_list_windows_security_center(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_windows_security_center: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Windows Security Products + result = api_instance.systeminsights_list_windows_security_products(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_windows_security_products: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +targets = ['targets_example'] # Array | Targets which a \"system\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a System + result = api_instance.graph_system_associations_list(system_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->graph_system_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + body: JCAPIv2::GraphOperationSystem.new, # GraphOperationSystem | + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage associations of a System + api_instance.graph_system_associations_post(system_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->graph_system_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the parent Groups of a System + result = api_instance.graph_system_member_of(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->graph_system_member_of: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + details: 'details_example' # String | This will provide detail descriptive response for the request. +} + +begin + #List the Commands bound to a System + result = api_instance.graph_system_traverse_command(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->graph_system_traverse_command: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policies bound to a System + result = api_instance.graph_system_traverse_policy(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->graph_system_traverse_policy: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policy Groups bound to a System + result = api_instance.graph_system_traverse_policy_group(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->graph_system_traverse_policy_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a System + result = api_instance.graph_system_traverse_user(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->graph_system_traverse_user: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a System + result = api_instance.graph_system_traverse_user_group(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->graph_system_traverse_user_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get System FDE Key + result = api_instance.systems_get_fde_key(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->systems_get_fde_key: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List the associated Software Application Statuses of a System + result = api_instance.systems_list_software_apps_with_statuses(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->systems_list_software_apps_with_statuses: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsOrganizationSettingsApi.new +opts = { + organization_object_id: 'B' # String | +} + +begin + #Get the Sign In with JumpCloud Settings + result = api_instance.systems_org_settings_get_sign_in_with_jump_cloud_settings(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsOrganizationSettingsApi->systems_org_settings_get_sign_in_with_jump_cloud_settings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsOrganizationSettingsApi.new +body = JCAPIv2::DevicesSetSignInWithJumpCloudSettingsRequest.new # DevicesSetSignInWithJumpCloudSettingsRequest | + + +begin + #Set the Sign In with JumpCloud Settings + result = api_instance.systems_org_settings_set_sign_in_with_jump_cloud_settings(body) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsOrganizationSettingsApi->systems_org_settings_set_sign_in_with_jump_cloud_settings: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +targets = ['targets_example'] # Array | Targets which a \"user_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a User Group. + result = api_instance.graph_user_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + body: JCAPIv2::GraphOperationUserGroup.new, # GraphOperationUserGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a User Group + api_instance.graph_user_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Active Directories bound to a User Group + result = api_instance.graph_user_group_traverse_active_directory(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_active_directory: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Applications bound to a User Group + result = api_instance.graph_user_group_traverse_application(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_application: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Directories bound to a User Group + result = api_instance.graph_user_group_traverse_directory(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_directory: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the G Suite instances bound to a User Group + result = api_instance.graph_user_group_traverse_g_suite(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_g_suite: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the LDAP Servers bound to a User Group + result = api_instance.graph_user_group_traverse_ldap_server(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_ldap_server: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Office 365 instances bound to a User Group + result = api_instance.graph_user_group_traverse_office365(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_office365: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the RADIUS Servers bound to a User Group + result = api_instance.graph_user_group_traverse_radius_server(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_radius_server: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a User Group + result = api_instance.graph_user_group_traverse_system(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to User Groups + result = api_instance.graph_user_group_traverse_system_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a User Group + result = api_instance.graph_user_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupMembersMembershipApi->graph_user_group_members_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + body: JCAPIv2::GraphOperationUserGroupMember.new, # GraphOperationUserGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a User Group + api_instance.graph_user_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupMembersMembershipApi->graph_user_group_members_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the User Group's membership + result = api_instance.graph_user_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupMembersMembershipApi->graph_user_group_membership: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +targets = ['targets_example'] # Array | Targets which a \"user_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a User Group. + result = api_instance.graph_user_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + body: JCAPIv2::GraphOperationUserGroup.new, # GraphOperationUserGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a User Group + api_instance.graph_user_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a User Group + result = api_instance.graph_user_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_members_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + body: JCAPIv2::GraphOperationUserGroupMember.new, # GraphOperationUserGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a User Group + api_instance.graph_user_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_members_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the User Group's membership + result = api_instance.graph_user_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_membership: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Active Directories bound to a User Group + result = api_instance.graph_user_group_traverse_active_directory(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_traverse_active_directory: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Applications bound to a User Group + result = api_instance.graph_user_group_traverse_application(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_traverse_application: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Directories bound to a User Group + result = api_instance.graph_user_group_traverse_directory(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_traverse_directory: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the G Suite instances bound to a User Group + result = api_instance.graph_user_group_traverse_g_suite(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_traverse_g_suite: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the LDAP Servers bound to a User Group + result = api_instance.graph_user_group_traverse_ldap_server(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_traverse_ldap_server: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Office 365 instances bound to a User Group + result = api_instance.graph_user_group_traverse_office365(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_traverse_office365: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the RADIUS Servers bound to a User Group + result = api_instance.graph_user_group_traverse_radius_server(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_traverse_radius_server: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a User Group + result = api_instance.graph_user_group_traverse_system(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end -api_instance = JCAPIv2::ActiveDirectoryApi.new +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the User Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to User Groups + result = api_instance.graph_user_group_traverse_system_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->graph_user_group_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +id = 'id_example' # String | ObjectID of the User Group. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete a User Group + result = api_instance.groups_user_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->groups_user_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end -activedirectory_id = "activedirectory_id_example" # String | +api_instance = JCAPIv2::UserGroupsApi.new +id = 'id_example' # String | ObjectID of the User Group. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} -agent_id = "agent_id_example" # String | +begin + #View an individual User Group details + result = api_instance.groups_user_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->groups_user_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end -content_type = "application/json" # String | +api_instance = JCAPIv2::UserGroupsApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} -accept = "application/json" # String | +begin + #List all User Groups + result = api_instance.groups_user_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->groups_user_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::UserGroupsApi.new opts = { - x_org_id: "" # String | + body: JCAPIv2::UserGroupPost.new, # UserGroupPost | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Delete Active Directory Agent - api_instance.activedirectories_agents_delete(activedirectory_id, agent_id, content_type, accept, opts) + #Create a new User Group + result = api_instance.groups_user_post(opts) + p result rescue JCAPIv2::ApiError => e - puts "Exception when calling ActiveDirectoryApi->activedirectories_agents_delete: #{e}" + puts "Exception when calling UserGroupsApi->groups_user_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +id = 'id_example' # String | ObjectID of the User Group. +opts = { + body: JCAPIv2::UserGroupPut.new, # UserGroupPut | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update a User Group + result = api_instance.groups_user_put(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->groups_user_put: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ID of the group +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List Suggestions for a User Group + result = api_instance.groups_user_suggestions_get(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->groups_user_suggestions_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +body = JCAPIv2::GroupIdSuggestionsBody1.new # GroupIdSuggestionsBody1 | +group_id = 'group_id_example' # String | ID of the group +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Apply Suggestions for a User Group + result = api_instance.groups_user_suggestions_post(body, group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->groups_user_suggestions_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +targets = ['targets_example'] # Array | Targets which a \"user\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a User + result = api_instance.graph_user_associations_list(user_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_associations_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + body: JCAPIv2::GraphOperationUser.new, # GraphOperationUser | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a User + api_instance.graph_user_associations_post(user_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_associations_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the parent Groups of a User + result = api_instance.graph_user_member_of(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_member_of: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the Active Directory instances bound to a User + result = api_instance.graph_user_traverse_active_directory(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_traverse_active_directory: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Applications bound to a User + result = api_instance.graph_user_traverse_application(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_traverse_application: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Directories bound to a User + result = api_instance.graph_user_traverse_directory(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_traverse_directory: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the G Suite instances bound to a User + result = api_instance.graph_user_traverse_g_suite(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_traverse_g_suite: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the LDAP servers bound to a User + result = api_instance.graph_user_traverse_ldap_server(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_traverse_ldap_server: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Office 365 instances bound to a User + result = api_instance.graph_user_traverse_office365(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_traverse_office365: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' end +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the RADIUS Servers bound to a User + result = api_instance.graph_user_traverse_radius_server(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_traverse_radius_server: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a User + result = api_instance.graph_user_traverse_system(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_traverse_system: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a User + result = api_instance.graph_user_traverse_system_group(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_traverse_system_group: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | +push_endpoint_id = 'push_endpoint_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete a Push Endpoint associated with a User + result = api_instance.push_endpoints_delete(user_id, push_endpoint_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->push_endpoints_delete: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | +push_endpoint_id = 'push_endpoint_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get a push endpoint associated with a User + result = api_instance.push_endpoints_get(user_id, push_endpoint_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->push_endpoints_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Push Endpoints associated with a User + result = api_instance.push_endpoints_list(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->push_endpoints_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | +push_endpoint_id = 'push_endpoint_id_example' # String | +opts = { + body: JCAPIv2::PushendpointsPushEndpointIdBody.new, # PushendpointsPushEndpointIdBody | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update a push endpoint associated with a User + result = api_instance.push_endpoints_patch(user_id, push_endpoint_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->push_endpoints_patch: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::WorkdayImportApi.new +workday_id = 'workday_id_example' # String | +opts = { + body: JCAPIv2::AuthInputObject.new, # AuthInputObject | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Authorize Workday + api_instance.workdays_authorize(workday_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling WorkdayImportApi->workdays_authorize: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::WorkdayImportApi.new +workday_id = 'workday_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Deauthorize Workday + api_instance.workdays_deauthorize(workday_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling WorkdayImportApi->workdays_deauthorize: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::WorkdayImportApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get Workday + result = api_instance.workdays_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling WorkdayImportApi->workdays_get: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::WorkdayImportApi.new +workday_id = 'workday_id_example' # String | +opts = { + body: [JCAPIv2::BulkUserCreate.new], # Array | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Workday Import + result = api_instance.workdays_import(workday_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling WorkdayImportApi->workdays_import: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::WorkdayImportApi.new +id = 'id_example' # String | +job_id = 'job_id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Import Results + result = api_instance.workdays_importresults(id, job_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling WorkdayImportApi->workdays_importresults: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::WorkdayImportApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Workdays + result = api_instance.workdays_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling WorkdayImportApi->workdays_list: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::WorkdayImportApi.new +opts = { + body: JCAPIv2::WorkdayInput.new, # WorkdayInput | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create new Workday + result = api_instance.workdays_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling WorkdayImportApi->workdays_post: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::WorkdayImportApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::WorkdayFields.new, # WorkdayFields | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update Workday + result = api_instance.workdays_put(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling WorkdayImportApi->workdays_put: #{e}" +end +# Setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::WorkdayImportApi.new +workday_id = 'workday_id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Workday Workers + result = api_instance.workdays_workers(workday_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling WorkdayImportApi->workdays_workers: #{e}" +end ``` ## Documentation for API Endpoints @@ -93,35 +12498,70 @@ Class | Method | HTTP request | Description *JCAPIv2::ActiveDirectoryApi* | [**activedirectories_post**](docs/ActiveDirectoryApi.md#activedirectories_post) | **POST** /activedirectories | Create a new Active Directory *JCAPIv2::ActiveDirectoryApi* | [**graph_active_directory_associations_list**](docs/ActiveDirectoryApi.md#graph_active_directory_associations_list) | **GET** /activedirectories/{activedirectory_id}/associations | List the associations of an Active Directory instance *JCAPIv2::ActiveDirectoryApi* | [**graph_active_directory_associations_post**](docs/ActiveDirectoryApi.md#graph_active_directory_associations_post) | **POST** /activedirectories/{activedirectory_id}/associations | Manage the associations of an Active Directory instance +*JCAPIv2::ActiveDirectoryApi* | [**graph_active_directory_traverse_user**](docs/ActiveDirectoryApi.md#graph_active_directory_traverse_user) | **GET** /activedirectories/{activedirectory_id}/users | List the Users bound to an Active Directory instance *JCAPIv2::ActiveDirectoryApi* | [**graph_active_directory_traverse_user_group**](docs/ActiveDirectoryApi.md#graph_active_directory_traverse_user_group) | **GET** /activedirectories/{activedirectory_id}/usergroups | List the User Groups bound to an Active Directory instance -*JCAPIv2::AppleMDMApi* | [**applemdms_delete**](docs/AppleMDMApi.md#applemdms_delete) | **DELETE** /applemdms/{apple_mdm_id} | Delete an Apple MDM +*JCAPIv2::AdministratorsApi* | [**administrator_organizations_create_by_administrator**](docs/AdministratorsApi.md#administrator_organizations_create_by_administrator) | **POST** /administrators/{id}/organizationlinks | Allow Adminstrator access to an Organization. +*JCAPIv2::AdministratorsApi* | [**administrator_organizations_list_by_administrator**](docs/AdministratorsApi.md#administrator_organizations_list_by_administrator) | **GET** /administrators/{id}/organizationlinks | List the association links between an Administrator and Organizations. +*JCAPIv2::AdministratorsApi* | [**administrator_organizations_list_by_organization**](docs/AdministratorsApi.md#administrator_organizations_list_by_organization) | **GET** /organizations/{id}/administratorlinks | List the association links between an Organization and Administrators. +*JCAPIv2::AdministratorsApi* | [**administrator_organizations_remove_by_administrator**](docs/AdministratorsApi.md#administrator_organizations_remove_by_administrator) | **DELETE** /administrators/{administrator_id}/organizationlinks/{id} | Remove association between an Administrator and an Organization. +*JCAPIv2::AppleMDMApi* | [**applemdms_csrget**](docs/AppleMDMApi.md#applemdms_csrget) | **GET** /applemdms/{apple_mdm_id}/csr | Get Apple MDM CSR Plist +*JCAPIv2::AppleMDMApi* | [**applemdms_delete**](docs/AppleMDMApi.md#applemdms_delete) | **DELETE** /applemdms/{id} | Delete an Apple MDM +*JCAPIv2::AppleMDMApi* | [**applemdms_deletedevice**](docs/AppleMDMApi.md#applemdms_deletedevice) | **DELETE** /applemdms/{apple_mdm_id}/devices/{device_id} | Remove an Apple MDM Device's Enrollment +*JCAPIv2::AppleMDMApi* | [**applemdms_depkeyget**](docs/AppleMDMApi.md#applemdms_depkeyget) | **GET** /applemdms/{apple_mdm_id}/depkey | Get Apple MDM DEP Public Key +*JCAPIv2::AppleMDMApi* | [**applemdms_devices_clear_activation_lock**](docs/AppleMDMApi.md#applemdms_devices_clear_activation_lock) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/clearActivationLock | Clears the Activation Lock for a Device +*JCAPIv2::AppleMDMApi* | [**applemdms_devices_os_update_status**](docs/AppleMDMApi.md#applemdms_devices_os_update_status) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/osUpdateStatus | Request the status of an OS update for a device +*JCAPIv2::AppleMDMApi* | [**applemdms_devices_refresh_activation_lock_information**](docs/AppleMDMApi.md#applemdms_devices_refresh_activation_lock_information) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/refreshActivationLockInformation | Refresh activation lock information for a device +*JCAPIv2::AppleMDMApi* | [**applemdms_devices_schedule_os_update**](docs/AppleMDMApi.md#applemdms_devices_schedule_os_update) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/scheduleOSUpdate | Schedule an OS update for a device +*JCAPIv2::AppleMDMApi* | [**applemdms_deviceserase**](docs/AppleMDMApi.md#applemdms_deviceserase) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/erase | Erase Device +*JCAPIv2::AppleMDMApi* | [**applemdms_deviceslist**](docs/AppleMDMApi.md#applemdms_deviceslist) | **GET** /applemdms/{apple_mdm_id}/devices | List AppleMDM Devices +*JCAPIv2::AppleMDMApi* | [**applemdms_deviceslock**](docs/AppleMDMApi.md#applemdms_deviceslock) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/lock | Lock Device +*JCAPIv2::AppleMDMApi* | [**applemdms_devicesrestart**](docs/AppleMDMApi.md#applemdms_devicesrestart) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/restart | Restart Device +*JCAPIv2::AppleMDMApi* | [**applemdms_devicesshutdown**](docs/AppleMDMApi.md#applemdms_devicesshutdown) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/shutdown | Shut Down Device +*JCAPIv2::AppleMDMApi* | [**applemdms_enrollmentprofilesget**](docs/AppleMDMApi.md#applemdms_enrollmentprofilesget) | **GET** /applemdms/{apple_mdm_id}/enrollmentprofiles/{id} | Get an Apple MDM Enrollment Profile +*JCAPIv2::AppleMDMApi* | [**applemdms_enrollmentprofileslist**](docs/AppleMDMApi.md#applemdms_enrollmentprofileslist) | **GET** /applemdms/{apple_mdm_id}/enrollmentprofiles | List Apple MDM Enrollment Profiles +*JCAPIv2::AppleMDMApi* | [**applemdms_getdevice**](docs/AppleMDMApi.md#applemdms_getdevice) | **GET** /applemdms/{apple_mdm_id}/devices/{device_id} | Details of an AppleMDM Device *JCAPIv2::AppleMDMApi* | [**applemdms_list**](docs/AppleMDMApi.md#applemdms_list) | **GET** /applemdms | List Apple MDMs -*JCAPIv2::AppleMDMApi* | [**applemdms_post**](docs/AppleMDMApi.md#applemdms_post) | **POST** /applemdms | Create Apple MDM -*JCAPIv2::AppleMDMApi* | [**applemdms_put**](docs/AppleMDMApi.md#applemdms_put) | **PUT** /applemdms/{apple_mdm_id} | Update an Apple MDM -*JCAPIv2::AppleMDMApi* | [**enrollmentprofiles_get**](docs/AppleMDMApi.md#enrollmentprofiles_get) | **GET** /applemdms/{apple_mdm_id}/enrollmentprofiles/{enrollment_profile_id} | Get an Apple MDM Enrollment Profile -*JCAPIv2::AppleMDMApi* | [**enrollmentprofiles_list**](docs/AppleMDMApi.md#enrollmentprofiles_list) | **GET** /applemdms/{apple_mdm_id}/enrollmentprofiles | List Apple MDM Enrollment Profiles +*JCAPIv2::AppleMDMApi* | [**applemdms_put**](docs/AppleMDMApi.md#applemdms_put) | **PUT** /applemdms/{id} | Update an Apple MDM +*JCAPIv2::AppleMDMApi* | [**applemdms_refreshdepdevices**](docs/AppleMDMApi.md#applemdms_refreshdepdevices) | **POST** /applemdms/{apple_mdm_id}/refreshdepdevices | Refresh DEP Devices +*JCAPIv2::ApplicationsApi* | [**applications_delete_logo**](docs/ApplicationsApi.md#applications_delete_logo) | **DELETE** /applications/{application_id}/logo | Delete application image +*JCAPIv2::ApplicationsApi* | [**applications_get**](docs/ApplicationsApi.md#applications_get) | **GET** /applications/{application_id} | Get an Application +*JCAPIv2::ApplicationsApi* | [**applications_post_logo**](docs/ApplicationsApi.md#applications_post_logo) | **POST** /applications/{application_id}/logo | Save application logo *JCAPIv2::ApplicationsApi* | [**graph_application_associations_list**](docs/ApplicationsApi.md#graph_application_associations_list) | **GET** /applications/{application_id}/associations | List the associations of an Application *JCAPIv2::ApplicationsApi* | [**graph_application_associations_post**](docs/ApplicationsApi.md#graph_application_associations_post) | **POST** /applications/{application_id}/associations | Manage the associations of an Application *JCAPIv2::ApplicationsApi* | [**graph_application_traverse_user**](docs/ApplicationsApi.md#graph_application_traverse_user) | **GET** /applications/{application_id}/users | List the Users bound to an Application *JCAPIv2::ApplicationsApi* | [**graph_application_traverse_user_group**](docs/ApplicationsApi.md#graph_application_traverse_user_group) | **GET** /applications/{application_id}/usergroups | List the User Groups bound to an Application +*JCAPIv2::ApplicationsApi* | [**import_create**](docs/ApplicationsApi.md#import_create) | **POST** /applications/{application_id}/import/jobs | Create an import job +*JCAPIv2::ApplicationsApi* | [**import_users**](docs/ApplicationsApi.md#import_users) | **GET** /applications/{application_id}/import/users | Get a list of users to import from an Application IdM service provider +*JCAPIv2::AuthenticationPoliciesApi* | [**authnpolicies_delete**](docs/AuthenticationPoliciesApi.md#authnpolicies_delete) | **DELETE** /authn/policies/{id} | Delete Authentication Policy +*JCAPIv2::AuthenticationPoliciesApi* | [**authnpolicies_get**](docs/AuthenticationPoliciesApi.md#authnpolicies_get) | **GET** /authn/policies/{id} | Get an authentication policy +*JCAPIv2::AuthenticationPoliciesApi* | [**authnpolicies_list**](docs/AuthenticationPoliciesApi.md#authnpolicies_list) | **GET** /authn/policies | List Authentication Policies +*JCAPIv2::AuthenticationPoliciesApi* | [**authnpolicies_patch**](docs/AuthenticationPoliciesApi.md#authnpolicies_patch) | **PATCH** /authn/policies/{id} | Patch Authentication Policy +*JCAPIv2::AuthenticationPoliciesApi* | [**authnpolicies_post**](docs/AuthenticationPoliciesApi.md#authnpolicies_post) | **POST** /authn/policies | Create an Authentication Policy +*JCAPIv2::BulkJobRequestsApi* | [**bulk_user_expires**](docs/BulkJobRequestsApi.md#bulk_user_expires) | **POST** /bulk/user/expires | Bulk Expire Users +*JCAPIv2::BulkJobRequestsApi* | [**bulk_user_states_create**](docs/BulkJobRequestsApi.md#bulk_user_states_create) | **POST** /bulk/userstates | Create Scheduled Userstate Job +*JCAPIv2::BulkJobRequestsApi* | [**bulk_user_states_delete**](docs/BulkJobRequestsApi.md#bulk_user_states_delete) | **DELETE** /bulk/userstates/{id} | Delete Scheduled Userstate Job +*JCAPIv2::BulkJobRequestsApi* | [**bulk_user_states_get_next_scheduled**](docs/BulkJobRequestsApi.md#bulk_user_states_get_next_scheduled) | **GET** /bulk/userstates/eventlist/next | Get the next scheduled state change for a list of users +*JCAPIv2::BulkJobRequestsApi* | [**bulk_user_states_list**](docs/BulkJobRequestsApi.md#bulk_user_states_list) | **GET** /bulk/userstates | List Scheduled Userstate Change Jobs +*JCAPIv2::BulkJobRequestsApi* | [**bulk_user_unlocks**](docs/BulkJobRequestsApi.md#bulk_user_unlocks) | **POST** /bulk/user/unlocks | Bulk Unlock Users *JCAPIv2::BulkJobRequestsApi* | [**bulk_users_create**](docs/BulkJobRequestsApi.md#bulk_users_create) | **POST** /bulk/users | Bulk Users Create *JCAPIv2::BulkJobRequestsApi* | [**bulk_users_create_results**](docs/BulkJobRequestsApi.md#bulk_users_create_results) | **GET** /bulk/users/{job_id}/results | List Bulk Users Results *JCAPIv2::BulkJobRequestsApi* | [**bulk_users_update**](docs/BulkJobRequestsApi.md#bulk_users_update) | **PATCH** /bulk/users | Bulk Users Update -*JCAPIv2::BulkJobRequestsApi* | [**jobs_get**](docs/BulkJobRequestsApi.md#jobs_get) | **GET** /jobs/{id} | Get Job (incomplete) -*JCAPIv2::BulkJobRequestsApi* | [**jobs_results**](docs/BulkJobRequestsApi.md#jobs_results) | **GET** /jobs/{id}/results | List Job Results +*JCAPIv2::CommandResultsApi* | [**commands_list_results_by_workflow**](docs/CommandResultsApi.md#commands_list_results_by_workflow) | **GET** /commandresult/workflows | List all Command Results by Workflow +*JCAPIv2::CommandsApi* | [**commands_cancel_queued_commands_by_workflow_instance_id**](docs/CommandsApi.md#commands_cancel_queued_commands_by_workflow_instance_id) | **DELETE** /commandqueue/{workflow_instance_id} | Cancel all queued commands for an organization by workflow instance Id +*JCAPIv2::CommandsApi* | [**commands_get_queued_commands_by_workflow**](docs/CommandsApi.md#commands_get_queued_commands_by_workflow) | **GET** /queuedcommand/workflows | Fetch the queued Commands for an Organization *JCAPIv2::CommandsApi* | [**graph_command_associations_list**](docs/CommandsApi.md#graph_command_associations_list) | **GET** /commands/{command_id}/associations | List the associations of a Command *JCAPIv2::CommandsApi* | [**graph_command_associations_post**](docs/CommandsApi.md#graph_command_associations_post) | **POST** /commands/{command_id}/associations | Manage the associations of a Command *JCAPIv2::CommandsApi* | [**graph_command_traverse_system**](docs/CommandsApi.md#graph_command_traverse_system) | **GET** /commands/{command_id}/systems | List the Systems bound to a Command *JCAPIv2::CommandsApi* | [**graph_command_traverse_system_group**](docs/CommandsApi.md#graph_command_traverse_system_group) | **GET** /commands/{command_id}/systemgroups | List the System Groups bound to a Command -*JCAPIv2::DefaultApi* | [**jc_enrollment_profiles_delete**](docs/DefaultApi.md#jc_enrollment_profiles_delete) | **DELETE** /enrollmentprofiles/{enrollment_profile_id} | Delete Enrollment Profile -*JCAPIv2::DefaultApi* | [**jc_enrollment_profiles_get**](docs/DefaultApi.md#jc_enrollment_profiles_get) | **GET** /enrollmentprofiles/{enrollment_profile_id} | Get Enrollment Profile -*JCAPIv2::DefaultApi* | [**jc_enrollment_profiles_list**](docs/DefaultApi.md#jc_enrollment_profiles_list) | **GET** /enrollmentprofiles | List Enrollment Profiles -*JCAPIv2::DefaultApi* | [**jc_enrollment_profiles_post**](docs/DefaultApi.md#jc_enrollment_profiles_post) | **POST** /enrollmentprofiles | Create new Enrollment Profile -*JCAPIv2::DefaultApi* | [**jc_enrollment_profiles_put**](docs/DefaultApi.md#jc_enrollment_profiles_put) | **PUT** /enrollmentprofiles/{enrollment_profile_id} | Update Enrollment Profile +*JCAPIv2::CustomEmailsApi* | [**custom_emails_create**](docs/CustomEmailsApi.md#custom_emails_create) | **POST** /customemails | Create custom email configuration +*JCAPIv2::CustomEmailsApi* | [**custom_emails_destroy**](docs/CustomEmailsApi.md#custom_emails_destroy) | **DELETE** /customemails/{custom_email_type} | Delete custom email configuration +*JCAPIv2::CustomEmailsApi* | [**custom_emails_get_templates**](docs/CustomEmailsApi.md#custom_emails_get_templates) | **GET** /customemail/templates | List custom email templates +*JCAPIv2::CustomEmailsApi* | [**custom_emails_read**](docs/CustomEmailsApi.md#custom_emails_read) | **GET** /customemails/{custom_email_type} | Get custom email configuration +*JCAPIv2::CustomEmailsApi* | [**custom_emails_update**](docs/CustomEmailsApi.md#custom_emails_update) | **PUT** /customemails/{custom_email_type} | Update custom email configuration *JCAPIv2::DirectoriesApi* | [**directories_list**](docs/DirectoriesApi.md#directories_list) | **GET** /directories | List All Directories *JCAPIv2::DuoApi* | [**duo_account_delete**](docs/DuoApi.md#duo_account_delete) | **DELETE** /duo/accounts/{id} | Delete a Duo Account *JCAPIv2::DuoApi* | [**duo_account_get**](docs/DuoApi.md#duo_account_get) | **GET** /duo/accounts/{id} | Get a Duo Acount -*JCAPIv2::DuoApi* | [**duo_account_list**](docs/DuoApi.md#duo_account_list) | **GET** /duo/accounts | List Duo Acounts +*JCAPIv2::DuoApi* | [**duo_account_list**](docs/DuoApi.md#duo_account_list) | **GET** /duo/accounts | List Duo Accounts *JCAPIv2::DuoApi* | [**duo_account_post**](docs/DuoApi.md#duo_account_post) | **POST** /duo/accounts | Create Duo Account *JCAPIv2::DuoApi* | [**duo_application_delete**](docs/DuoApi.md#duo_application_delete) | **DELETE** /duo/accounts/{account_id}/applications/{application_id} | Delete a Duo Application *JCAPIv2::DuoApi* | [**duo_application_get**](docs/DuoApi.md#duo_application_get) | **GET** /duo/accounts/{account_id}/applications/{application_id} | Get a Duo application @@ -129,16 +12569,39 @@ Class | Method | HTTP request | Description *JCAPIv2::DuoApi* | [**duo_application_post**](docs/DuoApi.md#duo_application_post) | **POST** /duo/accounts/{account_id}/applications | Create Duo Application *JCAPIv2::DuoApi* | [**duo_application_update**](docs/DuoApi.md#duo_application_update) | **PUT** /duo/accounts/{account_id}/applications/{application_id} | Update Duo Application *JCAPIv2::FdeApi* | [**systems_get_fde_key**](docs/FdeApi.md#systems_get_fde_key) | **GET** /systems/{system_id}/fdekey | Get System FDE Key +*JCAPIv2::FeatureTrialsApi* | [**feature_trials_get_feature_trials**](docs/FeatureTrialsApi.md#feature_trials_get_feature_trials) | **GET** /featureTrials/{feature_code} | Check current feature trial usage for a specific feature +*JCAPIv2::GSuiteApi* | [**gapps_domains_delete**](docs/GSuiteApi.md#gapps_domains_delete) | **DELETE** /gsuites/{gsuite_id}/domains/{domainId} | Delete a domain from a Google Workspace integration instance +*JCAPIv2::GSuiteApi* | [**gapps_domains_insert**](docs/GSuiteApi.md#gapps_domains_insert) | **POST** /gsuites/{gsuite_id}/domains | Add a domain to a Google Workspace integration instance +*JCAPIv2::GSuiteApi* | [**gapps_domains_list**](docs/GSuiteApi.md#gapps_domains_list) | **GET** /gsuites/{gsuite_id}/domains | List all domains configured for the Google Workspace integration instance *JCAPIv2::GSuiteApi* | [**graph_g_suite_associations_list**](docs/GSuiteApi.md#graph_g_suite_associations_list) | **GET** /gsuites/{gsuite_id}/associations | List the associations of a G Suite instance *JCAPIv2::GSuiteApi* | [**graph_g_suite_associations_post**](docs/GSuiteApi.md#graph_g_suite_associations_post) | **POST** /gsuites/{gsuite_id}/associations | Manage the associations of a G Suite instance *JCAPIv2::GSuiteApi* | [**graph_g_suite_traverse_user**](docs/GSuiteApi.md#graph_g_suite_traverse_user) | **GET** /gsuites/{gsuite_id}/users | List the Users bound to a G Suite instance *JCAPIv2::GSuiteApi* | [**graph_g_suite_traverse_user_group**](docs/GSuiteApi.md#graph_g_suite_traverse_user_group) | **GET** /gsuites/{gsuite_id}/usergroups | List the User Groups bound to a G Suite instance *JCAPIv2::GSuiteApi* | [**gsuites_get**](docs/GSuiteApi.md#gsuites_get) | **GET** /gsuites/{id} | Get G Suite +*JCAPIv2::GSuiteApi* | [**gsuites_list_import_jumpcloud_users**](docs/GSuiteApi.md#gsuites_list_import_jumpcloud_users) | **GET** /gsuites/{gsuite_id}/import/jumpcloudusers | Get a list of users in Jumpcloud format to import from a Google Workspace account. +*JCAPIv2::GSuiteApi* | [**gsuites_list_import_users**](docs/GSuiteApi.md#gsuites_list_import_users) | **GET** /gsuites/{gsuite_id}/import/users | Get a list of users to import from a G Suite instance *JCAPIv2::GSuiteApi* | [**gsuites_patch**](docs/GSuiteApi.md#gsuites_patch) | **PATCH** /gsuites/{id} | Update existing G Suite *JCAPIv2::GSuiteApi* | [**translation_rules_g_suite_delete**](docs/GSuiteApi.md#translation_rules_g_suite_delete) | **DELETE** /gsuites/{gsuite_id}/translationrules/{id} | Deletes a G Suite translation rule *JCAPIv2::GSuiteApi* | [**translation_rules_g_suite_get**](docs/GSuiteApi.md#translation_rules_g_suite_get) | **GET** /gsuites/{gsuite_id}/translationrules/{id} | Gets a specific G Suite translation rule *JCAPIv2::GSuiteApi* | [**translation_rules_g_suite_list**](docs/GSuiteApi.md#translation_rules_g_suite_list) | **GET** /gsuites/{gsuite_id}/translationrules | List all the G Suite Translation Rules *JCAPIv2::GSuiteApi* | [**translation_rules_g_suite_post**](docs/GSuiteApi.md#translation_rules_g_suite_post) | **POST** /gsuites/{gsuite_id}/translationrules | Create a new G Suite Translation Rule +*JCAPIv2::GSuiteImportApi* | [**gsuites_list_import_jumpcloud_users**](docs/GSuiteImportApi.md#gsuites_list_import_jumpcloud_users) | **GET** /gsuites/{gsuite_id}/import/jumpcloudusers | Get a list of users in Jumpcloud format to import from a Google Workspace account. +*JCAPIv2::GSuiteImportApi* | [**gsuites_list_import_users**](docs/GSuiteImportApi.md#gsuites_list_import_users) | **GET** /gsuites/{gsuite_id}/import/users | Get a list of users to import from a G Suite instance +*JCAPIv2::GoogleEMMApi* | [**devices_erase_device**](docs/GoogleEMMApi.md#devices_erase_device) | **POST** /google-emm/devices/{deviceId}/erase-device | Erase the Android Device +*JCAPIv2::GoogleEMMApi* | [**devices_get_device**](docs/GoogleEMMApi.md#devices_get_device) | **GET** /google-emm/devices/{deviceId} | Get device +*JCAPIv2::GoogleEMMApi* | [**devices_get_device_android_policy**](docs/GoogleEMMApi.md#devices_get_device_android_policy) | **GET** /google-emm/devices/{deviceId}/policy_results | Get the policy JSON of a device +*JCAPIv2::GoogleEMMApi* | [**devices_list_devices**](docs/GoogleEMMApi.md#devices_list_devices) | **GET** /google-emm/enterprises/{enterpriseObjectId}/devices | List devices +*JCAPIv2::GoogleEMMApi* | [**devices_lock_device**](docs/GoogleEMMApi.md#devices_lock_device) | **POST** /google-emm/devices/{deviceId}/lock | Lock device +*JCAPIv2::GoogleEMMApi* | [**devices_reboot_device**](docs/GoogleEMMApi.md#devices_reboot_device) | **POST** /google-emm/devices/{deviceId}/reboot | Reboot device +*JCAPIv2::GoogleEMMApi* | [**devices_reset_password**](docs/GoogleEMMApi.md#devices_reset_password) | **POST** /google-emm/devices/{deviceId}/resetpassword | Reset Password of a device +*JCAPIv2::GoogleEMMApi* | [**enrollment_tokens_create_enrollment_token**](docs/GoogleEMMApi.md#enrollment_tokens_create_enrollment_token) | **POST** /google-emm/enrollment-tokens | Create an enrollment token +*JCAPIv2::GoogleEMMApi* | [**enterprises_create_enterprise**](docs/GoogleEMMApi.md#enterprises_create_enterprise) | **POST** /google-emm/enterprises | Create a Google Enterprise +*JCAPIv2::GoogleEMMApi* | [**enterprises_delete_enterprise**](docs/GoogleEMMApi.md#enterprises_delete_enterprise) | **DELETE** /google-emm/enterprises/{enterpriseId} | Delete a Google Enterprise +*JCAPIv2::GoogleEMMApi* | [**enterprises_get_connection_status**](docs/GoogleEMMApi.md#enterprises_get_connection_status) | **GET** /google-emm/enterprises/{enterpriseId}/connection-status | Test connection with Google +*JCAPIv2::GoogleEMMApi* | [**enterprises_list_enterprises**](docs/GoogleEMMApi.md#enterprises_list_enterprises) | **GET** /google-emm/enterprises | List Google Enterprises +*JCAPIv2::GoogleEMMApi* | [**enterprises_patch_enterprise**](docs/GoogleEMMApi.md#enterprises_patch_enterprise) | **PATCH** /google-emm/enterprises/{enterpriseId} | Update a Google Enterprise +*JCAPIv2::GoogleEMMApi* | [**signup_urls_create**](docs/GoogleEMMApi.md#signup_urls_create) | **POST** /google-emm/signup-urls | Get a Signup URL to enroll Google enterprise +*JCAPIv2::GoogleEMMApi* | [**web_tokens_create_web_token**](docs/GoogleEMMApi.md#web_tokens_create_web_token) | **POST** /google-emm/web-tokens | Get a web token to render Google Play iFrame *JCAPIv2::GraphApi* | [**graph_active_directory_associations_list**](docs/GraphApi.md#graph_active_directory_associations_list) | **GET** /activedirectories/{activedirectory_id}/associations | List the associations of an Active Directory instance *JCAPIv2::GraphApi* | [**graph_active_directory_associations_post**](docs/GraphApi.md#graph_active_directory_associations_post) | **POST** /activedirectories/{activedirectory_id}/associations | Manage the associations of an Active Directory instance *JCAPIv2::GraphApi* | [**graph_active_directory_traverse_user**](docs/GraphApi.md#graph_active_directory_traverse_user) | **GET** /activedirectories/{activedirectory_id}/users | List the Users bound to an Active Directory instance @@ -165,34 +12628,46 @@ Class | Method | HTTP request | Description *JCAPIv2::GraphApi* | [**graph_office365_traverse_user_group**](docs/GraphApi.md#graph_office365_traverse_user_group) | **GET** /office365s/{office365_id}/usergroups | List the User Groups bound to an Office 365 instance *JCAPIv2::GraphApi* | [**graph_policy_associations_list**](docs/GraphApi.md#graph_policy_associations_list) | **GET** /policies/{policy_id}/associations | List the associations of a Policy *JCAPIv2::GraphApi* | [**graph_policy_associations_post**](docs/GraphApi.md#graph_policy_associations_post) | **POST** /policies/{policy_id}/associations | Manage the associations of a Policy +*JCAPIv2::GraphApi* | [**graph_policy_group_associations_list**](docs/GraphApi.md#graph_policy_group_associations_list) | **GET** /policygroups/{group_id}/associations | List the associations of a Policy Group. +*JCAPIv2::GraphApi* | [**graph_policy_group_associations_post**](docs/GraphApi.md#graph_policy_group_associations_post) | **POST** /policygroups/{group_id}/associations | Manage the associations of a Policy Group +*JCAPIv2::GraphApi* | [**graph_policy_group_members_list**](docs/GraphApi.md#graph_policy_group_members_list) | **GET** /policygroups/{group_id}/members | List the members of a Policy Group +*JCAPIv2::GraphApi* | [**graph_policy_group_members_post**](docs/GraphApi.md#graph_policy_group_members_post) | **POST** /policygroups/{group_id}/members | Manage the members of a Policy Group +*JCAPIv2::GraphApi* | [**graph_policy_group_membership**](docs/GraphApi.md#graph_policy_group_membership) | **GET** /policygroups/{group_id}/membership | List the Policy Group's membership +*JCAPIv2::GraphApi* | [**graph_policy_group_traverse_system**](docs/GraphApi.md#graph_policy_group_traverse_system) | **GET** /policygroups/{group_id}/systems | List the Systems bound to a Policy Group +*JCAPIv2::GraphApi* | [**graph_policy_group_traverse_system_group**](docs/GraphApi.md#graph_policy_group_traverse_system_group) | **GET** /policygroups/{group_id}/systemgroups | List the System Groups bound to Policy Groups +*JCAPIv2::GraphApi* | [**graph_policy_member_of**](docs/GraphApi.md#graph_policy_member_of) | **GET** /policies/{policy_id}/memberof | List the parent Groups of a Policy *JCAPIv2::GraphApi* | [**graph_policy_traverse_system**](docs/GraphApi.md#graph_policy_traverse_system) | **GET** /policies/{policy_id}/systems | List the Systems bound to a Policy *JCAPIv2::GraphApi* | [**graph_policy_traverse_system_group**](docs/GraphApi.md#graph_policy_traverse_system_group) | **GET** /policies/{policy_id}/systemgroups | List the System Groups bound to a Policy *JCAPIv2::GraphApi* | [**graph_radius_server_associations_list**](docs/GraphApi.md#graph_radius_server_associations_list) | **GET** /radiusservers/{radiusserver_id}/associations | List the associations of a RADIUS Server *JCAPIv2::GraphApi* | [**graph_radius_server_associations_post**](docs/GraphApi.md#graph_radius_server_associations_post) | **POST** /radiusservers/{radiusserver_id}/associations | Manage the associations of a RADIUS Server *JCAPIv2::GraphApi* | [**graph_radius_server_traverse_user**](docs/GraphApi.md#graph_radius_server_traverse_user) | **GET** /radiusservers/{radiusserver_id}/users | List the Users bound to a RADIUS Server *JCAPIv2::GraphApi* | [**graph_radius_server_traverse_user_group**](docs/GraphApi.md#graph_radius_server_traverse_user_group) | **GET** /radiusservers/{radiusserver_id}/usergroups | List the User Groups bound to a RADIUS Server +*JCAPIv2::GraphApi* | [**graph_softwareapps_associations_list**](docs/GraphApi.md#graph_softwareapps_associations_list) | **GET** /softwareapps/{software_app_id}/associations | List the associations of a Software Application +*JCAPIv2::GraphApi* | [**graph_softwareapps_associations_post**](docs/GraphApi.md#graph_softwareapps_associations_post) | **POST** /softwareapps/{software_app_id}/associations | Manage the associations of a software application. +*JCAPIv2::GraphApi* | [**graph_softwareapps_traverse_system**](docs/GraphApi.md#graph_softwareapps_traverse_system) | **GET** /softwareapps/{software_app_id}/systems | List the Systems bound to a Software App. +*JCAPIv2::GraphApi* | [**graph_softwareapps_traverse_system_group**](docs/GraphApi.md#graph_softwareapps_traverse_system_group) | **GET** /softwareapps/{software_app_id}/systemgroups | List the System Groups bound to a Software App. *JCAPIv2::GraphApi* | [**graph_system_associations_list**](docs/GraphApi.md#graph_system_associations_list) | **GET** /systems/{system_id}/associations | List the associations of a System *JCAPIv2::GraphApi* | [**graph_system_associations_post**](docs/GraphApi.md#graph_system_associations_post) | **POST** /systems/{system_id}/associations | Manage associations of a System *JCAPIv2::GraphApi* | [**graph_system_group_associations_list**](docs/GraphApi.md#graph_system_group_associations_list) | **GET** /systemgroups/{group_id}/associations | List the associations of a System Group *JCAPIv2::GraphApi* | [**graph_system_group_associations_post**](docs/GraphApi.md#graph_system_group_associations_post) | **POST** /systemgroups/{group_id}/associations | Manage the associations of a System Group -*JCAPIv2::GraphApi* | [**graph_system_group_member_of**](docs/GraphApi.md#graph_system_group_member_of) | **GET** /systemgroups/{group_id}/memberof | List the System Group's parents *JCAPIv2::GraphApi* | [**graph_system_group_members_list**](docs/GraphApi.md#graph_system_group_members_list) | **GET** /systemgroups/{group_id}/members | List the members of a System Group *JCAPIv2::GraphApi* | [**graph_system_group_members_post**](docs/GraphApi.md#graph_system_group_members_post) | **POST** /systemgroups/{group_id}/members | Manage the members of a System Group *JCAPIv2::GraphApi* | [**graph_system_group_membership**](docs/GraphApi.md#graph_system_group_membership) | **GET** /systemgroups/{group_id}/membership | List the System Group's membership *JCAPIv2::GraphApi* | [**graph_system_group_traverse_command**](docs/GraphApi.md#graph_system_group_traverse_command) | **GET** /systemgroups/{group_id}/commands | List the Commands bound to a System Group *JCAPIv2::GraphApi* | [**graph_system_group_traverse_policy**](docs/GraphApi.md#graph_system_group_traverse_policy) | **GET** /systemgroups/{group_id}/policies | List the Policies bound to a System Group +*JCAPIv2::GraphApi* | [**graph_system_group_traverse_policy_group**](docs/GraphApi.md#graph_system_group_traverse_policy_group) | **GET** /systemgroups/{group_id}/policygroups | List the Policy Groups bound to a System Group *JCAPIv2::GraphApi* | [**graph_system_group_traverse_user**](docs/GraphApi.md#graph_system_group_traverse_user) | **GET** /systemgroups/{group_id}/users | List the Users bound to a System Group *JCAPIv2::GraphApi* | [**graph_system_group_traverse_user_group**](docs/GraphApi.md#graph_system_group_traverse_user_group) | **GET** /systemgroups/{group_id}/usergroups | List the User Groups bound to a System Group *JCAPIv2::GraphApi* | [**graph_system_member_of**](docs/GraphApi.md#graph_system_member_of) | **GET** /systems/{system_id}/memberof | List the parent Groups of a System *JCAPIv2::GraphApi* | [**graph_system_traverse_command**](docs/GraphApi.md#graph_system_traverse_command) | **GET** /systems/{system_id}/commands | List the Commands bound to a System *JCAPIv2::GraphApi* | [**graph_system_traverse_policy**](docs/GraphApi.md#graph_system_traverse_policy) | **GET** /systems/{system_id}/policies | List the Policies bound to a System +*JCAPIv2::GraphApi* | [**graph_system_traverse_policy_group**](docs/GraphApi.md#graph_system_traverse_policy_group) | **GET** /systems/{system_id}/policygroups | List the Policy Groups bound to a System *JCAPIv2::GraphApi* | [**graph_system_traverse_user**](docs/GraphApi.md#graph_system_traverse_user) | **GET** /systems/{system_id}/users | List the Users bound to a System *JCAPIv2::GraphApi* | [**graph_system_traverse_user_group**](docs/GraphApi.md#graph_system_traverse_user_group) | **GET** /systems/{system_id}/usergroups | List the User Groups bound to a System *JCAPIv2::GraphApi* | [**graph_user_associations_list**](docs/GraphApi.md#graph_user_associations_list) | **GET** /users/{user_id}/associations | List the associations of a User *JCAPIv2::GraphApi* | [**graph_user_associations_post**](docs/GraphApi.md#graph_user_associations_post) | **POST** /users/{user_id}/associations | Manage the associations of a User *JCAPIv2::GraphApi* | [**graph_user_group_associations_list**](docs/GraphApi.md#graph_user_group_associations_list) | **GET** /usergroups/{group_id}/associations | List the associations of a User Group. *JCAPIv2::GraphApi* | [**graph_user_group_associations_post**](docs/GraphApi.md#graph_user_group_associations_post) | **POST** /usergroups/{group_id}/associations | Manage the associations of a User Group -*JCAPIv2::GraphApi* | [**graph_user_group_member_of**](docs/GraphApi.md#graph_user_group_member_of) | **GET** /usergroups/{group_id}/memberof | List the User Group's parents *JCAPIv2::GraphApi* | [**graph_user_group_members_list**](docs/GraphApi.md#graph_user_group_members_list) | **GET** /usergroups/{group_id}/members | List the members of a User Group *JCAPIv2::GraphApi* | [**graph_user_group_members_post**](docs/GraphApi.md#graph_user_group_members_post) | **POST** /usergroups/{group_id}/members | Manage the members of a User Group *JCAPIv2::GraphApi* | [**graph_user_group_membership**](docs/GraphApi.md#graph_user_group_membership) | **GET** /usergroups/{group_id}/membership | List the User Group's membership @@ -215,9 +12690,15 @@ Class | Method | HTTP request | Description *JCAPIv2::GraphApi* | [**graph_user_traverse_radius_server**](docs/GraphApi.md#graph_user_traverse_radius_server) | **GET** /users/{user_id}/radiusservers | List the RADIUS Servers bound to a User *JCAPIv2::GraphApi* | [**graph_user_traverse_system**](docs/GraphApi.md#graph_user_traverse_system) | **GET** /users/{user_id}/systems | List the Systems bound to a User *JCAPIv2::GraphApi* | [**graph_user_traverse_system_group**](docs/GraphApi.md#graph_user_traverse_system_group) | **GET** /users/{user_id}/systemgroups | List the System Groups bound to a User -*JCAPIv2::GraphApi* | [**policystatuses_list**](docs/GraphApi.md#policystatuses_list) | **GET** /systems/{system_id}/policystatuses | List the policy statuses for a system +*JCAPIv2::GraphApi* | [**policystatuses_systems_list**](docs/GraphApi.md#policystatuses_systems_list) | **GET** /systems/{system_id}/policystatuses | List the policy statuses for a system *JCAPIv2::GroupsApi* | [**groups_list**](docs/GroupsApi.md#groups_list) | **GET** /groups | List All Groups -*JCAPIv2::KnowledgeApi* | [**knowledge_salesforce_list**](docs/KnowledgeApi.md#knowledge_salesforce_list) | **GET** /knowledge/salesforce | List Knowledge Articles +*JCAPIv2::IPListsApi* | [**iplists_delete**](docs/IPListsApi.md#iplists_delete) | **DELETE** /iplists/{id} | Delete an IP list +*JCAPIv2::IPListsApi* | [**iplists_get**](docs/IPListsApi.md#iplists_get) | **GET** /iplists/{id} | Get an IP list +*JCAPIv2::IPListsApi* | [**iplists_list**](docs/IPListsApi.md#iplists_list) | **GET** /iplists | List IP Lists +*JCAPIv2::IPListsApi* | [**iplists_patch**](docs/IPListsApi.md#iplists_patch) | **PATCH** /iplists/{id} | Update an IP list +*JCAPIv2::IPListsApi* | [**iplists_post**](docs/IPListsApi.md#iplists_post) | **POST** /iplists | Create IP List +*JCAPIv2::IPListsApi* | [**iplists_put**](docs/IPListsApi.md#iplists_put) | **PUT** /iplists/{id} | Replace an IP list +*JCAPIv2::ImageApi* | [**applications_delete_logo**](docs/ImageApi.md#applications_delete_logo) | **DELETE** /applications/{application_id}/logo | Delete application image *JCAPIv2::LDAPServersApi* | [**graph_ldap_server_associations_list**](docs/LDAPServersApi.md#graph_ldap_server_associations_list) | **GET** /ldapservers/{ldapserver_id}/associations | List the associations of a LDAP Server *JCAPIv2::LDAPServersApi* | [**graph_ldap_server_associations_post**](docs/LDAPServersApi.md#graph_ldap_server_associations_post) | **POST** /ldapservers/{ldapserver_id}/associations | Manage the associations of a LDAP Server *JCAPIv2::LDAPServersApi* | [**graph_ldap_server_traverse_user**](docs/LDAPServersApi.md#graph_ldap_server_traverse_user) | **GET** /ldapservers/{ldapserver_id}/users | List the Users bound to a LDAP Server @@ -225,18 +12706,51 @@ Class | Method | HTTP request | Description *JCAPIv2::LDAPServersApi* | [**ldapservers_get**](docs/LDAPServersApi.md#ldapservers_get) | **GET** /ldapservers/{id} | Get LDAP Server *JCAPIv2::LDAPServersApi* | [**ldapservers_list**](docs/LDAPServersApi.md#ldapservers_list) | **GET** /ldapservers | List LDAP Servers *JCAPIv2::LDAPServersApi* | [**ldapservers_patch**](docs/LDAPServersApi.md#ldapservers_patch) | **PATCH** /ldapservers/{id} | Update existing LDAP server +*JCAPIv2::LogosApi* | [**logos_get**](docs/LogosApi.md#logos_get) | **GET** /logos/{id} | Get the logo associated with the specified id +*JCAPIv2::ManagedServiceProviderApi* | [**administrator_organizations_create_by_administrator**](docs/ManagedServiceProviderApi.md#administrator_organizations_create_by_administrator) | **POST** /administrators/{id}/organizationlinks | Allow Adminstrator access to an Organization. +*JCAPIv2::ManagedServiceProviderApi* | [**administrator_organizations_list_by_administrator**](docs/ManagedServiceProviderApi.md#administrator_organizations_list_by_administrator) | **GET** /administrators/{id}/organizationlinks | List the association links between an Administrator and Organizations. +*JCAPIv2::ManagedServiceProviderApi* | [**administrator_organizations_list_by_organization**](docs/ManagedServiceProviderApi.md#administrator_organizations_list_by_organization) | **GET** /organizations/{id}/administratorlinks | List the association links between an Organization and Administrators. +*JCAPIv2::ManagedServiceProviderApi* | [**administrator_organizations_remove_by_administrator**](docs/ManagedServiceProviderApi.md#administrator_organizations_remove_by_administrator) | **DELETE** /administrators/{administrator_id}/organizationlinks/{id} | Remove association between an Administrator and an Organization. +*JCAPIv2::ManagedServiceProviderApi* | [**policy_group_templates_delete**](docs/ManagedServiceProviderApi.md#policy_group_templates_delete) | **DELETE** /providers/{provider_id}/policygrouptemplates/{id} | Deletes policy group template. +*JCAPIv2::ManagedServiceProviderApi* | [**policy_group_templates_get**](docs/ManagedServiceProviderApi.md#policy_group_templates_get) | **GET** /providers/{provider_id}/policygrouptemplates/{id} | Gets a provider's policy group template. +*JCAPIv2::ManagedServiceProviderApi* | [**policy_group_templates_get_configured_policy_template**](docs/ManagedServiceProviderApi.md#policy_group_templates_get_configured_policy_template) | **GET** /providers/{provider_id}/configuredpolicytemplates/{id} | Retrieve a configured policy template by id. +*JCAPIv2::ManagedServiceProviderApi* | [**policy_group_templates_list**](docs/ManagedServiceProviderApi.md#policy_group_templates_list) | **GET** /providers/{provider_id}/policygrouptemplates | List a provider's policy group templates. +*JCAPIv2::ManagedServiceProviderApi* | [**policy_group_templates_list_configured_policy_templates**](docs/ManagedServiceProviderApi.md#policy_group_templates_list_configured_policy_templates) | **GET** /providers/{provider_id}/configuredpolicytemplates | List a provider's configured policy templates. +*JCAPIv2::ManagedServiceProviderApi* | [**policy_group_templates_list_members**](docs/ManagedServiceProviderApi.md#policy_group_templates_list_members) | **GET** /providers/{provider_id}/policygrouptemplates/{id}/members | Gets the list of members from a policy group template. +*JCAPIv2::ManagedServiceProviderApi* | [**provider_organizations_create_org**](docs/ManagedServiceProviderApi.md#provider_organizations_create_org) | **POST** /providers/{provider_id}/organizations | Create Provider Organization +*JCAPIv2::ManagedServiceProviderApi* | [**provider_organizations_update_org**](docs/ManagedServiceProviderApi.md#provider_organizations_update_org) | **PUT** /providers/{provider_id}/organizations/{id} | Update Provider Organization +*JCAPIv2::ManagedServiceProviderApi* | [**providers_get_provider**](docs/ManagedServiceProviderApi.md#providers_get_provider) | **GET** /providers/{provider_id} | Retrieve Provider +*JCAPIv2::ManagedServiceProviderApi* | [**providers_list_administrators**](docs/ManagedServiceProviderApi.md#providers_list_administrators) | **GET** /providers/{provider_id}/administrators | List Provider Administrators +*JCAPIv2::ManagedServiceProviderApi* | [**providers_list_organizations**](docs/ManagedServiceProviderApi.md#providers_list_organizations) | **GET** /providers/{provider_id}/organizations | List Provider Organizations +*JCAPIv2::ManagedServiceProviderApi* | [**providers_post_admins**](docs/ManagedServiceProviderApi.md#providers_post_admins) | **POST** /providers/{provider_id}/administrators | Create a new Provider Administrator +*JCAPIv2::ManagedServiceProviderApi* | [**providers_provider_list_case**](docs/ManagedServiceProviderApi.md#providers_provider_list_case) | **GET** /providers/{provider_id}/cases | Get all cases (Support/Feature requests) for provider +*JCAPIv2::ManagedServiceProviderApi* | [**providers_retrieve_invoice**](docs/ManagedServiceProviderApi.md#providers_retrieve_invoice) | **GET** /providers/{provider_id}/invoices/{ID} | Download a provider's invoice. +*JCAPIv2::ManagedServiceProviderApi* | [**providers_retrieve_invoices**](docs/ManagedServiceProviderApi.md#providers_retrieve_invoices) | **GET** /providers/{provider_id}/invoices | List a provider's invoices. +*JCAPIv2::Office365Api* | [**domains_delete**](docs/Office365Api.md#domains_delete) | **DELETE** /office365s/{office365_id}/domains/{domain_id} | Delete a domain from an Office 365 instance +*JCAPIv2::Office365Api* | [**domains_insert**](docs/Office365Api.md#domains_insert) | **POST** /office365s/{office365_id}/domains | Add a domain to an Office 365 instance +*JCAPIv2::Office365Api* | [**domains_list**](docs/Office365Api.md#domains_list) | **GET** /office365s/{office365_id}/domains | List all domains configured for an Office 365 instance *JCAPIv2::Office365Api* | [**graph_office365_associations_list**](docs/Office365Api.md#graph_office365_associations_list) | **GET** /office365s/{office365_id}/associations | List the associations of an Office 365 instance *JCAPIv2::Office365Api* | [**graph_office365_associations_post**](docs/Office365Api.md#graph_office365_associations_post) | **POST** /office365s/{office365_id}/associations | Manage the associations of an Office 365 instance *JCAPIv2::Office365Api* | [**graph_office365_traverse_user**](docs/Office365Api.md#graph_office365_traverse_user) | **GET** /office365s/{office365_id}/users | List the Users bound to an Office 365 instance *JCAPIv2::Office365Api* | [**graph_office365_traverse_user_group**](docs/Office365Api.md#graph_office365_traverse_user_group) | **GET** /office365s/{office365_id}/usergroups | List the User Groups bound to an Office 365 instance +*JCAPIv2::Office365Api* | [**office365s_get**](docs/Office365Api.md#office365s_get) | **GET** /office365s/{office365_id} | Get Office 365 instance +*JCAPIv2::Office365Api* | [**office365s_list_import_users**](docs/Office365Api.md#office365s_list_import_users) | **GET** /office365s/{office365_id}/import/users | Get a list of users to import from an Office 365 instance +*JCAPIv2::Office365Api* | [**office365s_patch**](docs/Office365Api.md#office365s_patch) | **PATCH** /office365s/{office365_id} | Update existing Office 365 instance. *JCAPIv2::Office365Api* | [**translation_rules_office365_delete**](docs/Office365Api.md#translation_rules_office365_delete) | **DELETE** /office365s/{office365_id}/translationrules/{id} | Deletes a Office 365 translation rule *JCAPIv2::Office365Api* | [**translation_rules_office365_get**](docs/Office365Api.md#translation_rules_office365_get) | **GET** /office365s/{office365_id}/translationrules/{id} | Gets a specific Office 365 translation rule *JCAPIv2::Office365Api* | [**translation_rules_office365_list**](docs/Office365Api.md#translation_rules_office365_list) | **GET** /office365s/{office365_id}/translationrules | List all the Office 365 Translation Rules *JCAPIv2::Office365Api* | [**translation_rules_office365_post**](docs/Office365Api.md#translation_rules_office365_post) | **POST** /office365s/{office365_id}/translationrules | Create a new Office 365 Translation Rule -*JCAPIv2::OrganizationsApi* | [**org_crypto_get**](docs/OrganizationsApi.md#org_crypto_get) | **GET** /organizations/{id}/crypto | Get Crypto Settings -*JCAPIv2::OrganizationsApi* | [**org_crypto_put**](docs/OrganizationsApi.md#org_crypto_put) | **PUT** /organizations/{id}/crypto | Edit Crypto Settings +*JCAPIv2::Office365ImportApi* | [**office365s_list_import_users**](docs/Office365ImportApi.md#office365s_list_import_users) | **GET** /office365s/{office365_id}/import/users | Get a list of users to import from an Office 365 instance +*JCAPIv2::OrganizationsApi* | [**administrator_organizations_create_by_administrator**](docs/OrganizationsApi.md#administrator_organizations_create_by_administrator) | **POST** /administrators/{id}/organizationlinks | Allow Adminstrator access to an Organization. +*JCAPIv2::OrganizationsApi* | [**administrator_organizations_list_by_administrator**](docs/OrganizationsApi.md#administrator_organizations_list_by_administrator) | **GET** /administrators/{id}/organizationlinks | List the association links between an Administrator and Organizations. +*JCAPIv2::OrganizationsApi* | [**administrator_organizations_list_by_organization**](docs/OrganizationsApi.md#administrator_organizations_list_by_organization) | **GET** /organizations/{id}/administratorlinks | List the association links between an Organization and Administrators. +*JCAPIv2::OrganizationsApi* | [**administrator_organizations_remove_by_administrator**](docs/OrganizationsApi.md#administrator_organizations_remove_by_administrator) | **DELETE** /administrators/{administrator_id}/organizationlinks/{id} | Remove association between an Administrator and an Organization. +*JCAPIv2::OrganizationsApi* | [**organizations_org_list_cases**](docs/OrganizationsApi.md#organizations_org_list_cases) | **GET** /organizations/cases | Get all cases (Support/Feature requests) for organization +*JCAPIv2::PasswordManagerApi* | [**device_service_get_device**](docs/PasswordManagerApi.md#device_service_get_device) | **GET** /passwordmanager/devices/{UUID} | +*JCAPIv2::PasswordManagerApi* | [**device_service_list_devices**](docs/PasswordManagerApi.md#device_service_list_devices) | **GET** /passwordmanager/devices | *JCAPIv2::PoliciesApi* | [**graph_policy_associations_list**](docs/PoliciesApi.md#graph_policy_associations_list) | **GET** /policies/{policy_id}/associations | List the associations of a Policy *JCAPIv2::PoliciesApi* | [**graph_policy_associations_post**](docs/PoliciesApi.md#graph_policy_associations_post) | **POST** /policies/{policy_id}/associations | Manage the associations of a Policy +*JCAPIv2::PoliciesApi* | [**graph_policy_member_of**](docs/PoliciesApi.md#graph_policy_member_of) | **GET** /policies/{policy_id}/memberof | List the parent Groups of a Policy *JCAPIv2::PoliciesApi* | [**graph_policy_traverse_system**](docs/PoliciesApi.md#graph_policy_traverse_system) | **GET** /policies/{policy_id}/systems | List the Systems bound to a Policy *JCAPIv2::PoliciesApi* | [**graph_policy_traverse_system_group**](docs/PoliciesApi.md#graph_policy_traverse_system_group) | **GET** /policies/{policy_id}/systemgroups | List the System Groups bound to a Policy *JCAPIv2::PoliciesApi* | [**policies_delete**](docs/PoliciesApi.md#policies_delete) | **DELETE** /policies/{id} | Deletes a Policy @@ -246,107 +12760,225 @@ Class | Method | HTTP request | Description *JCAPIv2::PoliciesApi* | [**policies_put**](docs/PoliciesApi.md#policies_put) | **PUT** /policies/{id} | Update an existing Policy *JCAPIv2::PoliciesApi* | [**policyresults_get**](docs/PoliciesApi.md#policyresults_get) | **GET** /policyresults/{id} | Get a specific Policy Result. *JCAPIv2::PoliciesApi* | [**policyresults_list**](docs/PoliciesApi.md#policyresults_list) | **GET** /policies/{policy_id}/policyresults | Lists all the policy results of a policy. -*JCAPIv2::PoliciesApi* | [**policyresults_org_list**](docs/PoliciesApi.md#policyresults_org_list) | **GET** /policyresults | Lists all the policy results for an organization. -*JCAPIv2::PoliciesApi* | [**policystatuses_list**](docs/PoliciesApi.md#policystatuses_list) | **GET** /policies/{policy_id}/policystatuses | Lists the latest policy results of a policy. -*JCAPIv2::PoliciesApi* | [**policystatuses_list_0**](docs/PoliciesApi.md#policystatuses_list_0) | **GET** /systems/{system_id}/policystatuses | List the policy statuses for a system +*JCAPIv2::PoliciesApi* | [**policyresults_org_list**](docs/PoliciesApi.md#policyresults_org_list) | **GET** /policyresults | Lists all of the policy results for an organization. +*JCAPIv2::PoliciesApi* | [**policystatuses_policies_list**](docs/PoliciesApi.md#policystatuses_policies_list) | **GET** /policies/{policy_id}/policystatuses | Lists the latest policy results of a policy. +*JCAPIv2::PoliciesApi* | [**policystatuses_systems_list**](docs/PoliciesApi.md#policystatuses_systems_list) | **GET** /systems/{system_id}/policystatuses | List the policy statuses for a system *JCAPIv2::PoliciesApi* | [**policytemplates_get**](docs/PoliciesApi.md#policytemplates_get) | **GET** /policytemplates/{id} | Get a specific Policy Template *JCAPIv2::PoliciesApi* | [**policytemplates_list**](docs/PoliciesApi.md#policytemplates_list) | **GET** /policytemplates | Lists all of the Policy Templates +*JCAPIv2::PolicyGroupAssociationsApi* | [**graph_policy_group_associations_list**](docs/PolicyGroupAssociationsApi.md#graph_policy_group_associations_list) | **GET** /policygroups/{group_id}/associations | List the associations of a Policy Group. +*JCAPIv2::PolicyGroupAssociationsApi* | [**graph_policy_group_associations_post**](docs/PolicyGroupAssociationsApi.md#graph_policy_group_associations_post) | **POST** /policygroups/{group_id}/associations | Manage the associations of a Policy Group +*JCAPIv2::PolicyGroupAssociationsApi* | [**graph_policy_group_traverse_system**](docs/PolicyGroupAssociationsApi.md#graph_policy_group_traverse_system) | **GET** /policygroups/{group_id}/systems | List the Systems bound to a Policy Group +*JCAPIv2::PolicyGroupAssociationsApi* | [**graph_policy_group_traverse_system_group**](docs/PolicyGroupAssociationsApi.md#graph_policy_group_traverse_system_group) | **GET** /policygroups/{group_id}/systemgroups | List the System Groups bound to Policy Groups +*JCAPIv2::PolicyGroupMembersMembershipApi* | [**graph_policy_group_members_list**](docs/PolicyGroupMembersMembershipApi.md#graph_policy_group_members_list) | **GET** /policygroups/{group_id}/members | List the members of a Policy Group +*JCAPIv2::PolicyGroupMembersMembershipApi* | [**graph_policy_group_members_post**](docs/PolicyGroupMembersMembershipApi.md#graph_policy_group_members_post) | **POST** /policygroups/{group_id}/members | Manage the members of a Policy Group +*JCAPIv2::PolicyGroupMembersMembershipApi* | [**graph_policy_group_membership**](docs/PolicyGroupMembersMembershipApi.md#graph_policy_group_membership) | **GET** /policygroups/{group_id}/membership | List the Policy Group's membership +*JCAPIv2::PolicyGroupTemplatesApi* | [**policy_group_templates_delete**](docs/PolicyGroupTemplatesApi.md#policy_group_templates_delete) | **DELETE** /providers/{provider_id}/policygrouptemplates/{id} | Deletes policy group template. +*JCAPIv2::PolicyGroupTemplatesApi* | [**policy_group_templates_get**](docs/PolicyGroupTemplatesApi.md#policy_group_templates_get) | **GET** /providers/{provider_id}/policygrouptemplates/{id} | Gets a provider's policy group template. +*JCAPIv2::PolicyGroupTemplatesApi* | [**policy_group_templates_get_configured_policy_template**](docs/PolicyGroupTemplatesApi.md#policy_group_templates_get_configured_policy_template) | **GET** /providers/{provider_id}/configuredpolicytemplates/{id} | Retrieve a configured policy template by id. +*JCAPIv2::PolicyGroupTemplatesApi* | [**policy_group_templates_list**](docs/PolicyGroupTemplatesApi.md#policy_group_templates_list) | **GET** /providers/{provider_id}/policygrouptemplates | List a provider's policy group templates. +*JCAPIv2::PolicyGroupTemplatesApi* | [**policy_group_templates_list_configured_policy_templates**](docs/PolicyGroupTemplatesApi.md#policy_group_templates_list_configured_policy_templates) | **GET** /providers/{provider_id}/configuredpolicytemplates | List a provider's configured policy templates. +*JCAPIv2::PolicyGroupTemplatesApi* | [**policy_group_templates_list_members**](docs/PolicyGroupTemplatesApi.md#policy_group_templates_list_members) | **GET** /providers/{provider_id}/policygrouptemplates/{id}/members | Gets the list of members from a policy group template. +*JCAPIv2::PolicyGroupsApi* | [**graph_policy_group_associations_list**](docs/PolicyGroupsApi.md#graph_policy_group_associations_list) | **GET** /policygroups/{group_id}/associations | List the associations of a Policy Group. +*JCAPIv2::PolicyGroupsApi* | [**graph_policy_group_associations_post**](docs/PolicyGroupsApi.md#graph_policy_group_associations_post) | **POST** /policygroups/{group_id}/associations | Manage the associations of a Policy Group +*JCAPIv2::PolicyGroupsApi* | [**graph_policy_group_members_list**](docs/PolicyGroupsApi.md#graph_policy_group_members_list) | **GET** /policygroups/{group_id}/members | List the members of a Policy Group +*JCAPIv2::PolicyGroupsApi* | [**graph_policy_group_members_post**](docs/PolicyGroupsApi.md#graph_policy_group_members_post) | **POST** /policygroups/{group_id}/members | Manage the members of a Policy Group +*JCAPIv2::PolicyGroupsApi* | [**graph_policy_group_membership**](docs/PolicyGroupsApi.md#graph_policy_group_membership) | **GET** /policygroups/{group_id}/membership | List the Policy Group's membership +*JCAPIv2::PolicyGroupsApi* | [**graph_policy_group_traverse_system**](docs/PolicyGroupsApi.md#graph_policy_group_traverse_system) | **GET** /policygroups/{group_id}/systems | List the Systems bound to a Policy Group +*JCAPIv2::PolicyGroupsApi* | [**graph_policy_group_traverse_system_group**](docs/PolicyGroupsApi.md#graph_policy_group_traverse_system_group) | **GET** /policygroups/{group_id}/systemgroups | List the System Groups bound to Policy Groups +*JCAPIv2::PolicyGroupsApi* | [**groups_policy_delete**](docs/PolicyGroupsApi.md#groups_policy_delete) | **DELETE** /policygroups/{id} | Delete a Policy Group +*JCAPIv2::PolicyGroupsApi* | [**groups_policy_get**](docs/PolicyGroupsApi.md#groups_policy_get) | **GET** /policygroups/{id} | View an individual Policy Group details +*JCAPIv2::PolicyGroupsApi* | [**groups_policy_list**](docs/PolicyGroupsApi.md#groups_policy_list) | **GET** /policygroups | List all Policy Groups +*JCAPIv2::PolicyGroupsApi* | [**groups_policy_post**](docs/PolicyGroupsApi.md#groups_policy_post) | **POST** /policygroups | Create a new Policy Group +*JCAPIv2::PolicyGroupsApi* | [**groups_policy_put**](docs/PolicyGroupsApi.md#groups_policy_put) | **PUT** /policygroups/{id} | Update a Policy Group *JCAPIv2::PolicytemplatesApi* | [**policytemplates_get**](docs/PolicytemplatesApi.md#policytemplates_get) | **GET** /policytemplates/{id} | Get a specific Policy Template *JCAPIv2::PolicytemplatesApi* | [**policytemplates_list**](docs/PolicytemplatesApi.md#policytemplates_list) | **GET** /policytemplates | Lists all of the Policy Templates +*JCAPIv2::ProvidersApi* | [**autotask_create_configuration**](docs/ProvidersApi.md#autotask_create_configuration) | **POST** /providers/{provider_id}/integrations/autotask | Creates a new Autotask integration for the provider +*JCAPIv2::ProvidersApi* | [**autotask_delete_configuration**](docs/ProvidersApi.md#autotask_delete_configuration) | **DELETE** /integrations/autotask/{UUID} | Delete Autotask Integration +*JCAPIv2::ProvidersApi* | [**autotask_get_configuration**](docs/ProvidersApi.md#autotask_get_configuration) | **GET** /integrations/autotask/{UUID} | Retrieve Autotask Integration Configuration +*JCAPIv2::ProvidersApi* | [**autotask_patch_mappings**](docs/ProvidersApi.md#autotask_patch_mappings) | **PATCH** /integrations/autotask/{UUID}/mappings | Create, edit, and/or delete Autotask Mappings +*JCAPIv2::ProvidersApi* | [**autotask_patch_settings**](docs/ProvidersApi.md#autotask_patch_settings) | **PATCH** /integrations/autotask/{UUID}/settings | Create, edit, and/or delete Autotask Integration settings +*JCAPIv2::ProvidersApi* | [**autotask_retrieve_all_alert_configuration_options**](docs/ProvidersApi.md#autotask_retrieve_all_alert_configuration_options) | **GET** /providers/{provider_id}/integrations/autotask/alerts/configuration/options | Get all Autotask ticketing alert configuration options for a provider +*JCAPIv2::ProvidersApi* | [**autotask_retrieve_all_alert_configurations**](docs/ProvidersApi.md#autotask_retrieve_all_alert_configurations) | **GET** /providers/{provider_id}/integrations/autotask/alerts/configuration | Get all Autotask ticketing alert configurations for a provider +*JCAPIv2::ProvidersApi* | [**autotask_retrieve_companies**](docs/ProvidersApi.md#autotask_retrieve_companies) | **GET** /integrations/autotask/{UUID}/companies | Retrieve Autotask Companies +*JCAPIv2::ProvidersApi* | [**autotask_retrieve_company_types**](docs/ProvidersApi.md#autotask_retrieve_company_types) | **GET** /integrations/autotask/{UUID}/companytypes | Retrieve Autotask Company Types +*JCAPIv2::ProvidersApi* | [**autotask_retrieve_contracts**](docs/ProvidersApi.md#autotask_retrieve_contracts) | **GET** /integrations/autotask/{UUID}/contracts | Retrieve Autotask Contracts +*JCAPIv2::ProvidersApi* | [**autotask_retrieve_contracts_fields**](docs/ProvidersApi.md#autotask_retrieve_contracts_fields) | **GET** /integrations/autotask/{UUID}/contracts/fields | Retrieve Autotask Contract Fields +*JCAPIv2::ProvidersApi* | [**autotask_retrieve_mappings**](docs/ProvidersApi.md#autotask_retrieve_mappings) | **GET** /integrations/autotask/{UUID}/mappings | Retrieve Autotask mappings +*JCAPIv2::ProvidersApi* | [**autotask_retrieve_services**](docs/ProvidersApi.md#autotask_retrieve_services) | **GET** /integrations/autotask/{UUID}/contracts/services | Retrieve Autotask Contract Services +*JCAPIv2::ProvidersApi* | [**autotask_retrieve_settings**](docs/ProvidersApi.md#autotask_retrieve_settings) | **GET** /integrations/autotask/{UUID}/settings | Retrieve Autotask Integration settings +*JCAPIv2::ProvidersApi* | [**autotask_update_alert_configuration**](docs/ProvidersApi.md#autotask_update_alert_configuration) | **PUT** /providers/{provider_id}/integrations/autotask/alerts/{alert_UUID}/configuration | Update an Autotask ticketing alert's configuration +*JCAPIv2::ProvidersApi* | [**autotask_update_configuration**](docs/ProvidersApi.md#autotask_update_configuration) | **PATCH** /integrations/autotask/{UUID} | Update Autotask Integration configuration +*JCAPIv2::ProvidersApi* | [**billing_get_contract**](docs/ProvidersApi.md#billing_get_contract) | **GET** /providers/{provider_id}/billing/contract | Retrieve contract for a Provider +*JCAPIv2::ProvidersApi* | [**billing_get_details**](docs/ProvidersApi.md#billing_get_details) | **GET** /providers/{provider_id}/billing/details | Retrieve billing details for a Provider +*JCAPIv2::ProvidersApi* | [**connectwise_create_configuration**](docs/ProvidersApi.md#connectwise_create_configuration) | **POST** /providers/{provider_id}/integrations/connectwise | Creates a new ConnectWise integration for the provider +*JCAPIv2::ProvidersApi* | [**connectwise_delete_configuration**](docs/ProvidersApi.md#connectwise_delete_configuration) | **DELETE** /integrations/connectwise/{UUID} | Delete ConnectWise Integration +*JCAPIv2::ProvidersApi* | [**connectwise_get_configuration**](docs/ProvidersApi.md#connectwise_get_configuration) | **GET** /integrations/connectwise/{UUID} | Retrieve ConnectWise Integration Configuration +*JCAPIv2::ProvidersApi* | [**connectwise_patch_mappings**](docs/ProvidersApi.md#connectwise_patch_mappings) | **PATCH** /integrations/connectwise/{UUID}/mappings | Create, edit, and/or delete ConnectWise Mappings +*JCAPIv2::ProvidersApi* | [**connectwise_patch_settings**](docs/ProvidersApi.md#connectwise_patch_settings) | **PATCH** /integrations/connectwise/{UUID}/settings | Create, edit, and/or delete ConnectWise Integration settings +*JCAPIv2::ProvidersApi* | [**connectwise_retrieve_additions**](docs/ProvidersApi.md#connectwise_retrieve_additions) | **GET** /integrations/connectwise/{UUID}/agreements/{agreement_ID}/additions | Retrieve ConnectWise Additions +*JCAPIv2::ProvidersApi* | [**connectwise_retrieve_agreements**](docs/ProvidersApi.md#connectwise_retrieve_agreements) | **GET** /integrations/connectwise/{UUID}/agreements | Retrieve ConnectWise Agreements +*JCAPIv2::ProvidersApi* | [**connectwise_retrieve_all_alert_configuration_options**](docs/ProvidersApi.md#connectwise_retrieve_all_alert_configuration_options) | **GET** /providers/{provider_id}/integrations/connectwise/alerts/configuration/options | Get all ConnectWise ticketing alert configuration options for a provider +*JCAPIv2::ProvidersApi* | [**connectwise_retrieve_all_alert_configurations**](docs/ProvidersApi.md#connectwise_retrieve_all_alert_configurations) | **GET** /providers/{provider_id}/integrations/connectwise/alerts/configuration | Get all ConnectWise ticketing alert configurations for a provider +*JCAPIv2::ProvidersApi* | [**connectwise_retrieve_companies**](docs/ProvidersApi.md#connectwise_retrieve_companies) | **GET** /integrations/connectwise/{UUID}/companies | Retrieve ConnectWise Companies +*JCAPIv2::ProvidersApi* | [**connectwise_retrieve_company_types**](docs/ProvidersApi.md#connectwise_retrieve_company_types) | **GET** /integrations/connectwise/{UUID}/companytypes | Retrieve ConnectWise Company Types +*JCAPIv2::ProvidersApi* | [**connectwise_retrieve_mappings**](docs/ProvidersApi.md#connectwise_retrieve_mappings) | **GET** /integrations/connectwise/{UUID}/mappings | Retrieve ConnectWise mappings +*JCAPIv2::ProvidersApi* | [**connectwise_retrieve_settings**](docs/ProvidersApi.md#connectwise_retrieve_settings) | **GET** /integrations/connectwise/{UUID}/settings | Retrieve ConnectWise Integration settings +*JCAPIv2::ProvidersApi* | [**connectwise_update_alert_configuration**](docs/ProvidersApi.md#connectwise_update_alert_configuration) | **PUT** /providers/{provider_id}/integrations/connectwise/alerts/{alert_UUID}/configuration | Update a ConnectWise ticketing alert's configuration +*JCAPIv2::ProvidersApi* | [**connectwise_update_configuration**](docs/ProvidersApi.md#connectwise_update_configuration) | **PATCH** /integrations/connectwise/{UUID} | Update ConnectWise Integration configuration +*JCAPIv2::ProvidersApi* | [**mtp_integration_retrieve_alerts**](docs/ProvidersApi.md#mtp_integration_retrieve_alerts) | **GET** /providers/{provider_id}/integrations/ticketing/alerts | Get all ticketing alerts available for a provider's ticketing integration. +*JCAPIv2::ProvidersApi* | [**mtp_integration_retrieve_sync_errors**](docs/ProvidersApi.md#mtp_integration_retrieve_sync_errors) | **GET** /integrations/{integration_type}/{UUID}/errors | Retrieve Recent Integration Sync Errors +*JCAPIv2::ProvidersApi* | [**policy_group_templates_delete**](docs/ProvidersApi.md#policy_group_templates_delete) | **DELETE** /providers/{provider_id}/policygrouptemplates/{id} | Deletes policy group template. +*JCAPIv2::ProvidersApi* | [**policy_group_templates_get**](docs/ProvidersApi.md#policy_group_templates_get) | **GET** /providers/{provider_id}/policygrouptemplates/{id} | Gets a provider's policy group template. +*JCAPIv2::ProvidersApi* | [**policy_group_templates_get_configured_policy_template**](docs/ProvidersApi.md#policy_group_templates_get_configured_policy_template) | **GET** /providers/{provider_id}/configuredpolicytemplates/{id} | Retrieve a configured policy template by id. +*JCAPIv2::ProvidersApi* | [**policy_group_templates_list**](docs/ProvidersApi.md#policy_group_templates_list) | **GET** /providers/{provider_id}/policygrouptemplates | List a provider's policy group templates. +*JCAPIv2::ProvidersApi* | [**policy_group_templates_list_configured_policy_templates**](docs/ProvidersApi.md#policy_group_templates_list_configured_policy_templates) | **GET** /providers/{provider_id}/configuredpolicytemplates | List a provider's configured policy templates. +*JCAPIv2::ProvidersApi* | [**policy_group_templates_list_members**](docs/ProvidersApi.md#policy_group_templates_list_members) | **GET** /providers/{provider_id}/policygrouptemplates/{id}/members | Gets the list of members from a policy group template. +*JCAPIv2::ProvidersApi* | [**provider_organizations_create_org**](docs/ProvidersApi.md#provider_organizations_create_org) | **POST** /providers/{provider_id}/organizations | Create Provider Organization +*JCAPIv2::ProvidersApi* | [**provider_organizations_update_org**](docs/ProvidersApi.md#provider_organizations_update_org) | **PUT** /providers/{provider_id}/organizations/{id} | Update Provider Organization +*JCAPIv2::ProvidersApi* | [**providers_get_provider**](docs/ProvidersApi.md#providers_get_provider) | **GET** /providers/{provider_id} | Retrieve Provider *JCAPIv2::ProvidersApi* | [**providers_list_administrators**](docs/ProvidersApi.md#providers_list_administrators) | **GET** /providers/{provider_id}/administrators | List Provider Administrators +*JCAPIv2::ProvidersApi* | [**providers_list_organizations**](docs/ProvidersApi.md#providers_list_organizations) | **GET** /providers/{provider_id}/organizations | List Provider Organizations *JCAPIv2::ProvidersApi* | [**providers_post_admins**](docs/ProvidersApi.md#providers_post_admins) | **POST** /providers/{provider_id}/administrators | Create a new Provider Administrator +*JCAPIv2::ProvidersApi* | [**providers_provider_list_case**](docs/ProvidersApi.md#providers_provider_list_case) | **GET** /providers/{provider_id}/cases | Get all cases (Support/Feature requests) for provider +*JCAPIv2::ProvidersApi* | [**providers_remove_administrator**](docs/ProvidersApi.md#providers_remove_administrator) | **DELETE** /providers/{provider_id}/administrators/{id} | Delete Provider Administrator +*JCAPIv2::ProvidersApi* | [**providers_retrieve_integrations**](docs/ProvidersApi.md#providers_retrieve_integrations) | **GET** /providers/{provider_id}/integrations | Retrieve Integrations for Provider +*JCAPIv2::ProvidersApi* | [**providers_retrieve_invoice**](docs/ProvidersApi.md#providers_retrieve_invoice) | **GET** /providers/{provider_id}/invoices/{ID} | Download a provider's invoice. +*JCAPIv2::ProvidersApi* | [**providers_retrieve_invoices**](docs/ProvidersApi.md#providers_retrieve_invoices) | **GET** /providers/{provider_id}/invoices | List a provider's invoices. +*JCAPIv2::ProvidersApi* | [**syncro_create_configuration**](docs/ProvidersApi.md#syncro_create_configuration) | **POST** /providers/{provider_id}/integrations/syncro | Creates a new Syncro integration for the provider +*JCAPIv2::ProvidersApi* | [**syncro_delete_configuration**](docs/ProvidersApi.md#syncro_delete_configuration) | **DELETE** /integrations/syncro/{UUID} | Delete Syncro Integration +*JCAPIv2::ProvidersApi* | [**syncro_get_configuration**](docs/ProvidersApi.md#syncro_get_configuration) | **GET** /integrations/syncro/{UUID} | Retrieve Syncro Integration Configuration +*JCAPIv2::ProvidersApi* | [**syncro_patch_mappings**](docs/ProvidersApi.md#syncro_patch_mappings) | **PATCH** /integrations/syncro/{UUID}/mappings | Create, edit, and/or delete Syncro Mappings +*JCAPIv2::ProvidersApi* | [**syncro_patch_settings**](docs/ProvidersApi.md#syncro_patch_settings) | **PATCH** /integrations/syncro/{UUID}/settings | Create, edit, and/or delete Syncro Integration settings +*JCAPIv2::ProvidersApi* | [**syncro_retrieve_all_alert_configuration_options**](docs/ProvidersApi.md#syncro_retrieve_all_alert_configuration_options) | **GET** /providers/{provider_id}/integrations/syncro/alerts/configuration/options | Get all Syncro ticketing alert configuration options for a provider +*JCAPIv2::ProvidersApi* | [**syncro_retrieve_all_alert_configurations**](docs/ProvidersApi.md#syncro_retrieve_all_alert_configurations) | **GET** /providers/{provider_id}/integrations/syncro/alerts/configuration | Get all Syncro ticketing alert configurations for a provider +*JCAPIv2::ProvidersApi* | [**syncro_retrieve_billing_mapping_configuration_options**](docs/ProvidersApi.md#syncro_retrieve_billing_mapping_configuration_options) | **GET** /integrations/syncro/{UUID}/billing_mapping_configuration_options | Retrieve Syncro billing mappings dependencies +*JCAPIv2::ProvidersApi* | [**syncro_retrieve_companies**](docs/ProvidersApi.md#syncro_retrieve_companies) | **GET** /integrations/syncro/{UUID}/companies | Retrieve Syncro Companies +*JCAPIv2::ProvidersApi* | [**syncro_retrieve_mappings**](docs/ProvidersApi.md#syncro_retrieve_mappings) | **GET** /integrations/syncro/{UUID}/mappings | Retrieve Syncro mappings +*JCAPIv2::ProvidersApi* | [**syncro_retrieve_settings**](docs/ProvidersApi.md#syncro_retrieve_settings) | **GET** /integrations/syncro/{UUID}/settings | Retrieve Syncro Integration settings +*JCAPIv2::ProvidersApi* | [**syncro_update_alert_configuration**](docs/ProvidersApi.md#syncro_update_alert_configuration) | **PUT** /providers/{provider_id}/integrations/syncro/alerts/{alert_UUID}/configuration | Update a Syncro ticketing alert's configuration +*JCAPIv2::ProvidersApi* | [**syncro_update_configuration**](docs/ProvidersApi.md#syncro_update_configuration) | **PATCH** /integrations/syncro/{UUID} | Update Syncro Integration configuration *JCAPIv2::RADIUSServersApi* | [**graph_radius_server_associations_list**](docs/RADIUSServersApi.md#graph_radius_server_associations_list) | **GET** /radiusservers/{radiusserver_id}/associations | List the associations of a RADIUS Server *JCAPIv2::RADIUSServersApi* | [**graph_radius_server_associations_post**](docs/RADIUSServersApi.md#graph_radius_server_associations_post) | **POST** /radiusservers/{radiusserver_id}/associations | Manage the associations of a RADIUS Server *JCAPIv2::RADIUSServersApi* | [**graph_radius_server_traverse_user**](docs/RADIUSServersApi.md#graph_radius_server_traverse_user) | **GET** /radiusservers/{radiusserver_id}/users | List the Users bound to a RADIUS Server *JCAPIv2::RADIUSServersApi* | [**graph_radius_server_traverse_user_group**](docs/RADIUSServersApi.md#graph_radius_server_traverse_user_group) | **GET** /radiusservers/{radiusserver_id}/usergroups | List the User Groups bound to a RADIUS Server +*JCAPIv2::SCIMImportApi* | [**import_users**](docs/SCIMImportApi.md#import_users) | **GET** /applications/{application_id}/import/users | Get a list of users to import from an Application IdM service provider *JCAPIv2::SambaDomainsApi* | [**ldapservers_samba_domains_delete**](docs/SambaDomainsApi.md#ldapservers_samba_domains_delete) | **DELETE** /ldapservers/{ldapserver_id}/sambadomains/{id} | Delete Samba Domain *JCAPIv2::SambaDomainsApi* | [**ldapservers_samba_domains_get**](docs/SambaDomainsApi.md#ldapservers_samba_domains_get) | **GET** /ldapservers/{ldapserver_id}/sambadomains/{id} | Get Samba Domain *JCAPIv2::SambaDomainsApi* | [**ldapservers_samba_domains_list**](docs/SambaDomainsApi.md#ldapservers_samba_domains_list) | **GET** /ldapservers/{ldapserver_id}/sambadomains | List Samba Domains *JCAPIv2::SambaDomainsApi* | [**ldapservers_samba_domains_post**](docs/SambaDomainsApi.md#ldapservers_samba_domains_post) | **POST** /ldapservers/{ldapserver_id}/sambadomains | Create Samba Domain *JCAPIv2::SambaDomainsApi* | [**ldapservers_samba_domains_put**](docs/SambaDomainsApi.md#ldapservers_samba_domains_put) | **PUT** /ldapservers/{ldapserver_id}/sambadomains/{id} | Update Samba Domain +*JCAPIv2::SoftwareAppsApi* | [**graph_softwareapps_associations_list**](docs/SoftwareAppsApi.md#graph_softwareapps_associations_list) | **GET** /softwareapps/{software_app_id}/associations | List the associations of a Software Application +*JCAPIv2::SoftwareAppsApi* | [**graph_softwareapps_associations_post**](docs/SoftwareAppsApi.md#graph_softwareapps_associations_post) | **POST** /softwareapps/{software_app_id}/associations | Manage the associations of a software application. +*JCAPIv2::SoftwareAppsApi* | [**graph_softwareapps_traverse_system**](docs/SoftwareAppsApi.md#graph_softwareapps_traverse_system) | **GET** /softwareapps/{software_app_id}/systems | List the Systems bound to a Software App. +*JCAPIv2::SoftwareAppsApi* | [**graph_softwareapps_traverse_system_group**](docs/SoftwareAppsApi.md#graph_softwareapps_traverse_system_group) | **GET** /softwareapps/{software_app_id}/systemgroups | List the System Groups bound to a Software App. +*JCAPIv2::SoftwareAppsApi* | [**software_app_statuses_list**](docs/SoftwareAppsApi.md#software_app_statuses_list) | **GET** /softwareapps/{software_app_id}/statuses | Get the status of the provided Software Application +*JCAPIv2::SoftwareAppsApi* | [**software_apps_delete**](docs/SoftwareAppsApi.md#software_apps_delete) | **DELETE** /softwareapps/{id} | Delete a configured Software Application +*JCAPIv2::SoftwareAppsApi* | [**software_apps_get**](docs/SoftwareAppsApi.md#software_apps_get) | **GET** /softwareapps/{id} | Retrieve a configured Software Application. +*JCAPIv2::SoftwareAppsApi* | [**software_apps_list**](docs/SoftwareAppsApi.md#software_apps_list) | **GET** /softwareapps | Get all configured Software Applications. +*JCAPIv2::SoftwareAppsApi* | [**software_apps_post**](docs/SoftwareAppsApi.md#software_apps_post) | **POST** /softwareapps | Create a Software Application that will be managed by JumpCloud. +*JCAPIv2::SoftwareAppsApi* | [**software_apps_reclaim_licenses**](docs/SoftwareAppsApi.md#software_apps_reclaim_licenses) | **POST** /softwareapps/{software_app_id}/reclaim-licenses | Reclaim Licenses for a Software Application. +*JCAPIv2::SoftwareAppsApi* | [**software_apps_retry_installation**](docs/SoftwareAppsApi.md#software_apps_retry_installation) | **POST** /softwareapps/{software_app_id}/retry-installation | Retry Installation for a Software Application +*JCAPIv2::SoftwareAppsApi* | [**software_apps_update**](docs/SoftwareAppsApi.md#software_apps_update) | **PUT** /softwareapps/{id} | Update a Software Application Configuration. +*JCAPIv2::SoftwareAppsApi* | [**validator_validate_application_install_package**](docs/SoftwareAppsApi.md#validator_validate_application_install_package) | **POST** /softwareapps/validate | Validate Installation Packages +*JCAPIv2::SubscriptionsApi* | [**subscriptions_get**](docs/SubscriptionsApi.md#subscriptions_get) | **GET** /subscriptions | Lists all the Pricing & Packaging Subscriptions *JCAPIv2::SystemGroupAssociationsApi* | [**graph_system_group_associations_list**](docs/SystemGroupAssociationsApi.md#graph_system_group_associations_list) | **GET** /systemgroups/{group_id}/associations | List the associations of a System Group *JCAPIv2::SystemGroupAssociationsApi* | [**graph_system_group_associations_post**](docs/SystemGroupAssociationsApi.md#graph_system_group_associations_post) | **POST** /systemgroups/{group_id}/associations | Manage the associations of a System Group *JCAPIv2::SystemGroupAssociationsApi* | [**graph_system_group_traverse_command**](docs/SystemGroupAssociationsApi.md#graph_system_group_traverse_command) | **GET** /systemgroups/{group_id}/commands | List the Commands bound to a System Group *JCAPIv2::SystemGroupAssociationsApi* | [**graph_system_group_traverse_policy**](docs/SystemGroupAssociationsApi.md#graph_system_group_traverse_policy) | **GET** /systemgroups/{group_id}/policies | List the Policies bound to a System Group +*JCAPIv2::SystemGroupAssociationsApi* | [**graph_system_group_traverse_policy_group**](docs/SystemGroupAssociationsApi.md#graph_system_group_traverse_policy_group) | **GET** /systemgroups/{group_id}/policygroups | List the Policy Groups bound to a System Group *JCAPIv2::SystemGroupAssociationsApi* | [**graph_system_group_traverse_user**](docs/SystemGroupAssociationsApi.md#graph_system_group_traverse_user) | **GET** /systemgroups/{group_id}/users | List the Users bound to a System Group *JCAPIv2::SystemGroupAssociationsApi* | [**graph_system_group_traverse_user_group**](docs/SystemGroupAssociationsApi.md#graph_system_group_traverse_user_group) | **GET** /systemgroups/{group_id}/usergroups | List the User Groups bound to a System Group -*JCAPIv2::SystemGroupMembersMembershipApi* | [**graph_system_group_member_of**](docs/SystemGroupMembersMembershipApi.md#graph_system_group_member_of) | **GET** /systemgroups/{group_id}/memberof | List the System Group's parents *JCAPIv2::SystemGroupMembersMembershipApi* | [**graph_system_group_members_list**](docs/SystemGroupMembersMembershipApi.md#graph_system_group_members_list) | **GET** /systemgroups/{group_id}/members | List the members of a System Group *JCAPIv2::SystemGroupMembersMembershipApi* | [**graph_system_group_members_post**](docs/SystemGroupMembersMembershipApi.md#graph_system_group_members_post) | **POST** /systemgroups/{group_id}/members | Manage the members of a System Group *JCAPIv2::SystemGroupMembersMembershipApi* | [**graph_system_group_membership**](docs/SystemGroupMembersMembershipApi.md#graph_system_group_membership) | **GET** /systemgroups/{group_id}/membership | List the System Group's membership *JCAPIv2::SystemGroupsApi* | [**graph_system_group_associations_list**](docs/SystemGroupsApi.md#graph_system_group_associations_list) | **GET** /systemgroups/{group_id}/associations | List the associations of a System Group *JCAPIv2::SystemGroupsApi* | [**graph_system_group_associations_post**](docs/SystemGroupsApi.md#graph_system_group_associations_post) | **POST** /systemgroups/{group_id}/associations | Manage the associations of a System Group -*JCAPIv2::SystemGroupsApi* | [**graph_system_group_member_of**](docs/SystemGroupsApi.md#graph_system_group_member_of) | **GET** /systemgroups/{group_id}/memberof | List the System Group's parents *JCAPIv2::SystemGroupsApi* | [**graph_system_group_members_list**](docs/SystemGroupsApi.md#graph_system_group_members_list) | **GET** /systemgroups/{group_id}/members | List the members of a System Group *JCAPIv2::SystemGroupsApi* | [**graph_system_group_members_post**](docs/SystemGroupsApi.md#graph_system_group_members_post) | **POST** /systemgroups/{group_id}/members | Manage the members of a System Group *JCAPIv2::SystemGroupsApi* | [**graph_system_group_membership**](docs/SystemGroupsApi.md#graph_system_group_membership) | **GET** /systemgroups/{group_id}/membership | List the System Group's membership *JCAPIv2::SystemGroupsApi* | [**graph_system_group_traverse_policy**](docs/SystemGroupsApi.md#graph_system_group_traverse_policy) | **GET** /systemgroups/{group_id}/policies | List the Policies bound to a System Group +*JCAPIv2::SystemGroupsApi* | [**graph_system_group_traverse_policy_group**](docs/SystemGroupsApi.md#graph_system_group_traverse_policy_group) | **GET** /systemgroups/{group_id}/policygroups | List the Policy Groups bound to a System Group *JCAPIv2::SystemGroupsApi* | [**graph_system_group_traverse_user**](docs/SystemGroupsApi.md#graph_system_group_traverse_user) | **GET** /systemgroups/{group_id}/users | List the Users bound to a System Group *JCAPIv2::SystemGroupsApi* | [**graph_system_group_traverse_user_group**](docs/SystemGroupsApi.md#graph_system_group_traverse_user_group) | **GET** /systemgroups/{group_id}/usergroups | List the User Groups bound to a System Group *JCAPIv2::SystemGroupsApi* | [**groups_system_delete**](docs/SystemGroupsApi.md#groups_system_delete) | **DELETE** /systemgroups/{id} | Delete a System Group *JCAPIv2::SystemGroupsApi* | [**groups_system_get**](docs/SystemGroupsApi.md#groups_system_get) | **GET** /systemgroups/{id} | View an individual System Group details *JCAPIv2::SystemGroupsApi* | [**groups_system_list**](docs/SystemGroupsApi.md#groups_system_list) | **GET** /systemgroups | List all System Groups -*JCAPIv2::SystemGroupsApi* | [**groups_system_patch**](docs/SystemGroupsApi.md#groups_system_patch) | **PATCH** /systemgroups/{id} | Partial update a System Group *JCAPIv2::SystemGroupsApi* | [**groups_system_post**](docs/SystemGroupsApi.md#groups_system_post) | **POST** /systemgroups | Create a new System Group *JCAPIv2::SystemGroupsApi* | [**groups_system_put**](docs/SystemGroupsApi.md#groups_system_put) | **PUT** /systemgroups/{id} | Update a System Group +*JCAPIv2::SystemGroupsApi* | [**groups_system_suggestions_get**](docs/SystemGroupsApi.md#groups_system_suggestions_get) | **GET** /systemgroups/{group_id}/suggestions | List Suggestions for a System Group +*JCAPIv2::SystemGroupsApi* | [**groups_system_suggestions_post**](docs/SystemGroupsApi.md#groups_system_suggestions_post) | **POST** /systemgroups/{group_id}/suggestions | Apply Suggestions for a System Group +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_alf**](docs/SystemInsightsApi.md#systeminsights_list_alf) | **GET** /systeminsights/alf | List System Insights ALF +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_alf_exceptions**](docs/SystemInsightsApi.md#systeminsights_list_alf_exceptions) | **GET** /systeminsights/alf_exceptions | List System Insights ALF Exceptions +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_alf_explicit_auths**](docs/SystemInsightsApi.md#systeminsights_list_alf_explicit_auths) | **GET** /systeminsights/alf_explicit_auths | List System Insights ALF Explicit Authentications +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_appcompat_shims**](docs/SystemInsightsApi.md#systeminsights_list_appcompat_shims) | **GET** /systeminsights/appcompat_shims | List System Insights Application Compatibility Shims *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_apps**](docs/SystemInsightsApi.md#systeminsights_list_apps) | **GET** /systeminsights/apps | List System Insights Apps +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_authorized_keys**](docs/SystemInsightsApi.md#systeminsights_list_authorized_keys) | **GET** /systeminsights/authorized_keys | List System Insights Authorized Keys +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_azure_instance_metadata**](docs/SystemInsightsApi.md#systeminsights_list_azure_instance_metadata) | **GET** /systeminsights/azure_instance_metadata | List System Insights Azure Instance Metadata +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_azure_instance_tags**](docs/SystemInsightsApi.md#systeminsights_list_azure_instance_tags) | **GET** /systeminsights/azure_instance_tags | List System Insights Azure Instance Tags *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_battery**](docs/SystemInsightsApi.md#systeminsights_list_battery) | **GET** /systeminsights/battery | List System Insights Battery *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_bitlocker_info**](docs/SystemInsightsApi.md#systeminsights_list_bitlocker_info) | **GET** /systeminsights/bitlocker_info | List System Insights Bitlocker Info *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_browser_plugins**](docs/SystemInsightsApi.md#systeminsights_list_browser_plugins) | **GET** /systeminsights/browser_plugins | List System Insights Browser Plugins +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_certificates**](docs/SystemInsightsApi.md#systeminsights_list_certificates) | **GET** /systeminsights/certificates | List System Insights Certificates +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_chassis_info**](docs/SystemInsightsApi.md#systeminsights_list_chassis_info) | **GET** /systeminsights/chassis_info | List System Insights Chassis Info *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_chrome_extensions**](docs/SystemInsightsApi.md#systeminsights_list_chrome_extensions) | **GET** /systeminsights/chrome_extensions | List System Insights Chrome Extensions +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_connectivity**](docs/SystemInsightsApi.md#systeminsights_list_connectivity) | **GET** /systeminsights/connectivity | List System Insights Connectivity *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_crashes**](docs/SystemInsightsApi.md#systeminsights_list_crashes) | **GET** /systeminsights/crashes | List System Insights Crashes +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_cups_destinations**](docs/SystemInsightsApi.md#systeminsights_list_cups_destinations) | **GET** /systeminsights/cups_destinations | List System Insights CUPS Destinations *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_disk_encryption**](docs/SystemInsightsApi.md#systeminsights_list_disk_encryption) | **GET** /systeminsights/disk_encryption | List System Insights Disk Encryption *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_disk_info**](docs/SystemInsightsApi.md#systeminsights_list_disk_info) | **GET** /systeminsights/disk_info | List System Insights Disk Info +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_dns_resolvers**](docs/SystemInsightsApi.md#systeminsights_list_dns_resolvers) | **GET** /systeminsights/dns_resolvers | List System Insights DNS Resolvers *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_etc_hosts**](docs/SystemInsightsApi.md#systeminsights_list_etc_hosts) | **GET** /systeminsights/etc_hosts | List System Insights Etc Hosts *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_firefox_addons**](docs/SystemInsightsApi.md#systeminsights_list_firefox_addons) | **GET** /systeminsights/firefox_addons | List System Insights Firefox Addons *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_groups**](docs/SystemInsightsApi.md#systeminsights_list_groups) | **GET** /systeminsights/groups | List System Insights Groups *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_ie_extensions**](docs/SystemInsightsApi.md#systeminsights_list_ie_extensions) | **GET** /systeminsights/ie_extensions | List System Insights IE Extensions *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_interface_addresses**](docs/SystemInsightsApi.md#systeminsights_list_interface_addresses) | **GET** /systeminsights/interface_addresses | List System Insights Interface Addresses +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_interface_details**](docs/SystemInsightsApi.md#systeminsights_list_interface_details) | **GET** /systeminsights/interface_details | List System Insights Interface Details *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_kernel_info**](docs/SystemInsightsApi.md#systeminsights_list_kernel_info) | **GET** /systeminsights/kernel_info | List System Insights Kernel Info *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_launchd**](docs/SystemInsightsApi.md#systeminsights_list_launchd) | **GET** /systeminsights/launchd | List System Insights Launchd +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_linux_packages**](docs/SystemInsightsApi.md#systeminsights_list_linux_packages) | **GET** /systeminsights/linux_packages | List System Insights Linux Packages *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_logged_in_users**](docs/SystemInsightsApi.md#systeminsights_list_logged_in_users) | **GET** /systeminsights/logged_in_users | List System Insights Logged-In Users *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_logical_drives**](docs/SystemInsightsApi.md#systeminsights_list_logical_drives) | **GET** /systeminsights/logical_drives | List System Insights Logical Drives +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_managed_policies**](docs/SystemInsightsApi.md#systeminsights_list_managed_policies) | **GET** /systeminsights/managed_policies | List System Insights Managed Policies *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_mounts**](docs/SystemInsightsApi.md#systeminsights_list_mounts) | **GET** /systeminsights/mounts | List System Insights Mounts *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_os_version**](docs/SystemInsightsApi.md#systeminsights_list_os_version) | **GET** /systeminsights/os_version | List System Insights OS Version *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_patches**](docs/SystemInsightsApi.md#systeminsights_list_patches) | **GET** /systeminsights/patches | List System Insights Patches *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_programs**](docs/SystemInsightsApi.md#systeminsights_list_programs) | **GET** /systeminsights/programs | List System Insights Programs +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_python_packages**](docs/SystemInsightsApi.md#systeminsights_list_python_packages) | **GET** /systeminsights/python_packages | List System Insights Python Packages *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_safari_extensions**](docs/SystemInsightsApi.md#systeminsights_list_safari_extensions) | **GET** /systeminsights/safari_extensions | List System Insights Safari Extensions -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_apps**](docs/SystemInsightsApi.md#systeminsights_list_system_apps) | **GET** /systeminsights/{system_id}/apps | List System Insights System Apps -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_bitlocker_info**](docs/SystemInsightsApi.md#systeminsights_list_system_bitlocker_info) | **GET** /systeminsights/{system_id}/bitlocker_info | List System Insights System Bitlocker Info -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_browser_plugins**](docs/SystemInsightsApi.md#systeminsights_list_system_browser_plugins) | **GET** /systeminsights/{system_id}/browser_plugins | List System Insights System Browser Plugins -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_chrome_extensions**](docs/SystemInsightsApi.md#systeminsights_list_system_chrome_extensions) | **GET** /systeminsights/{system_id}/chrome_extensions | List System Insights System Chrome Extensions +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_scheduled_tasks**](docs/SystemInsightsApi.md#systeminsights_list_scheduled_tasks) | **GET** /systeminsights/scheduled_tasks | List System Insights Scheduled Tasks +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_secureboot**](docs/SystemInsightsApi.md#systeminsights_list_secureboot) | **GET** /systeminsights/secureboot | List System Insights Secure Boot +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_services**](docs/SystemInsightsApi.md#systeminsights_list_services) | **GET** /systeminsights/services | List System Insights Services +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_shadow**](docs/SystemInsightsApi.md#systeminsights_list_shadow) | **GET** /systeminsights/shadow | LIst System Insights Shadow +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_shared_folders**](docs/SystemInsightsApi.md#systeminsights_list_shared_folders) | **GET** /systeminsights/shared_folders | List System Insights Shared Folders +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_shared_resources**](docs/SystemInsightsApi.md#systeminsights_list_shared_resources) | **GET** /systeminsights/shared_resources | List System Insights Shared Resources +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_sharing_preferences**](docs/SystemInsightsApi.md#systeminsights_list_sharing_preferences) | **GET** /systeminsights/sharing_preferences | List System Insights Sharing Preferences +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_sip_config**](docs/SystemInsightsApi.md#systeminsights_list_sip_config) | **GET** /systeminsights/sip_config | List System Insights SIP Config +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_startup_items**](docs/SystemInsightsApi.md#systeminsights_list_startup_items) | **GET** /systeminsights/startup_items | List System Insights Startup Items *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_controls**](docs/SystemInsightsApi.md#systeminsights_list_system_controls) | **GET** /systeminsights/system_controls | List System Insights System Control -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_disk_encryption**](docs/SystemInsightsApi.md#systeminsights_list_system_disk_encryption) | **GET** /systeminsights/{system_id}/disk_encryption | List System Insights System Disk Encryption -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_disk_info**](docs/SystemInsightsApi.md#systeminsights_list_system_disk_info) | **GET** /systeminsights/{system_id}/disk_info | List System Insights System Disk Info -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_etc_hosts**](docs/SystemInsightsApi.md#systeminsights_list_system_etc_hosts) | **GET** /systeminsights/{system_id}/etc_hosts | List System Insights System Etc Hosts -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_firefox_addons**](docs/SystemInsightsApi.md#systeminsights_list_system_firefox_addons) | **GET** /systeminsights/{system_id}/firefox_addons | List System Insights System Firefox Addons -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_groups**](docs/SystemInsightsApi.md#systeminsights_list_system_groups) | **GET** /systeminsights/{system_id}/groups | List System Insights System Groups *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_info**](docs/SystemInsightsApi.md#systeminsights_list_system_info) | **GET** /systeminsights/system_info | List System Insights System Info -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_interface_addresses**](docs/SystemInsightsApi.md#systeminsights_list_system_interface_addresses) | **GET** /systeminsights/{system_id}/interface_addresses | List System Insights System Interface Addresses -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_kernel_info**](docs/SystemInsightsApi.md#systeminsights_list_system_kernel_info) | **GET** /systeminsights/{system_id}/kernel_info | List System Insights System Kernel Info -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_logical_drives**](docs/SystemInsightsApi.md#systeminsights_list_system_logical_drives) | **GET** /systeminsights/{system_id}/logical_drives | List System Insights System Logical Drives -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_mounts**](docs/SystemInsightsApi.md#systeminsights_list_system_mounts) | **GET** /systeminsights/{system_id}/mounts | List System Insights System Mounts -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_os_version**](docs/SystemInsightsApi.md#systeminsights_list_system_os_version) | **GET** /systeminsights/{system_id}/os_version | List System Insights System OS Version -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_patches**](docs/SystemInsightsApi.md#systeminsights_list_system_patches) | **GET** /systeminsights/{system_id}/patches | List System Insights System Patches -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_programs**](docs/SystemInsightsApi.md#systeminsights_list_system_programs) | **GET** /systeminsights/{system_id}/programs | List System Insights System Programs -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_safari_extensions**](docs/SystemInsightsApi.md#systeminsights_list_system_safari_extensions) | **GET** /systeminsights/{system_id}/safari_extensions | List System Insights System Safari Extensions -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_system_controls**](docs/SystemInsightsApi.md#systeminsights_list_system_system_controls) | **GET** /systeminsights/{system_id}/system_controls | List System Insights System System Controls -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_system_info**](docs/SystemInsightsApi.md#systeminsights_list_system_system_info) | **GET** /systeminsights/{system_id}/system_info | List System Insights System System Info -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_uptime**](docs/SystemInsightsApi.md#systeminsights_list_system_uptime) | **GET** /systeminsights/{system_id}/uptime | List System Insights System Uptime -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_system_users**](docs/SystemInsightsApi.md#systeminsights_list_system_users) | **GET** /systeminsights/{system_id}/users | List System Insights System Users +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_tpm_info**](docs/SystemInsightsApi.md#systeminsights_list_tpm_info) | **GET** /systeminsights/tpm_info | List System Insights TPM Info *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_uptime**](docs/SystemInsightsApi.md#systeminsights_list_uptime) | **GET** /systeminsights/uptime | List System Insights Uptime *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_usb_devices**](docs/SystemInsightsApi.md#systeminsights_list_usb_devices) | **GET** /systeminsights/usb_devices | List System Insights USB Devices *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_user_groups**](docs/SystemInsightsApi.md#systeminsights_list_user_groups) | **GET** /systeminsights/user_groups | List System Insights User Groups +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_user_ssh_keys**](docs/SystemInsightsApi.md#systeminsights_list_user_ssh_keys) | **GET** /systeminsights/user_ssh_keys | List System Insights User SSH Keys +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_userassist**](docs/SystemInsightsApi.md#systeminsights_list_userassist) | **GET** /systeminsights/userassist | List System Insights User Assist *JCAPIv2::SystemInsightsApi* | [**systeminsights_list_users**](docs/SystemInsightsApi.md#systeminsights_list_users) | **GET** /systeminsights/users | List System Insights Users -*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_windows_crashes**](docs/SystemInsightsApi.md#systeminsights_list_windows_crashes) | **GET** /systeminsights/windows_crashes | List System Insights Windows Crashes +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_wifi_networks**](docs/SystemInsightsApi.md#systeminsights_list_wifi_networks) | **GET** /systeminsights/wifi_networks | List System Insights WiFi Networks +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_wifi_status**](docs/SystemInsightsApi.md#systeminsights_list_wifi_status) | **GET** /systeminsights/wifi_status | List System Insights WiFi Status +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_windows_security_center**](docs/SystemInsightsApi.md#systeminsights_list_windows_security_center) | **GET** /systeminsights/windows_security_center | List System Insights Windows Security Center +*JCAPIv2::SystemInsightsApi* | [**systeminsights_list_windows_security_products**](docs/SystemInsightsApi.md#systeminsights_list_windows_security_products) | **GET** /systeminsights/windows_security_products | List System Insights Windows Security Products *JCAPIv2::SystemsApi* | [**graph_system_associations_list**](docs/SystemsApi.md#graph_system_associations_list) | **GET** /systems/{system_id}/associations | List the associations of a System *JCAPIv2::SystemsApi* | [**graph_system_associations_post**](docs/SystemsApi.md#graph_system_associations_post) | **POST** /systems/{system_id}/associations | Manage associations of a System *JCAPIv2::SystemsApi* | [**graph_system_member_of**](docs/SystemsApi.md#graph_system_member_of) | **GET** /systems/{system_id}/memberof | List the parent Groups of a System *JCAPIv2::SystemsApi* | [**graph_system_traverse_command**](docs/SystemsApi.md#graph_system_traverse_command) | **GET** /systems/{system_id}/commands | List the Commands bound to a System *JCAPIv2::SystemsApi* | [**graph_system_traverse_policy**](docs/SystemsApi.md#graph_system_traverse_policy) | **GET** /systems/{system_id}/policies | List the Policies bound to a System +*JCAPIv2::SystemsApi* | [**graph_system_traverse_policy_group**](docs/SystemsApi.md#graph_system_traverse_policy_group) | **GET** /systems/{system_id}/policygroups | List the Policy Groups bound to a System *JCAPIv2::SystemsApi* | [**graph_system_traverse_user**](docs/SystemsApi.md#graph_system_traverse_user) | **GET** /systems/{system_id}/users | List the Users bound to a System *JCAPIv2::SystemsApi* | [**graph_system_traverse_user_group**](docs/SystemsApi.md#graph_system_traverse_user_group) | **GET** /systems/{system_id}/usergroups | List the User Groups bound to a System *JCAPIv2::SystemsApi* | [**systems_get_fde_key**](docs/SystemsApi.md#systems_get_fde_key) | **GET** /systems/{system_id}/fdekey | Get System FDE Key +*JCAPIv2::SystemsApi* | [**systems_list_software_apps_with_statuses**](docs/SystemsApi.md#systems_list_software_apps_with_statuses) | **GET** /systems/{system_id}/softwareappstatuses | List the associated Software Application Statuses of a System +*JCAPIv2::SystemsOrganizationSettingsApi* | [**systems_org_settings_get_sign_in_with_jump_cloud_settings**](docs/SystemsOrganizationSettingsApi.md#systems_org_settings_get_sign_in_with_jump_cloud_settings) | **GET** /devices/settings/signinwithjumpcloud | Get the Sign In with JumpCloud Settings +*JCAPIv2::SystemsOrganizationSettingsApi* | [**systems_org_settings_set_sign_in_with_jump_cloud_settings**](docs/SystemsOrganizationSettingsApi.md#systems_org_settings_set_sign_in_with_jump_cloud_settings) | **PUT** /devices/settings/signinwithjumpcloud | Set the Sign In with JumpCloud Settings *JCAPIv2::UserGroupAssociationsApi* | [**graph_user_group_associations_list**](docs/UserGroupAssociationsApi.md#graph_user_group_associations_list) | **GET** /usergroups/{group_id}/associations | List the associations of a User Group. *JCAPIv2::UserGroupAssociationsApi* | [**graph_user_group_associations_post**](docs/UserGroupAssociationsApi.md#graph_user_group_associations_post) | **POST** /usergroups/{group_id}/associations | Manage the associations of a User Group *JCAPIv2::UserGroupAssociationsApi* | [**graph_user_group_traverse_active_directory**](docs/UserGroupAssociationsApi.md#graph_user_group_traverse_active_directory) | **GET** /usergroups/{group_id}/activedirectories | List the Active Directories bound to a User Group @@ -358,13 +12990,11 @@ Class | Method | HTTP request | Description *JCAPIv2::UserGroupAssociationsApi* | [**graph_user_group_traverse_radius_server**](docs/UserGroupAssociationsApi.md#graph_user_group_traverse_radius_server) | **GET** /usergroups/{group_id}/radiusservers | List the RADIUS Servers bound to a User Group *JCAPIv2::UserGroupAssociationsApi* | [**graph_user_group_traverse_system**](docs/UserGroupAssociationsApi.md#graph_user_group_traverse_system) | **GET** /usergroups/{group_id}/systems | List the Systems bound to a User Group *JCAPIv2::UserGroupAssociationsApi* | [**graph_user_group_traverse_system_group**](docs/UserGroupAssociationsApi.md#graph_user_group_traverse_system_group) | **GET** /usergroups/{group_id}/systemgroups | List the System Groups bound to User Groups -*JCAPIv2::UserGroupMembersMembershipApi* | [**graph_user_group_member_of**](docs/UserGroupMembersMembershipApi.md#graph_user_group_member_of) | **GET** /usergroups/{group_id}/memberof | List the User Group's parents *JCAPIv2::UserGroupMembersMembershipApi* | [**graph_user_group_members_list**](docs/UserGroupMembersMembershipApi.md#graph_user_group_members_list) | **GET** /usergroups/{group_id}/members | List the members of a User Group *JCAPIv2::UserGroupMembersMembershipApi* | [**graph_user_group_members_post**](docs/UserGroupMembersMembershipApi.md#graph_user_group_members_post) | **POST** /usergroups/{group_id}/members | Manage the members of a User Group *JCAPIv2::UserGroupMembersMembershipApi* | [**graph_user_group_membership**](docs/UserGroupMembersMembershipApi.md#graph_user_group_membership) | **GET** /usergroups/{group_id}/membership | List the User Group's membership *JCAPIv2::UserGroupsApi* | [**graph_user_group_associations_list**](docs/UserGroupsApi.md#graph_user_group_associations_list) | **GET** /usergroups/{group_id}/associations | List the associations of a User Group. *JCAPIv2::UserGroupsApi* | [**graph_user_group_associations_post**](docs/UserGroupsApi.md#graph_user_group_associations_post) | **POST** /usergroups/{group_id}/associations | Manage the associations of a User Group -*JCAPIv2::UserGroupsApi* | [**graph_user_group_member_of**](docs/UserGroupsApi.md#graph_user_group_member_of) | **GET** /usergroups/{group_id}/memberof | List the User Group's parents *JCAPIv2::UserGroupsApi* | [**graph_user_group_members_list**](docs/UserGroupsApi.md#graph_user_group_members_list) | **GET** /usergroups/{group_id}/members | List the members of a User Group *JCAPIv2::UserGroupsApi* | [**graph_user_group_members_post**](docs/UserGroupsApi.md#graph_user_group_members_post) | **POST** /usergroups/{group_id}/members | Manage the members of a User Group *JCAPIv2::UserGroupsApi* | [**graph_user_group_membership**](docs/UserGroupsApi.md#graph_user_group_membership) | **GET** /usergroups/{group_id}/membership | List the User Group's membership @@ -380,12 +13010,14 @@ Class | Method | HTTP request | Description *JCAPIv2::UserGroupsApi* | [**groups_user_delete**](docs/UserGroupsApi.md#groups_user_delete) | **DELETE** /usergroups/{id} | Delete a User Group *JCAPIv2::UserGroupsApi* | [**groups_user_get**](docs/UserGroupsApi.md#groups_user_get) | **GET** /usergroups/{id} | View an individual User Group details *JCAPIv2::UserGroupsApi* | [**groups_user_list**](docs/UserGroupsApi.md#groups_user_list) | **GET** /usergroups | List all User Groups -*JCAPIv2::UserGroupsApi* | [**groups_user_patch**](docs/UserGroupsApi.md#groups_user_patch) | **PATCH** /usergroups/{id} | Partial update a User Group *JCAPIv2::UserGroupsApi* | [**groups_user_post**](docs/UserGroupsApi.md#groups_user_post) | **POST** /usergroups | Create a new User Group *JCAPIv2::UserGroupsApi* | [**groups_user_put**](docs/UserGroupsApi.md#groups_user_put) | **PUT** /usergroups/{id} | Update a User Group +*JCAPIv2::UserGroupsApi* | [**groups_user_suggestions_get**](docs/UserGroupsApi.md#groups_user_suggestions_get) | **GET** /usergroups/{group_id}/suggestions | List Suggestions for a User Group +*JCAPIv2::UserGroupsApi* | [**groups_user_suggestions_post**](docs/UserGroupsApi.md#groups_user_suggestions_post) | **POST** /usergroups/{group_id}/suggestions | Apply Suggestions for a User Group *JCAPIv2::UsersApi* | [**graph_user_associations_list**](docs/UsersApi.md#graph_user_associations_list) | **GET** /users/{user_id}/associations | List the associations of a User *JCAPIv2::UsersApi* | [**graph_user_associations_post**](docs/UsersApi.md#graph_user_associations_post) | **POST** /users/{user_id}/associations | Manage the associations of a User *JCAPIv2::UsersApi* | [**graph_user_member_of**](docs/UsersApi.md#graph_user_member_of) | **GET** /users/{user_id}/memberof | List the parent Groups of a User +*JCAPIv2::UsersApi* | [**graph_user_traverse_active_directory**](docs/UsersApi.md#graph_user_traverse_active_directory) | **GET** /users/{user_id}/activedirectories | List the Active Directory instances bound to a User *JCAPIv2::UsersApi* | [**graph_user_traverse_application**](docs/UsersApi.md#graph_user_traverse_application) | **GET** /users/{user_id}/applications | List the Applications bound to a User *JCAPIv2::UsersApi* | [**graph_user_traverse_directory**](docs/UsersApi.md#graph_user_traverse_directory) | **GET** /users/{user_id}/directories | List the Directories bound to a User *JCAPIv2::UsersApi* | [**graph_user_traverse_g_suite**](docs/UsersApi.md#graph_user_traverse_g_suite) | **GET** /users/{user_id}/gsuites | List the G Suite instances bound to a User @@ -394,82 +13026,314 @@ Class | Method | HTTP request | Description *JCAPIv2::UsersApi* | [**graph_user_traverse_radius_server**](docs/UsersApi.md#graph_user_traverse_radius_server) | **GET** /users/{user_id}/radiusservers | List the RADIUS Servers bound to a User *JCAPIv2::UsersApi* | [**graph_user_traverse_system**](docs/UsersApi.md#graph_user_traverse_system) | **GET** /users/{user_id}/systems | List the Systems bound to a User *JCAPIv2::UsersApi* | [**graph_user_traverse_system_group**](docs/UsersApi.md#graph_user_traverse_system_group) | **GET** /users/{user_id}/systemgroups | List the System Groups bound to a User -*JCAPIv2::UsersApi* | [**users_send_emails**](docs/UsersApi.md#users_send_emails) | **POST** /users/{user_id}/emails | Send User Emails +*JCAPIv2::UsersApi* | [**push_endpoints_delete**](docs/UsersApi.md#push_endpoints_delete) | **DELETE** /users/{user_id}/pushendpoints/{push_endpoint_id} | Delete a Push Endpoint associated with a User +*JCAPIv2::UsersApi* | [**push_endpoints_get**](docs/UsersApi.md#push_endpoints_get) | **GET** /users/{user_id}/pushendpoints/{push_endpoint_id} | Get a push endpoint associated with a User +*JCAPIv2::UsersApi* | [**push_endpoints_list**](docs/UsersApi.md#push_endpoints_list) | **GET** /users/{user_id}/pushendpoints | List Push Endpoints associated with a User +*JCAPIv2::UsersApi* | [**push_endpoints_patch**](docs/UsersApi.md#push_endpoints_patch) | **PATCH** /users/{user_id}/pushendpoints/{push_endpoint_id} | Update a push endpoint associated with a User *JCAPIv2::WorkdayImportApi* | [**workdays_authorize**](docs/WorkdayImportApi.md#workdays_authorize) | **POST** /workdays/{workday_id}/auth | Authorize Workday *JCAPIv2::WorkdayImportApi* | [**workdays_deauthorize**](docs/WorkdayImportApi.md#workdays_deauthorize) | **DELETE** /workdays/{workday_id}/auth | Deauthorize Workday -*JCAPIv2::WorkdayImportApi* | [**workdays_delete**](docs/WorkdayImportApi.md#workdays_delete) | **DELETE** /workdays/{id} | Delete Workday *JCAPIv2::WorkdayImportApi* | [**workdays_get**](docs/WorkdayImportApi.md#workdays_get) | **GET** /workdays/{id} | Get Workday *JCAPIv2::WorkdayImportApi* | [**workdays_import**](docs/WorkdayImportApi.md#workdays_import) | **POST** /workdays/{workday_id}/import | Workday Import *JCAPIv2::WorkdayImportApi* | [**workdays_importresults**](docs/WorkdayImportApi.md#workdays_importresults) | **GET** /workdays/{id}/import/{job_id}/results | List Import Results *JCAPIv2::WorkdayImportApi* | [**workdays_list**](docs/WorkdayImportApi.md#workdays_list) | **GET** /workdays | List Workdays *JCAPIv2::WorkdayImportApi* | [**workdays_post**](docs/WorkdayImportApi.md#workdays_post) | **POST** /workdays | Create new Workday *JCAPIv2::WorkdayImportApi* | [**workdays_put**](docs/WorkdayImportApi.md#workdays_put) | **PUT** /workdays/{id} | Update Workday -*JCAPIv2::WorkdayImportApi* | [**workdays_settings**](docs/WorkdayImportApi.md#workdays_settings) | **GET** /workdays/settings | Get Workday Settings (incomplete) *JCAPIv2::WorkdayImportApi* | [**workdays_workers**](docs/WorkdayImportApi.md#workdays_workers) | **GET** /workdays/{workday_id}/workers | List Workday Workers - ## Documentation for Models - - [JCAPIv2::ActiveDirectoryAgentGetOutput](docs/ActiveDirectoryAgentGetOutput.md) - - [JCAPIv2::ActiveDirectoryAgentInput](docs/ActiveDirectoryAgentInput.md) - - [JCAPIv2::ActiveDirectoryAgentListOutput](docs/ActiveDirectoryAgentListOutput.md) - - [JCAPIv2::ActiveDirectoryInput](docs/ActiveDirectoryInput.md) + - [JCAPIv2::ADE](docs/ADE.md) + - [JCAPIv2::ADES](docs/ADES.md) + - [JCAPIv2::ActiveDirectory](docs/ActiveDirectory.md) + - [JCAPIv2::ActiveDirectoryAgent](docs/ActiveDirectoryAgent.md) + - [JCAPIv2::ActiveDirectoryAgentGet](docs/ActiveDirectoryAgentGet.md) + - [JCAPIv2::ActiveDirectoryAgentList](docs/ActiveDirectoryAgentList.md) + - [JCAPIv2::Address](docs/Address.md) - [JCAPIv2::Administrator](docs/Administrator.md) + - [JCAPIv2::AdministratorOrganizationLink](docs/AdministratorOrganizationLink.md) + - [JCAPIv2::AdministratorOrganizationLinkReq](docs/AdministratorOrganizationLinkReq.md) + - [JCAPIv2::AllOfAutotaskTicketingAlertConfigurationListRecordsItems](docs/AllOfAutotaskTicketingAlertConfigurationListRecordsItems.md) + - [JCAPIv2::AllOfConnectWiseTicketingAlertConfigurationListRecordsItems](docs/AllOfConnectWiseTicketingAlertConfigurationListRecordsItems.md) + - [JCAPIv2::AllOfPwmAllUsersResultsItems](docs/AllOfPwmAllUsersResultsItems.md) + - [JCAPIv2::AllOfPwmItemsMetadataResultsItems](docs/AllOfPwmItemsMetadataResultsItems.md) + - [JCAPIv2::AllOfSyncroTicketingAlertConfigurationListRecordsItems](docs/AllOfSyncroTicketingAlertConfigurationListRecordsItems.md) + - [JCAPIv2::AnyValue](docs/AnyValue.md) - [JCAPIv2::AppleMDM](docs/AppleMDM.md) - - [JCAPIv2::AppleMdmPatchInput](docs/AppleMdmPatchInput.md) + - [JCAPIv2::AppleMdmDevice](docs/AppleMdmDevice.md) + - [JCAPIv2::AppleMdmDeviceInfo](docs/AppleMdmDeviceInfo.md) + - [JCAPIv2::AppleMdmDeviceSecurityInfo](docs/AppleMdmDeviceSecurityInfo.md) + - [JCAPIv2::AppleMdmPatch](docs/AppleMdmPatch.md) + - [JCAPIv2::AppleMdmPublicKeyCert](docs/AppleMdmPublicKeyCert.md) + - [JCAPIv2::AppleMdmSignedCsrPlist](docs/AppleMdmSignedCsrPlist.md) + - [JCAPIv2::ApplicationIdLogoBody](docs/ApplicationIdLogoBody.md) + - [JCAPIv2::Apps](docs/Apps.md) + - [JCAPIv2::AppsInner](docs/AppsInner.md) - [JCAPIv2::AuthInfo](docs/AuthInfo.md) - [JCAPIv2::AuthInput](docs/AuthInput.md) - [JCAPIv2::AuthInputObject](docs/AuthInputObject.md) - [JCAPIv2::AuthinputBasic](docs/AuthinputBasic.md) - [JCAPIv2::AuthinputOauth](docs/AuthinputOauth.md) - - [JCAPIv2::Body](docs/Body.md) - - [JCAPIv2::Body1](docs/Body1.md) - - [JCAPIv2::Body2](docs/Body2.md) - - [JCAPIv2::Body3](docs/Body3.md) + - [JCAPIv2::AuthnPolicy](docs/AuthnPolicy.md) + - [JCAPIv2::AuthnPolicyEffect](docs/AuthnPolicyEffect.md) + - [JCAPIv2::AuthnPolicyObligations](docs/AuthnPolicyObligations.md) + - [JCAPIv2::AuthnPolicyObligationsExternalIdentityProvider](docs/AuthnPolicyObligationsExternalIdentityProvider.md) + - [JCAPIv2::AuthnPolicyObligationsMfa](docs/AuthnPolicyObligationsMfa.md) + - [JCAPIv2::AuthnPolicyObligationsUserVerification](docs/AuthnPolicyObligationsUserVerification.md) + - [JCAPIv2::AuthnPolicyResourceTarget](docs/AuthnPolicyResourceTarget.md) + - [JCAPIv2::AuthnPolicyTargets](docs/AuthnPolicyTargets.md) + - [JCAPIv2::AuthnPolicyType](docs/AuthnPolicyType.md) + - [JCAPIv2::AuthnPolicyUserAttributeFilter](docs/AuthnPolicyUserAttributeFilter.md) + - [JCAPIv2::AuthnPolicyUserAttributeTarget](docs/AuthnPolicyUserAttributeTarget.md) + - [JCAPIv2::AuthnPolicyUserGroupTarget](docs/AuthnPolicyUserGroupTarget.md) + - [JCAPIv2::AuthnPolicyUserTarget](docs/AuthnPolicyUserTarget.md) + - [JCAPIv2::AutotaskCompany](docs/AutotaskCompany.md) + - [JCAPIv2::AutotaskCompanyResp](docs/AutotaskCompanyResp.md) + - [JCAPIv2::AutotaskCompanyTypeResp](docs/AutotaskCompanyTypeResp.md) + - [JCAPIv2::AutotaskContract](docs/AutotaskContract.md) + - [JCAPIv2::AutotaskContractField](docs/AutotaskContractField.md) + - [JCAPIv2::AutotaskContractFieldValues](docs/AutotaskContractFieldValues.md) + - [JCAPIv2::AutotaskIntegration](docs/AutotaskIntegration.md) + - [JCAPIv2::AutotaskIntegrationPatchReq](docs/AutotaskIntegrationPatchReq.md) + - [JCAPIv2::AutotaskIntegrationReq](docs/AutotaskIntegrationReq.md) + - [JCAPIv2::AutotaskMappingRequest](docs/AutotaskMappingRequest.md) + - [JCAPIv2::AutotaskMappingRequestCompany](docs/AutotaskMappingRequestCompany.md) + - [JCAPIv2::AutotaskMappingRequestContract](docs/AutotaskMappingRequestContract.md) + - [JCAPIv2::AutotaskMappingRequestData](docs/AutotaskMappingRequestData.md) + - [JCAPIv2::AutotaskMappingRequestOrganization](docs/AutotaskMappingRequestOrganization.md) + - [JCAPIv2::AutotaskMappingRequestService](docs/AutotaskMappingRequestService.md) + - [JCAPIv2::AutotaskMappingResponse](docs/AutotaskMappingResponse.md) + - [JCAPIv2::AutotaskMappingResponseCompany](docs/AutotaskMappingResponseCompany.md) + - [JCAPIv2::AutotaskMappingResponseContract](docs/AutotaskMappingResponseContract.md) + - [JCAPIv2::AutotaskMappingResponseOrganization](docs/AutotaskMappingResponseOrganization.md) + - [JCAPIv2::AutotaskMappingResponseService](docs/AutotaskMappingResponseService.md) + - [JCAPIv2::AutotaskService](docs/AutotaskService.md) + - [JCAPIv2::AutotaskSettings](docs/AutotaskSettings.md) + - [JCAPIv2::AutotaskSettingsPatchReq](docs/AutotaskSettingsPatchReq.md) + - [JCAPIv2::AutotaskTicketingAlertConfiguration](docs/AutotaskTicketingAlertConfiguration.md) + - [JCAPIv2::AutotaskTicketingAlertConfigurationList](docs/AutotaskTicketingAlertConfigurationList.md) + - [JCAPIv2::AutotaskTicketingAlertConfigurationOption](docs/AutotaskTicketingAlertConfigurationOption.md) + - [JCAPIv2::AutotaskTicketingAlertConfigurationOptionValues](docs/AutotaskTicketingAlertConfigurationOptionValues.md) + - [JCAPIv2::AutotaskTicketingAlertConfigurationOptions](docs/AutotaskTicketingAlertConfigurationOptions.md) + - [JCAPIv2::AutotaskTicketingAlertConfigurationPriority](docs/AutotaskTicketingAlertConfigurationPriority.md) + - [JCAPIv2::AutotaskTicketingAlertConfigurationRequest](docs/AutotaskTicketingAlertConfigurationRequest.md) + - [JCAPIv2::AutotaskTicketingAlertConfigurationResource](docs/AutotaskTicketingAlertConfigurationResource.md) + - [JCAPIv2::BillingIntegrationCompanyType](docs/BillingIntegrationCompanyType.md) + - [JCAPIv2::BulkScheduledStatechangeCreate](docs/BulkScheduledStatechangeCreate.md) - [JCAPIv2::BulkUserCreate](docs/BulkUserCreate.md) + - [JCAPIv2::BulkUserExpire](docs/BulkUserExpire.md) + - [JCAPIv2::BulkUserUnlock](docs/BulkUserUnlock.md) - [JCAPIv2::BulkUserUpdate](docs/BulkUserUpdate.md) + - [JCAPIv2::CasesResponse](docs/CasesResponse.md) + - [JCAPIv2::CommandResultList](docs/CommandResultList.md) + - [JCAPIv2::CommandResultListResults](docs/CommandResultListResults.md) + - [JCAPIv2::CommandsGraphObjectWithPaths](docs/CommandsGraphObjectWithPaths.md) + - [JCAPIv2::ConfiguredPolicyTemplate](docs/ConfiguredPolicyTemplate.md) + - [JCAPIv2::ConfiguredPolicyTemplateValue](docs/ConfiguredPolicyTemplateValue.md) + - [JCAPIv2::ConnectWiseMappingRequest](docs/ConnectWiseMappingRequest.md) + - [JCAPIv2::ConnectWiseMappingRequestCompany](docs/ConnectWiseMappingRequestCompany.md) + - [JCAPIv2::ConnectWiseMappingRequestData](docs/ConnectWiseMappingRequestData.md) + - [JCAPIv2::ConnectWiseMappingRequestOrganization](docs/ConnectWiseMappingRequestOrganization.md) + - [JCAPIv2::ConnectWiseMappingResponse](docs/ConnectWiseMappingResponse.md) + - [JCAPIv2::ConnectWiseMappingResponseAddition](docs/ConnectWiseMappingResponseAddition.md) + - [JCAPIv2::ConnectWiseSettings](docs/ConnectWiseSettings.md) + - [JCAPIv2::ConnectWiseSettingsPatchReq](docs/ConnectWiseSettingsPatchReq.md) + - [JCAPIv2::ConnectWiseTicketingAlertConfiguration](docs/ConnectWiseTicketingAlertConfiguration.md) + - [JCAPIv2::ConnectWiseTicketingAlertConfigurationList](docs/ConnectWiseTicketingAlertConfigurationList.md) + - [JCAPIv2::ConnectWiseTicketingAlertConfigurationOption](docs/ConnectWiseTicketingAlertConfigurationOption.md) + - [JCAPIv2::ConnectWiseTicketingAlertConfigurationOptions](docs/ConnectWiseTicketingAlertConfigurationOptions.md) + - [JCAPIv2::ConnectWiseTicketingAlertConfigurationRequest](docs/ConnectWiseTicketingAlertConfigurationRequest.md) + - [JCAPIv2::ConnectwiseAddition](docs/ConnectwiseAddition.md) + - [JCAPIv2::ConnectwiseAgreement](docs/ConnectwiseAgreement.md) + - [JCAPIv2::ConnectwiseCompany](docs/ConnectwiseCompany.md) + - [JCAPIv2::ConnectwiseCompanyResp](docs/ConnectwiseCompanyResp.md) + - [JCAPIv2::ConnectwiseCompanyTypeResp](docs/ConnectwiseCompanyTypeResp.md) + - [JCAPIv2::ConnectwiseIntegration](docs/ConnectwiseIntegration.md) + - [JCAPIv2::ConnectwiseIntegrationPatchReq](docs/ConnectwiseIntegrationPatchReq.md) + - [JCAPIv2::ConnectwiseIntegrationReq](docs/ConnectwiseIntegrationReq.md) + - [JCAPIv2::CreateOrganization](docs/CreateOrganization.md) + - [JCAPIv2::CustomEmail](docs/CustomEmail.md) + - [JCAPIv2::CustomEmailTemplate](docs/CustomEmailTemplate.md) + - [JCAPIv2::CustomEmailTemplateField](docs/CustomEmailTemplateField.md) + - [JCAPIv2::CustomEmailType](docs/CustomEmailType.md) + - [JCAPIv2::DEP](docs/DEP.md) + - [JCAPIv2::DEPSetupAssistantOption](docs/DEPSetupAssistantOption.md) + - [JCAPIv2::DEPWelcomeScreen](docs/DEPWelcomeScreen.md) + - [JCAPIv2::DefaultDomain](docs/DefaultDomain.md) + - [JCAPIv2::DeviceIdEraseBody](docs/DeviceIdEraseBody.md) + - [JCAPIv2::DeviceIdLockBody](docs/DeviceIdLockBody.md) + - [JCAPIv2::DeviceIdResetpasswordBody](docs/DeviceIdResetpasswordBody.md) + - [JCAPIv2::DeviceIdRestartBody](docs/DeviceIdRestartBody.md) + - [JCAPIv2::DevicePackageV1Device](docs/DevicePackageV1Device.md) + - [JCAPIv2::DevicePackageV1ListDevicesResponse](docs/DevicePackageV1ListDevicesResponse.md) + - [JCAPIv2::DevicesGetSignInWithJumpCloudSettingsResponse](docs/DevicesGetSignInWithJumpCloudSettingsResponse.md) + - [JCAPIv2::DevicesSetSignInWithJumpCloudSettingsRequest](docs/DevicesSetSignInWithJumpCloudSettingsRequest.md) + - [JCAPIv2::DevicesSignInWithJumpCloudSetting](docs/DevicesSignInWithJumpCloudSetting.md) + - [JCAPIv2::DevicesSignInWithJumpCloudSettingOSFamily](docs/DevicesSignInWithJumpCloudSettingOSFamily.md) + - [JCAPIv2::DevicesSignInWithJumpCloudSettingPermission](docs/DevicesSignInWithJumpCloudSettingPermission.md) - [JCAPIv2::Directory](docs/Directory.md) + - [JCAPIv2::DirectoryDefaultDomain](docs/DirectoryDefaultDomain.md) - [JCAPIv2::DuoAccount](docs/DuoAccount.md) - [JCAPIv2::DuoApplication](docs/DuoApplication.md) - [JCAPIv2::DuoApplicationReq](docs/DuoApplicationReq.md) - [JCAPIv2::DuoApplicationUpdateReq](docs/DuoApplicationUpdateReq.md) - - [JCAPIv2::DuoRegistrationApplication](docs/DuoRegistrationApplication.md) - - [JCAPIv2::DuoRegistrationApplicationReq](docs/DuoRegistrationApplicationReq.md) - - [JCAPIv2::Emailrequest](docs/Emailrequest.md) - - [JCAPIv2::EnrollmentProfile](docs/EnrollmentProfile.md) + - [JCAPIv2::EnterprisesEnterpriseIdBody](docs/EnterprisesEnterpriseIdBody.md) - [JCAPIv2::Error](docs/Error.md) - - [JCAPIv2::Errorresponse](docs/Errorresponse.md) + - [JCAPIv2::ErrorDetails](docs/ErrorDetails.md) + - [JCAPIv2::Feature](docs/Feature.md) + - [JCAPIv2::FeatureTrialData](docs/FeatureTrialData.md) + - [JCAPIv2::Filter](docs/Filter.md) + - [JCAPIv2::FilterQuery](docs/FilterQuery.md) - [JCAPIv2::GSuiteBuiltinTranslation](docs/GSuiteBuiltinTranslation.md) + - [JCAPIv2::GSuiteDirectionTranslation](docs/GSuiteDirectionTranslation.md) - [JCAPIv2::GSuiteTranslationRule](docs/GSuiteTranslationRule.md) - [JCAPIv2::GSuiteTranslationRuleRequest](docs/GSuiteTranslationRuleRequest.md) + - [JCAPIv2::GoogleProtobufAny](docs/GoogleProtobufAny.md) + - [JCAPIv2::GoogleRpcStatus](docs/GoogleRpcStatus.md) + - [JCAPIv2::GraphAttributeLdapGroups](docs/GraphAttributeLdapGroups.md) + - [JCAPIv2::GraphAttributePosixGroups](docs/GraphAttributePosixGroups.md) + - [JCAPIv2::GraphAttributePosixGroupsPosixGroups](docs/GraphAttributePosixGroupsPosixGroups.md) + - [JCAPIv2::GraphAttributeRadius](docs/GraphAttributeRadius.md) + - [JCAPIv2::GraphAttributeRadiusRadius](docs/GraphAttributeRadiusRadius.md) + - [JCAPIv2::GraphAttributeRadiusRadiusReply](docs/GraphAttributeRadiusRadiusReply.md) + - [JCAPIv2::GraphAttributeSambaEnabled](docs/GraphAttributeSambaEnabled.md) + - [JCAPIv2::GraphAttributeSudo](docs/GraphAttributeSudo.md) + - [JCAPIv2::GraphAttributeSudoSudo](docs/GraphAttributeSudoSudo.md) + - [JCAPIv2::GraphAttributes](docs/GraphAttributes.md) - [JCAPIv2::GraphConnection](docs/GraphConnection.md) - - [JCAPIv2::GraphManagementReq](docs/GraphManagementReq.md) - [JCAPIv2::GraphObject](docs/GraphObject.md) - [JCAPIv2::GraphObjectWithPaths](docs/GraphObjectWithPaths.md) + - [JCAPIv2::GraphOperation](docs/GraphOperation.md) + - [JCAPIv2::GraphOperationActiveDirectory](docs/GraphOperationActiveDirectory.md) + - [JCAPIv2::GraphOperationApplication](docs/GraphOperationApplication.md) + - [JCAPIv2::GraphOperationCommand](docs/GraphOperationCommand.md) + - [JCAPIv2::GraphOperationGSuite](docs/GraphOperationGSuite.md) + - [JCAPIv2::GraphOperationLdapServer](docs/GraphOperationLdapServer.md) + - [JCAPIv2::GraphOperationOffice365](docs/GraphOperationOffice365.md) + - [JCAPIv2::GraphOperationPolicy](docs/GraphOperationPolicy.md) + - [JCAPIv2::GraphOperationPolicyGroup](docs/GraphOperationPolicyGroup.md) + - [JCAPIv2::GraphOperationPolicyGroupMember](docs/GraphOperationPolicyGroupMember.md) + - [JCAPIv2::GraphOperationRadiusServer](docs/GraphOperationRadiusServer.md) + - [JCAPIv2::GraphOperationSoftwareApp](docs/GraphOperationSoftwareApp.md) + - [JCAPIv2::GraphOperationSystem](docs/GraphOperationSystem.md) + - [JCAPIv2::GraphOperationSystemGroup](docs/GraphOperationSystemGroup.md) + - [JCAPIv2::GraphOperationSystemGroupMember](docs/GraphOperationSystemGroupMember.md) + - [JCAPIv2::GraphOperationUser](docs/GraphOperationUser.md) + - [JCAPIv2::GraphOperationUserGroup](docs/GraphOperationUserGroup.md) + - [JCAPIv2::GraphOperationUserGroupMember](docs/GraphOperationUserGroupMember.md) - [JCAPIv2::GraphType](docs/GraphType.md) - [JCAPIv2::Group](docs/Group.md) + - [JCAPIv2::GroupAttributesUserGroup](docs/GroupAttributesUserGroup.md) + - [JCAPIv2::GroupIdSuggestionsBody](docs/GroupIdSuggestionsBody.md) + - [JCAPIv2::GroupIdSuggestionsBody1](docs/GroupIdSuggestionsBody1.md) + - [JCAPIv2::GroupMembershipMethodType](docs/GroupMembershipMethodType.md) + - [JCAPIv2::GroupPwm](docs/GroupPwm.md) - [JCAPIv2::GroupType](docs/GroupType.md) - - [JCAPIv2::GsuiteOutput](docs/GsuiteOutput.md) - - [JCAPIv2::GsuitePatchInput](docs/GsuitePatchInput.md) + - [JCAPIv2::Groups](docs/Groups.md) + - [JCAPIv2::GroupsInner](docs/GroupsInner.md) + - [JCAPIv2::Gsuite](docs/Gsuite.md) + - [JCAPIv2::IPList](docs/IPList.md) + - [JCAPIv2::IPListRequest](docs/IPListRequest.md) + - [JCAPIv2::ImportOperation](docs/ImportOperation.md) + - [JCAPIv2::ImportUser](docs/ImportUser.md) + - [JCAPIv2::ImportUserAddress](docs/ImportUserAddress.md) + - [JCAPIv2::ImportUserPhoneNumber](docs/ImportUserPhoneNumber.md) + - [JCAPIv2::ImportUsersRequest](docs/ImportUsersRequest.md) + - [JCAPIv2::ImportUsersResponse](docs/ImportUsersResponse.md) - [JCAPIv2::InlineResponse200](docs/InlineResponse200.md) - [JCAPIv2::InlineResponse2001](docs/InlineResponse2001.md) + - [JCAPIv2::InlineResponse20010](docs/InlineResponse20010.md) + - [JCAPIv2::InlineResponse20011](docs/InlineResponse20011.md) + - [JCAPIv2::InlineResponse20012](docs/InlineResponse20012.md) + - [JCAPIv2::InlineResponse20012Users](docs/InlineResponse20012Users.md) + - [JCAPIv2::InlineResponse20013](docs/InlineResponse20013.md) + - [JCAPIv2::InlineResponse20014](docs/InlineResponse20014.md) + - [JCAPIv2::InlineResponse20015](docs/InlineResponse20015.md) + - [JCAPIv2::InlineResponse2002](docs/InlineResponse2002.md) + - [JCAPIv2::InlineResponse2002Users](docs/InlineResponse2002Users.md) + - [JCAPIv2::InlineResponse2003](docs/InlineResponse2003.md) + - [JCAPIv2::InlineResponse2004](docs/InlineResponse2004.md) + - [JCAPIv2::InlineResponse2005](docs/InlineResponse2005.md) + - [JCAPIv2::InlineResponse2006](docs/InlineResponse2006.md) + - [JCAPIv2::InlineResponse2007](docs/InlineResponse2007.md) + - [JCAPIv2::InlineResponse2008](docs/InlineResponse2008.md) + - [JCAPIv2::InlineResponse2009](docs/InlineResponse2009.md) - [JCAPIv2::InlineResponse201](docs/InlineResponse201.md) - [JCAPIv2::InlineResponse400](docs/InlineResponse400.md) - - [JCAPIv2::JcEnrollmentProfile](docs/JcEnrollmentProfile.md) - - [JCAPIv2::JobDetails](docs/JobDetails.md) + - [JCAPIv2::InstallActionType](docs/InstallActionType.md) + - [JCAPIv2::Integration](docs/Integration.md) + - [JCAPIv2::IntegrationSyncError](docs/IntegrationSyncError.md) + - [JCAPIv2::IntegrationSyncErrorResp](docs/IntegrationSyncErrorResp.md) + - [JCAPIv2::IntegrationType](docs/IntegrationType.md) + - [JCAPIv2::IntegrationsResponse](docs/IntegrationsResponse.md) - [JCAPIv2::JobId](docs/JobId.md) - [JCAPIv2::JobWorkresult](docs/JobWorkresult.md) + - [JCAPIv2::JumpcloudGappsDomain](docs/JumpcloudGappsDomain.md) + - [JCAPIv2::JumpcloudGappsDomainListResponse](docs/JumpcloudGappsDomainListResponse.md) + - [JCAPIv2::JumpcloudGappsDomainResponse](docs/JumpcloudGappsDomainResponse.md) + - [JCAPIv2::JumpcloudGoogleEmmAllowPersonalUsage](docs/JumpcloudGoogleEmmAllowPersonalUsage.md) + - [JCAPIv2::JumpcloudGoogleEmmCommandResponse](docs/JumpcloudGoogleEmmCommandResponse.md) + - [JCAPIv2::JumpcloudGoogleEmmCommonCriteriaModeInfo](docs/JumpcloudGoogleEmmCommonCriteriaModeInfo.md) + - [JCAPIv2::JumpcloudGoogleEmmConnectionStatus](docs/JumpcloudGoogleEmmConnectionStatus.md) + - [JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenRequest](docs/JumpcloudGoogleEmmCreateEnrollmentTokenRequest.md) + - [JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenResponse](docs/JumpcloudGoogleEmmCreateEnrollmentTokenResponse.md) + - [JCAPIv2::JumpcloudGoogleEmmCreateEnterpriseRequest](docs/JumpcloudGoogleEmmCreateEnterpriseRequest.md) + - [JCAPIv2::JumpcloudGoogleEmmCreateWebTokenRequest](docs/JumpcloudGoogleEmmCreateWebTokenRequest.md) + - [JCAPIv2::JumpcloudGoogleEmmDevice](docs/JumpcloudGoogleEmmDevice.md) + - [JCAPIv2::JumpcloudGoogleEmmDeviceAndroidPolicy](docs/JumpcloudGoogleEmmDeviceAndroidPolicy.md) + - [JCAPIv2::JumpcloudGoogleEmmDeviceData](docs/JumpcloudGoogleEmmDeviceData.md) + - [JCAPIv2::JumpcloudGoogleEmmDeviceInformation](docs/JumpcloudGoogleEmmDeviceInformation.md) + - [JCAPIv2::JumpcloudGoogleEmmDeviceSettings](docs/JumpcloudGoogleEmmDeviceSettings.md) + - [JCAPIv2::JumpcloudGoogleEmmDeviceStateInfo](docs/JumpcloudGoogleEmmDeviceStateInfo.md) + - [JCAPIv2::JumpcloudGoogleEmmEMMEnrollmentInfo](docs/JumpcloudGoogleEmmEMMEnrollmentInfo.md) + - [JCAPIv2::JumpcloudGoogleEmmEnterprise](docs/JumpcloudGoogleEmmEnterprise.md) + - [JCAPIv2::JumpcloudGoogleEmmFeature](docs/JumpcloudGoogleEmmFeature.md) + - [JCAPIv2::JumpcloudGoogleEmmHardwareInfo](docs/JumpcloudGoogleEmmHardwareInfo.md) + - [JCAPIv2::JumpcloudGoogleEmmListDevicesResponse](docs/JumpcloudGoogleEmmListDevicesResponse.md) + - [JCAPIv2::JumpcloudGoogleEmmListEnterprisesResponse](docs/JumpcloudGoogleEmmListEnterprisesResponse.md) + - [JCAPIv2::JumpcloudGoogleEmmMemoryInfo](docs/JumpcloudGoogleEmmMemoryInfo.md) + - [JCAPIv2::JumpcloudGoogleEmmNetworkInfo](docs/JumpcloudGoogleEmmNetworkInfo.md) + - [JCAPIv2::JumpcloudGoogleEmmSecurityPosture](docs/JumpcloudGoogleEmmSecurityPosture.md) + - [JCAPIv2::JumpcloudGoogleEmmSignupURL](docs/JumpcloudGoogleEmmSignupURL.md) + - [JCAPIv2::JumpcloudGoogleEmmSoftwareInfo](docs/JumpcloudGoogleEmmSoftwareInfo.md) + - [JCAPIv2::JumpcloudGoogleEmmSystemUpdateInfo](docs/JumpcloudGoogleEmmSystemUpdateInfo.md) + - [JCAPIv2::JumpcloudGoogleEmmTelephonyInfo](docs/JumpcloudGoogleEmmTelephonyInfo.md) + - [JCAPIv2::JumpcloudGoogleEmmWebToken](docs/JumpcloudGoogleEmmWebToken.md) + - [JCAPIv2::JumpcloudMspGetDetailsResponse](docs/JumpcloudMspGetDetailsResponse.md) + - [JCAPIv2::JumpcloudMspProduct](docs/JumpcloudMspProduct.md) + - [JCAPIv2::JumpcloudPackageValidatorApplePackageDetails](docs/JumpcloudPackageValidatorApplePackageDetails.md) + - [JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageRequest](docs/JumpcloudPackageValidatorValidateApplicationInstallPackageRequest.md) + - [JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageResponse](docs/JumpcloudPackageValidatorValidateApplicationInstallPackageResponse.md) + - [JCAPIv2::LdapGroup](docs/LdapGroup.md) + - [JCAPIv2::LdapServer](docs/LdapServer.md) - [JCAPIv2::LdapServerAction](docs/LdapServerAction.md) - - [JCAPIv2::LdapServerInput](docs/LdapServerInput.md) - - [JCAPIv2::Mfa](docs/Mfa.md) + - [JCAPIv2::LdapserversIdBody](docs/LdapserversIdBody.md) + - [JCAPIv2::MemberSuggestion](docs/MemberSuggestion.md) + - [JCAPIv2::MemberSuggestionsPostResult](docs/MemberSuggestionsPostResult.md) - [JCAPIv2::Mobileconfig](docs/Mobileconfig.md) - - [JCAPIv2::OauthCodeInput](docs/OauthCodeInput.md) + - [JCAPIv2::ModelCase](docs/ModelCase.md) + - [JCAPIv2::O365Domain](docs/O365Domain.md) + - [JCAPIv2::O365DomainResponse](docs/O365DomainResponse.md) + - [JCAPIv2::O365DomainsListResponse](docs/O365DomainsListResponse.md) + - [JCAPIv2::OSRestriction](docs/OSRestriction.md) + - [JCAPIv2::OSRestrictionAppleRestrictions](docs/OSRestrictionAppleRestrictions.md) + - [JCAPIv2::ObjectStorageItem](docs/ObjectStorageItem.md) + - [JCAPIv2::ObjectStorageVersion](docs/ObjectStorageVersion.md) + - [JCAPIv2::Office365](docs/Office365.md) - [JCAPIv2::Office365BuiltinTranslation](docs/Office365BuiltinTranslation.md) + - [JCAPIv2::Office365DirectionTranslation](docs/Office365DirectionTranslation.md) + - [JCAPIv2::Office365IdDomainsBody](docs/Office365IdDomainsBody.md) - [JCAPIv2::Office365TranslationRule](docs/Office365TranslationRule.md) - [JCAPIv2::Office365TranslationRuleRequest](docs/Office365TranslationRuleRequest.md) - - [JCAPIv2::OrgCryptoSettings](docs/OrgCryptoSettings.md) - - [JCAPIv2::OrgcryptosettingsSshKeys](docs/OrgcryptosettingsSshKeys.md) + - [JCAPIv2::Organization](docs/Organization.md) + - [JCAPIv2::PasswordsSecurity](docs/PasswordsSecurity.md) + - [JCAPIv2::PhoneNumber](docs/PhoneNumber.md) - [JCAPIv2::Policy](docs/Policy.md) + - [JCAPIv2::PolicyGroup](docs/PolicyGroup.md) + - [JCAPIv2::PolicyGroupData](docs/PolicyGroupData.md) + - [JCAPIv2::PolicyGroupTemplate](docs/PolicyGroupTemplate.md) + - [JCAPIv2::PolicyGroupTemplateMember](docs/PolicyGroupTemplateMember.md) + - [JCAPIv2::PolicyGroupTemplateMembers](docs/PolicyGroupTemplateMembers.md) + - [JCAPIv2::PolicyGroupTemplates](docs/PolicyGroupTemplates.md) - [JCAPIv2::PolicyRequest](docs/PolicyRequest.md) - [JCAPIv2::PolicyRequestTemplate](docs/PolicyRequestTemplate.md) - [JCAPIv2::PolicyResult](docs/PolicyResult.md) @@ -482,70 +13346,151 @@ Class | Method | HTTP request | Description - [JCAPIv2::PolicyWithDetails](docs/PolicyWithDetails.md) - [JCAPIv2::Provider](docs/Provider.md) - [JCAPIv2::ProviderAdminReq](docs/ProviderAdminReq.md) - - [JCAPIv2::ProviderContact](docs/ProviderContact.md) - - [JCAPIv2::SalesforceKnowledgeListOutput](docs/SalesforceKnowledgeListOutput.md) - - [JCAPIv2::SalesforceknowledgelistoutputInner](docs/SalesforceknowledgelistoutputInner.md) - - [JCAPIv2::SambaDomainInput](docs/SambaDomainInput.md) - - [JCAPIv2::Sshkeylist](docs/Sshkeylist.md) - - [JCAPIv2::SystemGraphManagementReq](docs/SystemGraphManagementReq.md) - - [JCAPIv2::SystemGraphManagementReqAttributes](docs/SystemGraphManagementReqAttributes.md) - - [JCAPIv2::SystemGraphManagementReqAttributesSudo](docs/SystemGraphManagementReqAttributesSudo.md) + - [JCAPIv2::ProviderInvoice](docs/ProviderInvoice.md) + - [JCAPIv2::ProviderInvoiceResponse](docs/ProviderInvoiceResponse.md) + - [JCAPIv2::PushEndpointResponse](docs/PushEndpointResponse.md) + - [JCAPIv2::PushEndpointResponseDevice](docs/PushEndpointResponseDevice.md) + - [JCAPIv2::PushendpointsPushEndpointIdBody](docs/PushendpointsPushEndpointIdBody.md) + - [JCAPIv2::PwmAllUsers](docs/PwmAllUsers.md) + - [JCAPIv2::PwmCloudBackupRestores](docs/PwmCloudBackupRestores.md) + - [JCAPIv2::PwmItemHistory](docs/PwmItemHistory.md) + - [JCAPIv2::PwmItemsCountByType](docs/PwmItemsCountByType.md) + - [JCAPIv2::PwmItemsMetadata](docs/PwmItemsMetadata.md) + - [JCAPIv2::PwmOverviewAppVersions](docs/PwmOverviewAppVersions.md) + - [JCAPIv2::PwmOverviewAppVersionsResults](docs/PwmOverviewAppVersionsResults.md) + - [JCAPIv2::PwmOverviewMain](docs/PwmOverviewMain.md) + - [JCAPIv2::PwmOverviewMainDevices](docs/PwmOverviewMainDevices.md) + - [JCAPIv2::PwmUser](docs/PwmUser.md) + - [JCAPIv2::PwmUserById](docs/PwmUserById.md) + - [JCAPIv2::PwmUserItem](docs/PwmUserItem.md) + - [JCAPIv2::PwmUserItems](docs/PwmUserItems.md) + - [JCAPIv2::PwmUserSharedFolders](docs/PwmUserSharedFolders.md) + - [JCAPIv2::PwmUserSharedFoldersResults](docs/PwmUserSharedFoldersResults.md) + - [JCAPIv2::Query](docs/Query.md) + - [JCAPIv2::QueuedCommandList](docs/QueuedCommandList.md) + - [JCAPIv2::QueuedCommandListResults](docs/QueuedCommandListResults.md) + - [JCAPIv2::SambaDomain](docs/SambaDomain.md) + - [JCAPIv2::ScheduleOSUpdate](docs/ScheduleOSUpdate.md) + - [JCAPIv2::ScheduledUserstateResult](docs/ScheduledUserstateResult.md) + - [JCAPIv2::SetupAssistantOption](docs/SetupAssistantOption.md) + - [JCAPIv2::SharedFolder](docs/SharedFolder.md) + - [JCAPIv2::SharedFolderAccessLevels](docs/SharedFolderAccessLevels.md) + - [JCAPIv2::SharedFolderAccessLevelsResults](docs/SharedFolderAccessLevelsResults.md) + - [JCAPIv2::SharedFolderDetails](docs/SharedFolderDetails.md) + - [JCAPIv2::SharedFolderGroups](docs/SharedFolderGroups.md) + - [JCAPIv2::SharedFolderUsers](docs/SharedFolderUsers.md) + - [JCAPIv2::SharedFolderUsersResults](docs/SharedFolderUsersResults.md) + - [JCAPIv2::SharedFoldersList](docs/SharedFoldersList.md) + - [JCAPIv2::SoftwareApp](docs/SoftwareApp.md) + - [JCAPIv2::SoftwareAppAppleVpp](docs/SoftwareAppAppleVpp.md) + - [JCAPIv2::SoftwareAppCreate](docs/SoftwareAppCreate.md) + - [JCAPIv2::SoftwareAppGoogleAndroid](docs/SoftwareAppGoogleAndroid.md) + - [JCAPIv2::SoftwareAppPermissionGrants](docs/SoftwareAppPermissionGrants.md) + - [JCAPIv2::SoftwareAppReclaimLicenses](docs/SoftwareAppReclaimLicenses.md) + - [JCAPIv2::SoftwareAppSettings](docs/SoftwareAppSettings.md) + - [JCAPIv2::SoftwareAppStatus](docs/SoftwareAppStatus.md) + - [JCAPIv2::SoftwareAppWithStatus](docs/SoftwareAppWithStatus.md) + - [JCAPIv2::SoftwareAppsRetryInstallationRequest](docs/SoftwareAppsRetryInstallationRequest.md) + - [JCAPIv2::Subscription](docs/Subscription.md) + - [JCAPIv2::SuggestionCounts](docs/SuggestionCounts.md) + - [JCAPIv2::SyncroBillingMappingConfigurationOption](docs/SyncroBillingMappingConfigurationOption.md) + - [JCAPIv2::SyncroBillingMappingConfigurationOptionValue](docs/SyncroBillingMappingConfigurationOptionValue.md) + - [JCAPIv2::SyncroBillingMappingConfigurationOptionValueLine](docs/SyncroBillingMappingConfigurationOptionValueLine.md) + - [JCAPIv2::SyncroBillingMappingConfigurationOptionsResp](docs/SyncroBillingMappingConfigurationOptionsResp.md) + - [JCAPIv2::SyncroCompany](docs/SyncroCompany.md) + - [JCAPIv2::SyncroCompanyResp](docs/SyncroCompanyResp.md) + - [JCAPIv2::SyncroIntegration](docs/SyncroIntegration.md) + - [JCAPIv2::SyncroIntegrationPatchReq](docs/SyncroIntegrationPatchReq.md) + - [JCAPIv2::SyncroIntegrationReq](docs/SyncroIntegrationReq.md) + - [JCAPIv2::SyncroMappingRequest](docs/SyncroMappingRequest.md) + - [JCAPIv2::SyncroMappingRequestBillingConfigurations](docs/SyncroMappingRequestBillingConfigurations.md) + - [JCAPIv2::SyncroMappingRequestBillingConfigurationsFields](docs/SyncroMappingRequestBillingConfigurationsFields.md) + - [JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemId](docs/SyncroMappingRequestBillingConfigurationsFieldsLineItemId.md) + - [JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemName](docs/SyncroMappingRequestBillingConfigurationsFieldsLineItemName.md) + - [JCAPIv2::SyncroMappingRequestData](docs/SyncroMappingRequestData.md) + - [JCAPIv2::SyncroMappingResponse](docs/SyncroMappingResponse.md) + - [JCAPIv2::SyncroSettings](docs/SyncroSettings.md) + - [JCAPIv2::SyncroSettingsPatchReq](docs/SyncroSettingsPatchReq.md) + - [JCAPIv2::SyncroTicketingAlertConfiguration](docs/SyncroTicketingAlertConfiguration.md) + - [JCAPIv2::SyncroTicketingAlertConfigurationList](docs/SyncroTicketingAlertConfigurationList.md) + - [JCAPIv2::SyncroTicketingAlertConfigurationOption](docs/SyncroTicketingAlertConfigurationOption.md) + - [JCAPIv2::SyncroTicketingAlertConfigurationOptions](docs/SyncroTicketingAlertConfigurationOptions.md) + - [JCAPIv2::SyncroTicketingAlertConfigurationRequest](docs/SyncroTicketingAlertConfigurationRequest.md) - [JCAPIv2::SystemGroup](docs/SystemGroup.md) - - [JCAPIv2::SystemGroupData](docs/SystemGroupData.md) - - [JCAPIv2::SystemGroupGraphManagementReq](docs/SystemGroupGraphManagementReq.md) - - [JCAPIv2::SystemGroupMembersReq](docs/SystemGroupMembersReq.md) + - [JCAPIv2::SystemGroupPost](docs/SystemGroupPost.md) + - [JCAPIv2::SystemGroupPut](docs/SystemGroupPut.md) + - [JCAPIv2::SystemInsightsAlf](docs/SystemInsightsAlf.md) + - [JCAPIv2::SystemInsightsAlfExceptions](docs/SystemInsightsAlfExceptions.md) + - [JCAPIv2::SystemInsightsAlfExplicitAuths](docs/SystemInsightsAlfExplicitAuths.md) + - [JCAPIv2::SystemInsightsAppcompatShims](docs/SystemInsightsAppcompatShims.md) - [JCAPIv2::SystemInsightsApps](docs/SystemInsightsApps.md) + - [JCAPIv2::SystemInsightsAuthorizedKeys](docs/SystemInsightsAuthorizedKeys.md) + - [JCAPIv2::SystemInsightsAzureInstanceMetadata](docs/SystemInsightsAzureInstanceMetadata.md) + - [JCAPIv2::SystemInsightsAzureInstanceTags](docs/SystemInsightsAzureInstanceTags.md) - [JCAPIv2::SystemInsightsBattery](docs/SystemInsightsBattery.md) - [JCAPIv2::SystemInsightsBitlockerInfo](docs/SystemInsightsBitlockerInfo.md) - [JCAPIv2::SystemInsightsBrowserPlugins](docs/SystemInsightsBrowserPlugins.md) + - [JCAPIv2::SystemInsightsCertificates](docs/SystemInsightsCertificates.md) + - [JCAPIv2::SystemInsightsChassisInfo](docs/SystemInsightsChassisInfo.md) - [JCAPIv2::SystemInsightsChromeExtensions](docs/SystemInsightsChromeExtensions.md) + - [JCAPIv2::SystemInsightsConnectivity](docs/SystemInsightsConnectivity.md) - [JCAPIv2::SystemInsightsCrashes](docs/SystemInsightsCrashes.md) + - [JCAPIv2::SystemInsightsCupsDestinations](docs/SystemInsightsCupsDestinations.md) - [JCAPIv2::SystemInsightsDiskEncryption](docs/SystemInsightsDiskEncryption.md) - [JCAPIv2::SystemInsightsDiskInfo](docs/SystemInsightsDiskInfo.md) + - [JCAPIv2::SystemInsightsDnsResolvers](docs/SystemInsightsDnsResolvers.md) - [JCAPIv2::SystemInsightsEtcHosts](docs/SystemInsightsEtcHosts.md) - [JCAPIv2::SystemInsightsFirefoxAddons](docs/SystemInsightsFirefoxAddons.md) - [JCAPIv2::SystemInsightsGroups](docs/SystemInsightsGroups.md) - [JCAPIv2::SystemInsightsIeExtensions](docs/SystemInsightsIeExtensions.md) - [JCAPIv2::SystemInsightsInterfaceAddresses](docs/SystemInsightsInterfaceAddresses.md) + - [JCAPIv2::SystemInsightsInterfaceDetails](docs/SystemInsightsInterfaceDetails.md) - [JCAPIv2::SystemInsightsKernelInfo](docs/SystemInsightsKernelInfo.md) - [JCAPIv2::SystemInsightsLaunchd](docs/SystemInsightsLaunchd.md) + - [JCAPIv2::SystemInsightsLinuxPackages](docs/SystemInsightsLinuxPackages.md) - [JCAPIv2::SystemInsightsLoggedInUsers](docs/SystemInsightsLoggedInUsers.md) - - [JCAPIv2::SystemInsightsLogicalDrvies](docs/SystemInsightsLogicalDrvies.md) + - [JCAPIv2::SystemInsightsLogicalDrives](docs/SystemInsightsLogicalDrives.md) + - [JCAPIv2::SystemInsightsManagedPolicies](docs/SystemInsightsManagedPolicies.md) - [JCAPIv2::SystemInsightsMounts](docs/SystemInsightsMounts.md) - [JCAPIv2::SystemInsightsOsVersion](docs/SystemInsightsOsVersion.md) - [JCAPIv2::SystemInsightsPatches](docs/SystemInsightsPatches.md) - [JCAPIv2::SystemInsightsPrograms](docs/SystemInsightsPrograms.md) + - [JCAPIv2::SystemInsightsPythonPackages](docs/SystemInsightsPythonPackages.md) - [JCAPIv2::SystemInsightsSafariExtensions](docs/SystemInsightsSafariExtensions.md) + - [JCAPIv2::SystemInsightsScheduledTasks](docs/SystemInsightsScheduledTasks.md) + - [JCAPIv2::SystemInsightsSecureboot](docs/SystemInsightsSecureboot.md) + - [JCAPIv2::SystemInsightsServices](docs/SystemInsightsServices.md) + - [JCAPIv2::SystemInsightsShadow](docs/SystemInsightsShadow.md) + - [JCAPIv2::SystemInsightsSharedFolders](docs/SystemInsightsSharedFolders.md) + - [JCAPIv2::SystemInsightsSharedResources](docs/SystemInsightsSharedResources.md) + - [JCAPIv2::SystemInsightsSharingPreferences](docs/SystemInsightsSharingPreferences.md) + - [JCAPIv2::SystemInsightsSipConfig](docs/SystemInsightsSipConfig.md) + - [JCAPIv2::SystemInsightsStartupItems](docs/SystemInsightsStartupItems.md) - [JCAPIv2::SystemInsightsSystemControls](docs/SystemInsightsSystemControls.md) - [JCAPIv2::SystemInsightsSystemInfo](docs/SystemInsightsSystemInfo.md) + - [JCAPIv2::SystemInsightsTpmInfo](docs/SystemInsightsTpmInfo.md) - [JCAPIv2::SystemInsightsUptime](docs/SystemInsightsUptime.md) - [JCAPIv2::SystemInsightsUsbDevices](docs/SystemInsightsUsbDevices.md) - [JCAPIv2::SystemInsightsUserGroups](docs/SystemInsightsUserGroups.md) + - [JCAPIv2::SystemInsightsUserSshKeys](docs/SystemInsightsUserSshKeys.md) + - [JCAPIv2::SystemInsightsUserassist](docs/SystemInsightsUserassist.md) - [JCAPIv2::SystemInsightsUsers](docs/SystemInsightsUsers.md) - - [JCAPIv2::SystemInsightsWindowsCrashes](docs/SystemInsightsWindowsCrashes.md) + - [JCAPIv2::SystemInsightsWifiNetworks](docs/SystemInsightsWifiNetworks.md) + - [JCAPIv2::SystemInsightsWifiStatus](docs/SystemInsightsWifiStatus.md) + - [JCAPIv2::SystemInsightsWindowsSecurityCenter](docs/SystemInsightsWindowsSecurityCenter.md) + - [JCAPIv2::SystemInsightsWindowsSecurityProducts](docs/SystemInsightsWindowsSecurityProducts.md) - [JCAPIv2::Systemfdekey](docs/Systemfdekey.md) - - [JCAPIv2::Systemuser](docs/Systemuser.md) - - [JCAPIv2::Systemuserputpost](docs/Systemuserputpost.md) - - [JCAPIv2::SystemuserputpostAddresses](docs/SystemuserputpostAddresses.md) - - [JCAPIv2::SystemuserputpostPhoneNumbers](docs/SystemuserputpostPhoneNumbers.md) - - [JCAPIv2::UserGraphManagementReq](docs/UserGraphManagementReq.md) + - [JCAPIv2::TicketingIntegrationAlert](docs/TicketingIntegrationAlert.md) + - [JCAPIv2::TicketingIntegrationAlertsResp](docs/TicketingIntegrationAlertsResp.md) + - [JCAPIv2::User](docs/User.md) - [JCAPIv2::UserGroup](docs/UserGroup.md) - - [JCAPIv2::UserGroupAttributes](docs/UserGroupAttributes.md) - - [JCAPIv2::UserGroupAttributesPosixGroups](docs/UserGroupAttributesPosixGroups.md) - - [JCAPIv2::UserGroupGraphManagementReq](docs/UserGroupGraphManagementReq.md) - - [JCAPIv2::UserGroupMembersReq](docs/UserGroupMembersReq.md) - [JCAPIv2::UserGroupPost](docs/UserGroupPost.md) - [JCAPIv2::UserGroupPut](docs/UserGroupPut.md) - [JCAPIv2::WorkdayFields](docs/WorkdayFields.md) - [JCAPIv2::WorkdayInput](docs/WorkdayInput.md) - [JCAPIv2::WorkdayOutput](docs/WorkdayOutput.md) - - [JCAPIv2::WorkdayRequest](docs/WorkdayRequest.md) - [JCAPIv2::WorkdayWorker](docs/WorkdayWorker.md) - [JCAPIv2::WorkdayoutputAuth](docs/WorkdayoutputAuth.md) - - [JCAPIv2::ActiveDirectoryOutput](docs/ActiveDirectoryOutput.md) - - [JCAPIv2::LdapServerOutput](docs/LdapServerOutput.md) - - [JCAPIv2::SambaDomainOutput](docs/SambaDomainOutput.md) - ## Documentation for Authorization diff --git a/jcapiv2/docs/ADE.md b/jcapiv2/docs/ADE.md new file mode 100644 index 0000000..9921c33 --- /dev/null +++ b/jcapiv2/docs/ADE.md @@ -0,0 +1,11 @@ +# JCAPIv2::ADE + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**default_device_group_object_ids** | **Array<String>** | An array of ObjectIDs identifying the default device groups for this specific type (based on the OS family) of automated device enrollment. Currently, only a single DeviceGroupID is supported. | [optional] +**enable_zero_touch_enrollment** | **BOOLEAN** | A toggle to determine if ADE registered devices should go through JumpCloud Zero Touch Enrollment. | [optional] +**setup_assistant_options** | [**Array<DEPSetupAssistantOption>**](DEPSetupAssistantOption.md) | A Setup Option wrapped as an object | [optional] +**setup_options** | [**Array<SetupAssistantOption>**](SetupAssistantOption.md) | A list of configured setup options for this enrollment. | [optional] +**welcome_screen** | [**DEPWelcomeScreen**](DEPWelcomeScreen.md) | | [optional] + diff --git a/jcapiv2/docs/ADES.md b/jcapiv2/docs/ADES.md new file mode 100644 index 0000000..7527973 --- /dev/null +++ b/jcapiv2/docs/ADES.md @@ -0,0 +1,8 @@ +# JCAPIv2::ADES + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**ios** | [**ADE**](ADE.md) | | [optional] +**macos** | [**ADE**](ADE.md) | | [optional] + diff --git a/jcapiv2/docs/ActiveDirectoryOutput.md b/jcapiv2/docs/ActiveDirectory.md similarity index 85% rename from jcapiv2/docs/ActiveDirectoryOutput.md rename to jcapiv2/docs/ActiveDirectory.md index fe43b54..de4c6d2 100644 --- a/jcapiv2/docs/ActiveDirectoryOutput.md +++ b/jcapiv2/docs/ActiveDirectory.md @@ -1,9 +1,8 @@ -# JCAPIv2::ActiveDirectoryOutput +# JCAPIv2::ActiveDirectory ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **domain** | **String** | Domain name for this Active Directory instance. | [optional] -**id** | **String** | ObjectID of this Active Directory instance. | - +**id** | **String** | ObjectID of this Active Directory instance. | [optional] diff --git a/jcapiv2/docs/SalesforceKnowledgeListOutput.md b/jcapiv2/docs/ActiveDirectoryAgent.md similarity index 72% rename from jcapiv2/docs/SalesforceKnowledgeListOutput.md rename to jcapiv2/docs/ActiveDirectoryAgent.md index a73056c..7501216 100644 --- a/jcapiv2/docs/SalesforceKnowledgeListOutput.md +++ b/jcapiv2/docs/ActiveDirectoryAgent.md @@ -1,7 +1,6 @@ -# JCAPIv2::SalesforceKnowledgeListOutput +# JCAPIv2::ActiveDirectoryAgent ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- - diff --git a/jcapiv2/docs/ActiveDirectoryAgentGetOutput.md b/jcapiv2/docs/ActiveDirectoryAgentGet.md similarity index 54% rename from jcapiv2/docs/ActiveDirectoryAgentGetOutput.md rename to jcapiv2/docs/ActiveDirectoryAgentGet.md index 0ac204a..6a39fa6 100644 --- a/jcapiv2/docs/ActiveDirectoryAgentGetOutput.md +++ b/jcapiv2/docs/ActiveDirectoryAgentGet.md @@ -1,9 +1,13 @@ -# JCAPIv2::ActiveDirectoryAgentGetOutput +# JCAPIv2::ActiveDirectoryAgentGet ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **connect_key** | **String** | The connect key to use when installing the Agent on a Domain Controller. | [optional] +**contact_at** | **String** | | [optional] +**hostname** | **String** | | [optional] **id** | **String** | ObjectID of this Active Directory Agent. | - +**source_ip** | **String** | | [optional] +**state** | **String** | | [optional] +**version** | **String** | | [optional] diff --git a/jcapiv2/docs/ActiveDirectoryAgentList.md b/jcapiv2/docs/ActiveDirectoryAgentList.md new file mode 100644 index 0000000..64c6024 --- /dev/null +++ b/jcapiv2/docs/ActiveDirectoryAgentList.md @@ -0,0 +1,12 @@ +# JCAPIv2::ActiveDirectoryAgentList + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**contact_at** | **String** | | [optional] +**hostname** | **String** | | [optional] +**id** | **String** | ObjectID of this Active Directory Agent. | [optional] +**source_ip** | **String** | | [optional] +**state** | **String** | | [optional] +**version** | **String** | | [optional] + diff --git a/jcapiv2/docs/ActiveDirectoryApi.md b/jcapiv2/docs/ActiveDirectoryApi.md index dbb622e..65eec7f 100644 --- a/jcapiv2/docs/ActiveDirectoryApi.md +++ b/jcapiv2/docs/ActiveDirectoryApi.md @@ -14,36 +14,38 @@ Method | HTTP request | Description [**activedirectories_post**](ActiveDirectoryApi.md#activedirectories_post) | **POST** /activedirectories | Create a new Active Directory [**graph_active_directory_associations_list**](ActiveDirectoryApi.md#graph_active_directory_associations_list) | **GET** /activedirectories/{activedirectory_id}/associations | List the associations of an Active Directory instance [**graph_active_directory_associations_post**](ActiveDirectoryApi.md#graph_active_directory_associations_post) | **POST** /activedirectories/{activedirectory_id}/associations | Manage the associations of an Active Directory instance +[**graph_active_directory_traverse_user**](ActiveDirectoryApi.md#graph_active_directory_traverse_user) | **GET** /activedirectories/{activedirectory_id}/users | List the Users bound to an Active Directory instance [**graph_active_directory_traverse_user_group**](ActiveDirectoryApi.md#graph_active_directory_traverse_user_group) | **GET** /activedirectories/{activedirectory_id}/usergroups | List the User Groups bound to an Active Directory instance - # **activedirectories_agents_delete** -> activedirectories_agents_delete(activedirectory_id, agent_id, content_type, accept, opts) +> activedirectories_agents_delete(activedirectory_id, agent_id, opts) Delete Active Directory Agent +This endpoint deletes an Active Directory agent. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + ### Example ```ruby # load the gem require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end api_instance = JCAPIv2::ActiveDirectoryApi.new - -activedirectory_id = "activedirectory_id_example" # String | - -agent_id = "agent_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +activedirectory_id = 'activedirectory_id_example' # String | +agent_id = 'agent_id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Delete Active Directory Agent - api_instance.activedirectories_agents_delete(activedirectory_id, agent_id, content_type, accept, opts) + api_instance.activedirectories_agents_delete(activedirectory_id, agent_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->activedirectories_agents_delete: #{e}" end @@ -55,9 +57,7 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| | **agent_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -65,44 +65,44 @@ nil (empty response body) ### Authorization -No authorization required +[x-api-key](../README.md#x-api-key) ### HTTP request headers - - **Content-Type**: application/json - - **Accept**: application/json + - **Content-Type**: Not defined + - **Accept**: Not defined # **activedirectories_agents_get** -> ActiveDirectoryAgentListOutput activedirectories_agents_get(activedirectory_id, agent_id, content_type, accept, opts) +> ActiveDirectoryAgentList activedirectories_agents_get(activedirectory_id, agent_id, opts) Get Active Directory Agent -This endpoint returns a specific active directory agent. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns an Active Directory agent. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby # load the gem require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end api_instance = JCAPIv2::ActiveDirectoryApi.new - -activedirectory_id = "activedirectory_id_example" # String | - -agent_id = "agent_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +activedirectory_id = 'activedirectory_id_example' # String | +agent_id = 'agent_id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Get Active Directory Agent - result = api_instance.activedirectories_agents_get(activedirectory_id, agent_id, content_type, accept, opts) + result = api_instance.activedirectories_agents_get(activedirectory_id, agent_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->activedirectories_agents_get: #{e}" @@ -115,27 +115,25 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| | **agent_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**ActiveDirectoryAgentListOutput**](ActiveDirectoryAgentListOutput.md) +[**ActiveDirectoryAgentList**](ActiveDirectoryAgentList.md) ### Authorization -No authorization required +[x-api-key](../README.md#x-api-key) ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **activedirectories_agents_list** -> Array<ActiveDirectoryAgentListOutput> activedirectories_agents_list(activedirectory_id, content_type, accept, opts) +> Array<ActiveDirectoryAgentList> activedirectories_agents_list(activedirectory_id, opts) List Active Directory Agents @@ -154,23 +152,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ActiveDirectoryApi.new - -activedirectory_id = "activedirectory_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +activedirectory_id = 'activedirectory_id_example' # String | opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List Active Directory Agents - result = api_instance.activedirectories_agents_list(activedirectory_id, content_type, accept, opts) + result = api_instance.activedirectories_agents_list(activedirectory_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->activedirectories_agents_list: #{e}" @@ -182,16 +174,14 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<ActiveDirectoryAgentListOutput>**](ActiveDirectoryAgentListOutput.md) +[**Array<ActiveDirectoryAgentList>**](ActiveDirectoryAgentList.md) ### Authorization @@ -199,13 +189,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **activedirectories_agents_post** -> ActiveDirectoryAgentGetOutput activedirectories_agents_post(activedirectory_id, content_type, accept, opts) +> ActiveDirectoryAgentGet activedirectories_agents_post(activedirectory_id, opts) Create a new Active Directory Agent @@ -224,21 +214,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ActiveDirectoryApi.new - -activedirectory_id = "activedirectory_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +activedirectory_id = 'activedirectory_id_example' # String | opts = { - body: JCAPIv2::ActiveDirectoryAgentInput.new, # ActiveDirectoryAgentInput | - x_org_id: "" # String | + body: JCAPIv2::ActiveDirectoryAgent.new # ActiveDirectoryAgent | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Create a new Active Directory Agent - result = api_instance.activedirectories_agents_post(activedirectory_id, content_type, accept, opts) + result = api_instance.activedirectories_agents_post(activedirectory_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->activedirectories_agents_post: #{e}" @@ -250,14 +234,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**ActiveDirectoryAgentInput**](ActiveDirectoryAgentInput.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**ActiveDirectoryAgent**](ActiveDirectoryAgent.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**ActiveDirectoryAgentGetOutput**](ActiveDirectoryAgentGetOutput.md) +[**ActiveDirectoryAgentGet**](ActiveDirectoryAgentGet.md) ### Authorization @@ -271,11 +253,11 @@ Name | Type | Description | Notes # **activedirectories_delete** -> activedirectories_delete(id, content_type, accept, opts) +> ActiveDirectory activedirectories_delete(id, opts) Delete an Active Directory -This endpoint allows you to delete an Active Directory Instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY' ``` +This endpoint allows you to delete an Active Directory Instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -290,20 +272,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ActiveDirectoryApi.new - -id = "id_example" # String | ObjectID of this Active Directory instance. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of this Active Directory instance. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Delete an Active Directory - api_instance.activedirectories_delete(id, content_type, accept, opts) + result = api_instance.activedirectories_delete(id, opts) + p result rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->activedirectories_delete: #{e}" end @@ -314,13 +291,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of this Active Directory instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -nil (empty response body) +[**ActiveDirectory**](ActiveDirectory.md) ### Authorization @@ -328,13 +303,13 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **activedirectories_get** -> ActiveDirectoryOutput activedirectories_get(id, content_type, accept, opts) +> ActiveDirectory activedirectories_get(id, opts) Get an Active Directory @@ -353,20 +328,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ActiveDirectoryApi.new - -id = "id_example" # String | ObjectID of this Active Directory instance. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of this Active Directory instance. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Get an Active Directory - result = api_instance.activedirectories_get(id, content_type, accept, opts) + result = api_instance.activedirectories_get(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->activedirectories_get: #{e}" @@ -378,13 +347,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of this Active Directory instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**ActiveDirectoryOutput**](ActiveDirectoryOutput.md) +[**ActiveDirectory**](ActiveDirectory.md) ### Authorization @@ -392,13 +359,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **activedirectories_list** -> Array<ActiveDirectoryOutput> activedirectories_list(content_type, accept, opts) +> Array<ActiveDirectory> activedirectories_list(opts) List Active Directories @@ -417,23 +384,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ActiveDirectoryApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List Active Directories - result = api_instance.activedirectories_list(content_type, accept, opts) + result = api_instance.activedirectories_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->activedirectories_list: #{e}" @@ -444,18 +406,16 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<ActiveDirectoryOutput>**](ActiveDirectoryOutput.md) +[**Array<ActiveDirectory>**](ActiveDirectory.md) ### Authorization @@ -463,17 +423,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **activedirectories_post** -> ActiveDirectoryOutput activedirectories_post(content_type, accept, opts) +> ActiveDirectory activedirectories_post(opts) Create a new Active Directory -This endpoint allows you to create a new Active Directory. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"domain\": \"{DC=AD_domain_name;DC=com}\" } ' ``` +This endpoint allows you to create a new Active Directory. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"domain\": \"{DC=AD_domain_name;DC=com}\" }' ``` ### Example ```ruby @@ -488,19 +448,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ActiveDirectoryApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - body: JCAPIv2::ActiveDirectoryInput.new, # ActiveDirectoryInput | - x_org_id: "" # String | + body: JCAPIv2::ActiveDirectory.new # ActiveDirectory | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Create a new Active Directory - result = api_instance.activedirectories_post(content_type, accept, opts) + result = api_instance.activedirectories_post(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->activedirectories_post: #{e}" @@ -511,14 +466,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**ActiveDirectoryInput**](ActiveDirectoryInput.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**ActiveDirectory**](ActiveDirectory.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**ActiveDirectoryOutput**](ActiveDirectoryOutput.md) +[**ActiveDirectory**](ActiveDirectory.md) ### Authorization @@ -532,7 +485,7 @@ Name | Type | Description | Notes # **graph_active_directory_associations_list** -> Array<GraphConnection> graph_active_directory_associations_list(activedirectory_id, targets, content_type, accept, opts) +> Array<GraphConnection> graph_active_directory_associations_list(activedirectory_id, targets, opts) List the associations of an Active Directory instance @@ -551,24 +504,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ActiveDirectoryApi.new - -activedirectory_id = "activedirectory_id_example" # String | - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +activedirectory_id = 'activedirectory_id_example' # String | +targets = ['targets_example'] # Array | Targets which a \"active_directory\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of an Active Directory instance - result = api_instance.graph_active_directory_associations_list(activedirectory_id, targets, content_type, accept, opts) + result = api_instance.graph_active_directory_associations_list(activedirectory_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->graph_active_directory_associations_list: #{e}" @@ -580,12 +526,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"active_directory\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -597,17 +541,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_active_directory_associations_post** -> graph_active_directory_associations_post(activedirectory_id, content_type, accept, opts) +> graph_active_directory_associations_post(activedirectory_id, opts) Manage the associations of an Active Directory instance -This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" } ' ``` +This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` ### Example ```ruby @@ -622,21 +566,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ActiveDirectoryApi.new - -activedirectory_id = "activedirectory_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +activedirectory_id = 'activedirectory_id_example' # String | opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationActiveDirectory.new # GraphOperationActiveDirectory | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of an Active Directory instance - api_instance.graph_active_directory_associations_post(activedirectory_id, content_type, accept, opts) + api_instance.graph_active_directory_associations_post(activedirectory_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->graph_active_directory_associations_post: #{e}" end @@ -647,10 +585,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationActiveDirectory**](GraphOperationActiveDirectory.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -663,16 +599,16 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined -# **graph_active_directory_traverse_user_group** -> Array<GraphObjectWithPaths> graph_active_directory_traverse_user_group(activedirectory_id, content_type, accept, opts) +# **graph_active_directory_traverse_user** +> Array<GraphObjectWithPaths> graph_active_directory_traverse_user(activedirectory_id, opts) -List the User Groups bound to an Active Directory instance +List the Users bound to an Active Directory instance -This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Users bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -687,23 +623,79 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ActiveDirectoryApi.new +activedirectory_id = 'activedirectory_id_example' # String | ObjectID of the Active Directory instance. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the Users bound to an Active Directory instance + result = api_instance.graph_active_directory_traverse_user(activedirectory_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ActiveDirectoryApi->graph_active_directory_traverse_user: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **activedirectory_id** | **String**| ObjectID of the Active Directory instance. | + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_active_directory_traverse_user_group** +> Array<GraphObjectWithPaths> graph_active_directory_traverse_user_group(activedirectory_id, opts) -activedirectory_id = "activedirectory_id_example" # String | ObjectID of the Active Directory instance. +List the User Groups bound to an Active Directory instance -content_type = "application/json" # String | +This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` -accept = "application/json" # String | +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::ActiveDirectoryApi.new +activedirectory_id = 'activedirectory_id_example' # String | ObjectID of the Active Directory instance. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to an Active Directory instance - result = api_instance.graph_active_directory_traverse_user_group(activedirectory_id, content_type, accept, opts) + result = api_instance.graph_active_directory_traverse_user_group(activedirectory_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ActiveDirectoryApi->graph_active_directory_traverse_user_group: #{e}" @@ -715,12 +707,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| ObjectID of the Active Directory instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -732,7 +722,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/ActiveDirectoryInput.md b/jcapiv2/docs/ActiveDirectoryInput.md deleted file mode 100644 index 0bd5aad..0000000 --- a/jcapiv2/docs/ActiveDirectoryInput.md +++ /dev/null @@ -1,8 +0,0 @@ -# JCAPIv2::ActiveDirectoryInput - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**domain** | **String** | Domain name for this Active Directory instance. | [optional] - - diff --git a/jcapiv2/docs/SystemuserputpostAddresses.md b/jcapiv2/docs/Address.md similarity index 89% rename from jcapiv2/docs/SystemuserputpostAddresses.md rename to jcapiv2/docs/Address.md index 6537f11..5df597c 100644 --- a/jcapiv2/docs/SystemuserputpostAddresses.md +++ b/jcapiv2/docs/Address.md @@ -1,10 +1,11 @@ -# JCAPIv2::SystemuserputpostAddresses +# JCAPIv2::Address ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **country** | **String** | | [optional] **extended_address** | **String** | | [optional] +**id** | **String** | | [optional] **locality** | **String** | | [optional] **po_box** | **String** | | [optional] **postal_code** | **String** | | [optional] @@ -12,4 +13,3 @@ Name | Type | Description | Notes **street_address** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv2/docs/Administrator.md b/jcapiv2/docs/Administrator.md index d7d60a0..38245e0 100644 --- a/jcapiv2/docs/Administrator.md +++ b/jcapiv2/docs/Administrator.md @@ -8,6 +8,9 @@ Name | Type | Description | Notes **firstname** | **String** | | [optional] **id** | **String** | | [optional] **lastname** | **String** | | [optional] +**organization_access_total** | [**BigDecimal**](BigDecimal.md) | | [optional] **registered** | **BOOLEAN** | | [optional] - +**role** | **String** | | [optional] +**role_name** | **String** | | [optional] +**suspended** | **BOOLEAN** | | [optional] diff --git a/jcapiv2/docs/AdministratorOrganizationLink.md b/jcapiv2/docs/AdministratorOrganizationLink.md new file mode 100644 index 0000000..45d8559 --- /dev/null +++ b/jcapiv2/docs/AdministratorOrganizationLink.md @@ -0,0 +1,8 @@ +# JCAPIv2::AdministratorOrganizationLink + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**administrator** | **String** | The identifier for an administrator | [optional] +**organization** | **String** | The identifier for an organization | [optional] + diff --git a/jcapiv2/docs/AdministratorOrganizationLinkReq.md b/jcapiv2/docs/AdministratorOrganizationLinkReq.md new file mode 100644 index 0000000..e1ab423 --- /dev/null +++ b/jcapiv2/docs/AdministratorOrganizationLinkReq.md @@ -0,0 +1,7 @@ +# JCAPIv2::AdministratorOrganizationLinkReq + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**organization** | **String** | The identifier for an organization to link this administrator to. | [optional] + diff --git a/jcapiv2/docs/AdministratorsApi.md b/jcapiv2/docs/AdministratorsApi.md new file mode 100644 index 0000000..870d413 --- /dev/null +++ b/jcapiv2/docs/AdministratorsApi.md @@ -0,0 +1,237 @@ +# JCAPIv2::AdministratorsApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**administrator_organizations_create_by_administrator**](AdministratorsApi.md#administrator_organizations_create_by_administrator) | **POST** /administrators/{id}/organizationlinks | Allow Adminstrator access to an Organization. +[**administrator_organizations_list_by_administrator**](AdministratorsApi.md#administrator_organizations_list_by_administrator) | **GET** /administrators/{id}/organizationlinks | List the association links between an Administrator and Organizations. +[**administrator_organizations_list_by_organization**](AdministratorsApi.md#administrator_organizations_list_by_organization) | **GET** /organizations/{id}/administratorlinks | List the association links between an Organization and Administrators. +[**administrator_organizations_remove_by_administrator**](AdministratorsApi.md#administrator_organizations_remove_by_administrator) | **DELETE** /administrators/{administrator_id}/organizationlinks/{id} | Remove association between an Administrator and an Organization. + +# **administrator_organizations_create_by_administrator** +> AdministratorOrganizationLink administrator_organizations_create_by_administrator(id, opts) + +Allow Adminstrator access to an Organization. + +This endpoint allows you to grant Administrator access to an Organization. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AdministratorsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::AdministratorOrganizationLinkReq.new # AdministratorOrganizationLinkReq | +} + +begin + #Allow Adminstrator access to an Organization. + result = api_instance.administrator_organizations_create_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AdministratorsApi->administrator_organizations_create_by_administrator: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**AdministratorOrganizationLinkReq**](AdministratorOrganizationLinkReq.md)| | [optional] + +### Return type + +[**AdministratorOrganizationLink**](AdministratorOrganizationLink.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **administrator_organizations_list_by_administrator** +> Array<AdministratorOrganizationLink> administrator_organizations_list_by_administrator(id, opts) + +List the association links between an Administrator and Organizations. + +This endpoint returns the association links between an Administrator and Organizations. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AdministratorsApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Administrator and Organizations. + result = api_instance.administrator_organizations_list_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AdministratorsApi->administrator_organizations_list_by_administrator: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**Array<AdministratorOrganizationLink>**](AdministratorOrganizationLink.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **administrator_organizations_list_by_organization** +> Array<AdministratorOrganizationLink> administrator_organizations_list_by_organization(id, opts) + +List the association links between an Organization and Administrators. + +This endpoint returns the association links between an Organization and Administrators. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AdministratorsApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Organization and Administrators. + result = api_instance.administrator_organizations_list_by_organization(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AdministratorsApi->administrator_organizations_list_by_organization: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**Array<AdministratorOrganizationLink>**](AdministratorOrganizationLink.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **administrator_organizations_remove_by_administrator** +> administrator_organizations_remove_by_administrator(administrator_id, id) + +Remove association between an Administrator and an Organization. + +This endpoint removes the association link between an Administrator and an Organization. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AdministratorsApi.new +administrator_id = 'administrator_id_example' # String | +id = 'id_example' # String | + + +begin + #Remove association between an Administrator and an Organization. + api_instance.administrator_organizations_remove_by_administrator(administrator_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AdministratorsApi->administrator_organizations_remove_by_administrator: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **administrator_id** | **String**| | + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/AllOfAutotaskTicketingAlertConfigurationListRecordsItems.md b/jcapiv2/docs/AllOfAutotaskTicketingAlertConfigurationListRecordsItems.md new file mode 100644 index 0000000..d2871e3 --- /dev/null +++ b/jcapiv2/docs/AllOfAutotaskTicketingAlertConfigurationListRecordsItems.md @@ -0,0 +1,18 @@ +# JCAPIv2::AllOfAutotaskTicketingAlertConfigurationListRecordsItems + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**category** | **String** | | [optional] +**description** | **String** | | [optional] +**destination** | **String** | | [optional] +**display_name** | **String** | | [optional] +**due_days** | **Integer** | | [optional] +**id** | **Integer** | | [optional] +**priority** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**queue** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**resource** | [**AutotaskTicketingAlertConfigurationResource**](AutotaskTicketingAlertConfigurationResource.md) | | [optional] +**should_create_tickets** | **BOOLEAN** | | [optional] +**source** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**status** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] + diff --git a/jcapiv2/docs/AllOfConnectWiseTicketingAlertConfigurationListRecordsItems.md b/jcapiv2/docs/AllOfConnectWiseTicketingAlertConfigurationListRecordsItems.md new file mode 100644 index 0000000..52d7984 --- /dev/null +++ b/jcapiv2/docs/AllOfConnectWiseTicketingAlertConfigurationListRecordsItems.md @@ -0,0 +1,14 @@ +# JCAPIv2::AllOfConnectWiseTicketingAlertConfigurationListRecordsItems + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**category** | **String** | | [optional] +**description** | **String** | | [optional] +**display_name** | **String** | | [optional] +**due_days** | **Integer** | | [optional] +**id** | **Integer** | | [optional] +**priority** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**should_create_tickets** | **BOOLEAN** | | +**source** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] + diff --git a/jcapiv2/docs/AllOfPwmAllUsersResultsItems.md b/jcapiv2/docs/AllOfPwmAllUsersResultsItems.md new file mode 100644 index 0000000..e920b97 --- /dev/null +++ b/jcapiv2/docs/AllOfPwmAllUsersResultsItems.md @@ -0,0 +1,24 @@ +# JCAPIv2::AllOfPwmAllUsersResultsItems + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**compromised_passwords** | **Integer** | | [optional] +**old_passwords** | **Integer** | | [optional] +**reused_passwords** | **Integer** | | [optional] +**weak_passwords** | **Integer** | | [optional] +**apps** | [**Apps**](Apps.md) | | [optional] +**cloud_backup_restores** | [**PwmCloudBackupRestores**](PwmCloudBackupRestores.md) | | [optional] +**email** | **String** | | +**employee_uuid** | **String** | | [optional] +**external_id** | **String** | | [optional] +**groups** | [**Groups**](Groups.md) | | [optional] +**id** | **String** | | +**items_count** | **Integer** | | [optional] +**name** | **String** | | +**passwords_count** | **Integer** | | [optional] +**passwords_score** | [**BigDecimal**](BigDecimal.md) | | [optional] +**score_updated_at** | **String** | | [optional] +**status** | **String** | | +**username** | **String** | | [optional] + diff --git a/jcapiv2/docs/AllOfPwmItemsMetadataResultsItems.md b/jcapiv2/docs/AllOfPwmItemsMetadataResultsItems.md new file mode 100644 index 0000000..2bb9f6e --- /dev/null +++ b/jcapiv2/docs/AllOfPwmItemsMetadataResultsItems.md @@ -0,0 +1,18 @@ +# JCAPIv2::AllOfPwmItemsMetadataResultsItems + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**created_by** | **String** | | [optional] +**date_created** | **String** | | [optional] +**date_updated** | **String** | | [optional] +**updated_by** | **String** | | [optional] +**field1** | **String** | | +**field2** | **String** | | +**folder_name** | **String** | | [optional] +**folder_uuid** | **String** | | [optional] +**id** | **String** | | +**item_uuid** | **String** | | +**nickname** | **String** | | +**type** | **Integer** | | + diff --git a/jcapiv2/docs/AllOfSyncroTicketingAlertConfigurationListRecordsItems.md b/jcapiv2/docs/AllOfSyncroTicketingAlertConfigurationListRecordsItems.md new file mode 100644 index 0000000..f197137 --- /dev/null +++ b/jcapiv2/docs/AllOfSyncroTicketingAlertConfigurationListRecordsItems.md @@ -0,0 +1,17 @@ +# JCAPIv2::AllOfSyncroTicketingAlertConfigurationListRecordsItems + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**category** | **String** | | [optional] +**description** | **String** | | [optional] +**display_name** | **String** | | [optional] +**due_days** | **Integer** | | [optional] +**id** | **Integer** | | [optional] +**priority** | **String** | | [optional] +**problem_type** | **String** | | [optional] +**should_create_tickets** | **BOOLEAN** | | [optional] +**status** | **String** | | [optional] +**user_id** | **Integer** | | [optional] +**username** | **String** | | [optional] + diff --git a/jcapiv1/docs/Systemuserbinding.md b/jcapiv2/docs/AnyValue.md similarity index 78% rename from jcapiv1/docs/Systemuserbinding.md rename to jcapiv2/docs/AnyValue.md index 8d93bb7..1e67532 100644 --- a/jcapiv1/docs/Systemuserbinding.md +++ b/jcapiv2/docs/AnyValue.md @@ -1,7 +1,6 @@ -# JCAPIv1::Systemuserbinding +# JCAPIv2::AnyValue ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- - diff --git a/jcapiv2/docs/AppleMDM.md b/jcapiv2/docs/AppleMDM.md index db19040..d2de1ee 100644 --- a/jcapiv2/docs/AppleMDM.md +++ b/jcapiv2/docs/AppleMDM.md @@ -3,8 +3,18 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**ades** | [**ADES**](ADES.md) | | [optional] +**allow_mobile_user_enrollment** | **BOOLEAN** | A toggle to allow mobile device enrollment for an organization. | [optional] +**apns_cert_expiry** | **String** | The expiration date and time for the APNS Certificate. | [optional] **apns_push_topic** | **String** | The push topic assigned to this enrollment by Apple after uploading the Signed CSR plist. | [optional] +**apple_cert_creator_apple_id** | **String** | The Apple ID of the admin who created the Apple signed certificate associated to the Device Manager. | [optional] +**apple_cert_serial_number** | **String** | The serial number of the Apple signed certificate associated to the Device Manager. | [optional] +**default_ios_user_enrollment_device_group_id** | **String** | ObjectId uniquely identifying the MDM default iOS user enrollment device group. | [optional] +**default_system_group_id** | **String** | ObjectId uniquely identifying the MDM default System Group. | [optional] +**dep** | [**DEP**](DEP.md) | | [optional] +**dep_access_token_expiry** | **String** | The expiration date and time for the DEP Access Token. This aligns with the DEP Server Token State. | [optional] +**dep_server_token_state** | **String** | The state of the dep server token, presence and expiry. | [optional] **id** | **String** | ObjectId uniquely identifying an MDM Enrollment, | **name** | **String** | A friendly name to identify this enrollment. Not required to be unique. | [optional] - +**organization** | **String** | The identifier for an organization | [optional] diff --git a/jcapiv2/docs/AppleMDMApi.md b/jcapiv2/docs/AppleMDMApi.md index 97fa939..e39211f 100644 --- a/jcapiv2/docs/AppleMDMApi.md +++ b/jcapiv2/docs/AppleMDMApi.md @@ -4,20 +4,32 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- -[**applemdms_delete**](AppleMDMApi.md#applemdms_delete) | **DELETE** /applemdms/{apple_mdm_id} | Delete an Apple MDM +[**applemdms_csrget**](AppleMDMApi.md#applemdms_csrget) | **GET** /applemdms/{apple_mdm_id}/csr | Get Apple MDM CSR Plist +[**applemdms_delete**](AppleMDMApi.md#applemdms_delete) | **DELETE** /applemdms/{id} | Delete an Apple MDM +[**applemdms_deletedevice**](AppleMDMApi.md#applemdms_deletedevice) | **DELETE** /applemdms/{apple_mdm_id}/devices/{device_id} | Remove an Apple MDM Device's Enrollment +[**applemdms_depkeyget**](AppleMDMApi.md#applemdms_depkeyget) | **GET** /applemdms/{apple_mdm_id}/depkey | Get Apple MDM DEP Public Key +[**applemdms_devices_clear_activation_lock**](AppleMDMApi.md#applemdms_devices_clear_activation_lock) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/clearActivationLock | Clears the Activation Lock for a Device +[**applemdms_devices_os_update_status**](AppleMDMApi.md#applemdms_devices_os_update_status) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/osUpdateStatus | Request the status of an OS update for a device +[**applemdms_devices_refresh_activation_lock_information**](AppleMDMApi.md#applemdms_devices_refresh_activation_lock_information) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/refreshActivationLockInformation | Refresh activation lock information for a device +[**applemdms_devices_schedule_os_update**](AppleMDMApi.md#applemdms_devices_schedule_os_update) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/scheduleOSUpdate | Schedule an OS update for a device +[**applemdms_deviceserase**](AppleMDMApi.md#applemdms_deviceserase) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/erase | Erase Device +[**applemdms_deviceslist**](AppleMDMApi.md#applemdms_deviceslist) | **GET** /applemdms/{apple_mdm_id}/devices | List AppleMDM Devices +[**applemdms_deviceslock**](AppleMDMApi.md#applemdms_deviceslock) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/lock | Lock Device +[**applemdms_devicesrestart**](AppleMDMApi.md#applemdms_devicesrestart) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/restart | Restart Device +[**applemdms_devicesshutdown**](AppleMDMApi.md#applemdms_devicesshutdown) | **POST** /applemdms/{apple_mdm_id}/devices/{device_id}/shutdown | Shut Down Device +[**applemdms_enrollmentprofilesget**](AppleMDMApi.md#applemdms_enrollmentprofilesget) | **GET** /applemdms/{apple_mdm_id}/enrollmentprofiles/{id} | Get an Apple MDM Enrollment Profile +[**applemdms_enrollmentprofileslist**](AppleMDMApi.md#applemdms_enrollmentprofileslist) | **GET** /applemdms/{apple_mdm_id}/enrollmentprofiles | List Apple MDM Enrollment Profiles +[**applemdms_getdevice**](AppleMDMApi.md#applemdms_getdevice) | **GET** /applemdms/{apple_mdm_id}/devices/{device_id} | Details of an AppleMDM Device [**applemdms_list**](AppleMDMApi.md#applemdms_list) | **GET** /applemdms | List Apple MDMs -[**applemdms_post**](AppleMDMApi.md#applemdms_post) | **POST** /applemdms | Create Apple MDM -[**applemdms_put**](AppleMDMApi.md#applemdms_put) | **PUT** /applemdms/{apple_mdm_id} | Update an Apple MDM -[**enrollmentprofiles_get**](AppleMDMApi.md#enrollmentprofiles_get) | **GET** /applemdms/{apple_mdm_id}/enrollmentprofiles/{enrollment_profile_id} | Get an Apple MDM Enrollment Profile -[**enrollmentprofiles_list**](AppleMDMApi.md#enrollmentprofiles_list) | **GET** /applemdms/{apple_mdm_id}/enrollmentprofiles | List Apple MDM Enrollment Profiles +[**applemdms_put**](AppleMDMApi.md#applemdms_put) | **PUT** /applemdms/{id} | Update an Apple MDM +[**applemdms_refreshdepdevices**](AppleMDMApi.md#applemdms_refreshdepdevices) | **POST** /applemdms/{apple_mdm_id}/refreshdepdevices | Refresh DEP Devices +# **applemdms_csrget** +> AppleMdmSignedCsrPlist applemdms_csrget(apple_mdm_id, opts) -# **applemdms_delete** -> AppleMDM applemdms_delete(apple_mdm_id, content_type, accept, opts) - -Delete an Apple MDM +Get Apple MDM CSR Plist -Removes an Apple MDM configuration. Warning: This is a destructive operation and will remove your Apple Push Certificates. We will no longer be able to manage your devices and the only recovery option is to re-register all devices into MDM. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +Retrieves an Apple MDM signed CSR Plist for an organization. The user must supply the returned plist to Apple for signing, and then provide the certificate provided by Apple back into the PUT API. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/csr \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -32,20 +44,70 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get Apple MDM CSR Plist + result = api_instance.applemdms_csrget(apple_mdm_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_csrget: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**AppleMdmSignedCsrPlist**](AppleMdmSignedCsrPlist.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/octet-stream + + + +# **applemdms_delete** +> AppleMDM applemdms_delete(id, opts) -apple_mdm_id = "apple_mdm_id_example" # String | +Delete an Apple MDM -content_type = "application/json" # String | +Removes an Apple MDM configuration. Warning: This is a destructive operation and will remove your Apple Push Certificates. We will no longer be able to manage your devices and the only recovery option is to re-register all devices into MDM. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` -accept = "application/json" # String | +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::AppleMDMApi.new +id = 'id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Delete an Apple MDM - result = api_instance.applemdms_delete(apple_mdm_id, content_type, accept, opts) + result = api_instance.applemdms_delete(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling AppleMDMApi->applemdms_delete: #{e}" @@ -56,10 +118,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **apple_mdm_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -71,17 +131,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **applemdms_list** -> Array<AppleMDM> applemdms_list(content_type, accept, opts) +# **applemdms_deletedevice** +> AppleMdmDevice applemdms_deletedevice(apple_mdm_id, device_id, opts) -List Apple MDMs +Remove an Apple MDM Device's Enrollment -Get a list of all Apple MDM configurations. An empty topic indicates that a signed certificate from Apple has not been provided to the PUT endpoint yet. Note: currently only one MDM configuration per organization is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +Remove a single Apple MDM device from MDM enrollment. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id} \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -96,21 +156,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::AppleMDMApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List Apple MDMs - result = api_instance.applemdms_list(content_type, accept, opts) + #Remove an Apple MDM Device's Enrollment + result = api_instance.applemdms_deletedevice(apple_mdm_id, device_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling AppleMDMApi->applemdms_list: #{e}" + puts "Exception when calling AppleMDMApi->applemdms_deletedevice: #{e}" end ``` @@ -118,13 +175,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **apple_mdm_id** | **String**| | + **device_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<AppleMDM>**](AppleMDM.md) +[**AppleMdmDevice**](AppleMdmDevice.md) ### Authorization @@ -132,17 +189,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **applemdms_post** -> InlineResponse201 applemdms_post(content_type, accept, opts) +# **applemdms_depkeyget** +> AppleMdmPublicKeyCert applemdms_depkeyget(apple_mdm_id, opts) -Create Apple MDM +Get Apple MDM DEP Public Key -Creates an Apple MDM Enrollment for an organization. Only one enrollment per organization will be allowed. Note that this is the first step in completly setting up an MDM Enrollment. The user must supply the returned plist to Apple for signing, and then provide the certificate provided by Apple back into the PUT API. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/organizations/{Organization_ID}/mdm \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` +Retrieves an Apple MDM DEP Public Key. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/depkey \\ -H 'accept: application/x-pem-file' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -157,22 +214,73 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get Apple MDM DEP Public Key + result = api_instance.applemdms_depkeyget(apple_mdm_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_depkeyget: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**AppleMdmPublicKeyCert**](AppleMdmPublicKeyCert.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/x-pem-file + -content_type = "application/json" # String | -accept = "application/json" # String | +# **applemdms_devices_clear_activation_lock** +> applemdms_devices_clear_activation_lock(apple_mdm_id, device_id, opts) + +Clears the Activation Lock for a Device + +Clears the activation lock on the specified device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/clearActivationLock \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | opts = { - body: JCAPIv2::Body.new, # Body | - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Create Apple MDM - result = api_instance.applemdms_post(content_type, accept, opts) - p result + #Clears the Activation Lock for a Device + api_instance.applemdms_devices_clear_activation_lock(apple_mdm_id, device_id, opts) rescue JCAPIv2::ApiError => e - puts "Exception when calling AppleMDMApi->applemdms_post: #{e}" + puts "Exception when calling AppleMDMApi->applemdms_devices_clear_activation_lock: #{e}" end ``` @@ -180,14 +288,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Body**](Body.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **apple_mdm_id** | **String**| | + **device_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**InlineResponse201**](InlineResponse201.md) +nil (empty response body) ### Authorization @@ -195,17 +302,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **applemdms_put** -> AppleMDM applemdms_put(apple_mdm_id, content_type, accept, opts) +# **applemdms_devices_os_update_status** +> applemdms_devices_os_update_status(apple_mdm_id, device_id, opts) -Update an Apple MDM +Request the status of an OS update for a device -Updates an Apple MDM configuration. This endpoint is used to supply JumpCloud with a signed certificate from Apple in order to finalize the setup and allow JumpCloud to manage your devices. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/applemdms/{ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"MDM name\", \"appleSignedCert\": \"{CERTIFICATE}\" }' ``` +Pass through to request the status of an OS update #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/osUpdateStatus \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` ### Example ```ruby @@ -220,24 +327,74 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Request the status of an OS update for a device + api_instance.applemdms_devices_os_update_status(apple_mdm_id, device_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_devices_os_update_status: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **device_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json -apple_mdm_id = "apple_mdm_id_example" # String | -content_type = "application/json" # String | -accept = "application/json" # String | +# **applemdms_devices_refresh_activation_lock_information** +> applemdms_devices_refresh_activation_lock_information(apple_mdm_id, device_id, opts) +Refresh activation lock information for a device + +Refreshes the activation lock information for a device #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/refreshActivationLockInformation \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | opts = { - body: JCAPIv2::AppleMdmPatchInput.new, # AppleMdmPatchInput | - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Update an Apple MDM - result = api_instance.applemdms_put(apple_mdm_id, content_type, accept, opts) - p result + #Refresh activation lock information for a device + api_instance.applemdms_devices_refresh_activation_lock_information(apple_mdm_id, device_id, opts) rescue JCAPIv2::ApiError => e - puts "Exception when calling AppleMDMApi->applemdms_put: #{e}" + puts "Exception when calling AppleMDMApi->applemdms_devices_refresh_activation_lock_information: #{e}" end ``` @@ -246,14 +403,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **apple_mdm_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**AppleMdmPatchInput**](AppleMdmPatchInput.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **device_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**AppleMDM**](AppleMDM.md) +nil (empty response body) ### Authorization @@ -261,17 +416,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **enrollmentprofiles_get** -> Mobileconfig enrollmentprofiles_get(apple_mdm_id, enrollment_profile_id, content_type, accept, opts) +# **applemdms_devices_schedule_os_update** +> applemdms_devices_schedule_os_update(apple_mdm_iddevice_id, opts) -Get an Apple MDM Enrollment Profile +Schedule an OS update for a device -Get an enrollment profile Currently only requesting the mobileconfig is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles/{ENROLLMENT_PROFILE_ID} \\ -H 'accept: application/x-apple-aspen-config' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +Schedules an OS update for a device #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/scheduleOSUpdate \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"install_action\": \"INSTALL_ASAP\", \"product_key\": \"key\"}' ``` ### Example ```ruby @@ -286,25 +441,77 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + body: JCAPIv2::ScheduleOSUpdate.new # ScheduleOSUpdate | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Schedule an OS update for a device + api_instance.applemdms_devices_schedule_os_update(apple_mdm_iddevice_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_devices_schedule_os_update: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **device_id** | **String**| | + **body** | [**ScheduleOSUpdate**](ScheduleOSUpdate.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + -apple_mdm_id = "apple_mdm_id_example" # String | +# **applemdms_deviceserase** +> applemdms_deviceserase(apple_mdm_iddevice_id, opts) -enrollment_profile_id = "enrollment_profile_id_example" # String | +Erase Device -content_type = "application/json" # String | +Erases a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/erase \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` -accept = "application/json" # String | +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | opts = { - x_org_id: "" # String | + body: JCAPIv2::DeviceIdEraseBody.new # DeviceIdEraseBody | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Get an Apple MDM Enrollment Profile - result = api_instance.enrollmentprofiles_get(apple_mdm_id, enrollment_profile_id, content_type, accept, opts) - p result + #Erase Device + api_instance.applemdms_deviceserase(apple_mdm_iddevice_id, opts) rescue JCAPIv2::ApiError => e - puts "Exception when calling AppleMDMApi->enrollmentprofiles_get: #{e}" + puts "Exception when calling AppleMDMApi->applemdms_deviceserase: #{e}" end ``` @@ -313,14 +520,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **apple_mdm_id** | **String**| | - **enrollment_profile_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **device_id** | **String**| | + **body** | [**DeviceIdEraseBody**](DeviceIdEraseBody.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Mobileconfig**](Mobileconfig.md) +nil (empty response body) ### Authorization @@ -329,16 +535,16 @@ Name | Type | Description | Notes ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/x-apple-aspen-config + - **Accept**: application/json -# **enrollmentprofiles_list** -> Array<AppleMDM> enrollmentprofiles_list(apple_mdm_id, content_type, accept, opts) +# **applemdms_deviceslist** +> Array<AppleMdmDevice> applemdms_deviceslist(apple_mdm_id, opts) -List Apple MDM Enrollment Profiles +List AppleMDM Devices -Get a list of enrollment profiles for an apple mdm. Note: currently only one enrollment profile is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +Lists all Apple MDM devices. The filter and sort queries will allow the following fields: `createdAt` `depRegistered` `enrolled` `id` `osVersion` `serialNumber` `udid` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` ### Example ```ruby @@ -353,23 +559,84 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_total_count: 56 # Integer | +} + +begin + #List AppleMDM Devices + result = api_instance.applemdms_deviceslist(apple_mdm_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_deviceslist: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **x_total_count** | **Integer**| | [optional] -apple_mdm_id = "apple_mdm_id_example" # String | +### Return type + +[**Array<AppleMdmDevice>**](AppleMdmDevice.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers -content_type = "application/json" # String | + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **applemdms_deviceslock** +> applemdms_deviceslock(apple_mdm_iddevice_id, opts) -accept = "application/json" # String | +Lock Device + +Locks a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/lock \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | opts = { - x_org_id: "" # String | + body: JCAPIv2::DeviceIdLockBody.new # DeviceIdLockBody | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List Apple MDM Enrollment Profiles - result = api_instance.enrollmentprofiles_list(apple_mdm_id, content_type, accept, opts) - p result + #Lock Device + api_instance.applemdms_deviceslock(apple_mdm_iddevice_id, opts) rescue JCAPIv2::ApiError => e - puts "Exception when calling AppleMDMApi->enrollmentprofiles_list: #{e}" + puts "Exception when calling AppleMDMApi->applemdms_deviceslock: #{e}" end ``` @@ -378,13 +645,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **apple_mdm_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **device_id** | **String**| | + **body** | [**DeviceIdLockBody**](DeviceIdLockBody.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<AppleMDM>**](AppleMDM.md) +nil (empty response body) ### Authorization @@ -397,3 +664,464 @@ Name | Type | Description | Notes +# **applemdms_devicesrestart** +> applemdms_devicesrestart(apple_mdm_iddevice_id, opts) + +Restart Device + +Restarts a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/restart \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"kextPaths\": [\"Path1\", \"Path2\"]}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + body: JCAPIv2::DeviceIdRestartBody.new # DeviceIdRestartBody | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Restart Device + api_instance.applemdms_devicesrestart(apple_mdm_iddevice_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_devicesrestart: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **device_id** | **String**| | + **body** | [**DeviceIdRestartBody**](DeviceIdRestartBody.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **applemdms_devicesshutdown** +> applemdms_devicesshutdown(apple_mdm_id, device_id, opts) + +Shut Down Device + +Shuts down a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/shutdown \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Shut Down Device + api_instance.applemdms_devicesshutdown(apple_mdm_id, device_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_devicesshutdown: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **device_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **applemdms_enrollmentprofilesget** +> Mobileconfig applemdms_enrollmentprofilesget(apple_mdm_id, id, opts) + +Get an Apple MDM Enrollment Profile + +Get an enrollment profile Currently only requesting the mobileconfig is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles/{ID} \\ -H 'accept: application/x-apple-aspen-config' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get an Apple MDM Enrollment Profile + result = api_instance.applemdms_enrollmentprofilesget(apple_mdm_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_enrollmentprofilesget: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Mobileconfig**](Mobileconfig.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/x-apple-aspen-config + + + +# **applemdms_enrollmentprofileslist** +> Array<AppleMDM> applemdms_enrollmentprofileslist(apple_mdm_id, opts) + +List Apple MDM Enrollment Profiles + +Get a list of enrollment profiles for an apple mdm. Note: currently only one enrollment profile is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Apple MDM Enrollment Profiles + result = api_instance.applemdms_enrollmentprofileslist(apple_mdm_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_enrollmentprofileslist: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<AppleMDM>**](AppleMDM.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **applemdms_getdevice** +> AppleMdmDevice applemdms_getdevice(apple_mdm_id, device_id, opts) + +Details of an AppleMDM Device + +Gets a single Apple MDM device. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id} \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +device_id = 'device_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Details of an AppleMDM Device + result = api_instance.applemdms_getdevice(apple_mdm_id, device_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_getdevice: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **device_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**AppleMdmDevice**](AppleMdmDevice.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **applemdms_list** +> Array<AppleMDM> applemdms_list(opts) + +List Apple MDMs + +Get a list of all Apple MDM configurations. An empty topic indicates that a signed certificate from Apple has not been provided to the PUT endpoint yet. Note: currently only one MDM configuration per organization is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 1, # Integer | + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List Apple MDMs + result = api_instance.applemdms_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 1] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<AppleMDM>**](AppleMDM.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **applemdms_put** +> AppleMDM applemdms_put(id, opts) + +Update an Apple MDM + +Updates an Apple MDM configuration. This endpoint is used to supply JumpCloud with a signed certificate from Apple in order to finalize the setup and allow JumpCloud to manage your devices. It may also be used to update the DEP Settings. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/applemdms/{ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"MDM name\", \"appleSignedCert\": \"{CERTIFICATE}\", \"encryptedDepServerToken\": \"{SERVER_TOKEN}\", \"dep\": { \"welcomeScreen\": { \"title\": \"Welcome\", \"paragraph\": \"In just a few steps, you will be working securely from your Mac.\", \"button\": \"continue\", }, }, }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::AppleMdmPatch.new # AppleMdmPatch | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update an Apple MDM + result = api_instance.applemdms_put(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_put: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**AppleMdmPatch**](AppleMdmPatch.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**AppleMDM**](AppleMDM.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **applemdms_refreshdepdevices** +> applemdms_refreshdepdevices(apple_mdm_id, opts) + +Refresh DEP Devices + +Refreshes the list of devices that a JumpCloud admin has added to their virtual MDM in Apple Business Manager - ABM so that they can be DEP enrolled with JumpCloud. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/refreshdepdevices \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AppleMDMApi.new +apple_mdm_id = 'apple_mdm_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Refresh DEP Devices + api_instance.applemdms_refreshdepdevices(apple_mdm_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling AppleMDMApi->applemdms_refreshdepdevices: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **apple_mdm_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/AppleMdmDevice.md b/jcapiv2/docs/AppleMdmDevice.md new file mode 100644 index 0000000..b7353ef --- /dev/null +++ b/jcapiv2/docs/AppleMdmDevice.md @@ -0,0 +1,16 @@ +# JCAPIv2::AppleMdmDevice + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**created_at** | **String** | | [optional] +**dep_registered** | **BOOLEAN** | | [optional] +**device_information** | [**AppleMdmDeviceInfo**](AppleMdmDeviceInfo.md) | | [optional] +**enrolled** | **BOOLEAN** | | [optional] +**has_activation_lock_bypass_codes** | **BOOLEAN** | | [optional] +**id** | **String** | | [optional] +**os_version** | **String** | | [optional] +**security_info** | [**AppleMdmDeviceSecurityInfo**](AppleMdmDeviceSecurityInfo.md) | | [optional] +**serial_number** | **String** | | [optional] +**udid** | **String** | | [optional] + diff --git a/jcapiv2/docs/AppleMdmDeviceInfo.md b/jcapiv2/docs/AppleMdmDeviceInfo.md new file mode 100644 index 0000000..190bfe0 --- /dev/null +++ b/jcapiv2/docs/AppleMdmDeviceInfo.md @@ -0,0 +1,19 @@ +# JCAPIv2::AppleMdmDeviceInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**activation_lock_allowed_while_supervised** | **BOOLEAN** | | [optional] +**available_device_capacity** | [**BigDecimal**](BigDecimal.md) | | [optional] +**device_capacity** | [**BigDecimal**](BigDecimal.md) | | [optional] +**device_name** | **String** | | [optional] +**iccid** | **String** | | [optional] +**imei** | **String** | | [optional] +**is_supervised** | **BOOLEAN** | | [optional] +**model_name** | **String** | | [optional] +**second_iccid** | **String** | | [optional] +**second_imei** | **String** | | [optional] +**second_subscriber_carrier_network** | **String** | | [optional] +**subscriber_carrier_network** | **String** | | [optional] +**wifi_mac** | **String** | | [optional] + diff --git a/jcapiv2/docs/AppleMdmDeviceSecurityInfo.md b/jcapiv2/docs/AppleMdmDeviceSecurityInfo.md new file mode 100644 index 0000000..715285f --- /dev/null +++ b/jcapiv2/docs/AppleMdmDeviceSecurityInfo.md @@ -0,0 +1,11 @@ +# JCAPIv2::AppleMdmDeviceSecurityInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**enrolled_via_dep** | **BOOLEAN** | | [optional] +**is_activation_lock_manageable** | **BOOLEAN** | | [optional] +**is_user_enrollment** | **BOOLEAN** | | [optional] +**passcode_present** | **BOOLEAN** | | [optional] +**user_approved_enrollment** | **BOOLEAN** | | [optional] + diff --git a/jcapiv2/docs/AppleMdmPatch.md b/jcapiv2/docs/AppleMdmPatch.md new file mode 100644 index 0000000..22e57b0 --- /dev/null +++ b/jcapiv2/docs/AppleMdmPatch.md @@ -0,0 +1,15 @@ +# JCAPIv2::AppleMdmPatch + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**ades** | [**ADES**](ADES.md) | | [optional] +**allow_mobile_user_enrollment** | **BOOLEAN** | A toggle to allow mobile device enrollment for an organization. | [optional] +**apple_cert_creator_apple_id** | **String** | The Apple ID of the admin who created the Apple signed certificate. | [optional] +**apple_signed_cert** | **String** | A signed certificate obtained from Apple after providing Apple with the plist file provided on POST. | [optional] +**default_ios_user_enrollment_device_group_id** | **String** | ObjectId uniquely identifying the MDM default iOS user enrollment device group. | [optional] +**default_system_group_id** | **String** | ObjectId uniquely identifying the MDM default System Group. | [optional] +**dep** | [**DEP**](DEP.md) | | [optional] +**encrypted_dep_server_token** | **String** | The S/MIME encoded DEP Server Token returned by Apple Business Manager when creating an MDM instance. | [optional] +**name** | **String** | A new name for the Apple MDM configuration. | [optional] + diff --git a/jcapiv2/docs/AppleMdmPatchInput.md b/jcapiv2/docs/AppleMdmPatchInput.md deleted file mode 100644 index 5ceab39..0000000 --- a/jcapiv2/docs/AppleMdmPatchInput.md +++ /dev/null @@ -1,9 +0,0 @@ -# JCAPIv2::AppleMdmPatchInput - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**apple_signed_cert** | **String** | A signed certificate obtained from Apple after providing Apple with the plist file provided on POST. | [optional] -**name** | **String** | A new name for the Apple MDM configuration. | [optional] - - diff --git a/jcapiv2/docs/AppleMdmPublicKeyCert.md b/jcapiv2/docs/AppleMdmPublicKeyCert.md new file mode 100644 index 0000000..e1f22ac --- /dev/null +++ b/jcapiv2/docs/AppleMdmPublicKeyCert.md @@ -0,0 +1,6 @@ +# JCAPIv2::AppleMdmPublicKeyCert + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/AppleMdmSignedCsrPlist.md b/jcapiv2/docs/AppleMdmSignedCsrPlist.md new file mode 100644 index 0000000..59ad6e5 --- /dev/null +++ b/jcapiv2/docs/AppleMdmSignedCsrPlist.md @@ -0,0 +1,6 @@ +# JCAPIv2::AppleMdmSignedCsrPlist + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/ApplicationIdLogoBody.md b/jcapiv2/docs/ApplicationIdLogoBody.md new file mode 100644 index 0000000..2b40858 --- /dev/null +++ b/jcapiv2/docs/ApplicationIdLogoBody.md @@ -0,0 +1,7 @@ +# JCAPIv2::ApplicationIdLogoBody + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**image** | **String** | The file to upload. | [optional] + diff --git a/jcapiv2/docs/ApplicationsApi.md b/jcapiv2/docs/ApplicationsApi.md index 94fd489..7f174a7 100644 --- a/jcapiv2/docs/ApplicationsApi.md +++ b/jcapiv2/docs/ApplicationsApi.md @@ -4,18 +4,133 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- +[**applications_delete_logo**](ApplicationsApi.md#applications_delete_logo) | **DELETE** /applications/{application_id}/logo | Delete application image +[**applications_get**](ApplicationsApi.md#applications_get) | **GET** /applications/{application_id} | Get an Application +[**applications_post_logo**](ApplicationsApi.md#applications_post_logo) | **POST** /applications/{application_id}/logo | Save application logo [**graph_application_associations_list**](ApplicationsApi.md#graph_application_associations_list) | **GET** /applications/{application_id}/associations | List the associations of an Application [**graph_application_associations_post**](ApplicationsApi.md#graph_application_associations_post) | **POST** /applications/{application_id}/associations | Manage the associations of an Application [**graph_application_traverse_user**](ApplicationsApi.md#graph_application_traverse_user) | **GET** /applications/{application_id}/users | List the Users bound to an Application [**graph_application_traverse_user_group**](ApplicationsApi.md#graph_application_traverse_user_group) | **GET** /applications/{application_id}/usergroups | List the User Groups bound to an Application +[**import_create**](ApplicationsApi.md#import_create) | **POST** /applications/{application_id}/import/jobs | Create an import job +[**import_users**](ApplicationsApi.md#import_users) | **GET** /applications/{application_id}/import/users | Get a list of users to import from an Application IdM service provider +# **applications_delete_logo** +> applications_delete_logo(application_id, opts) -# **graph_application_associations_list** -> Array<GraphConnection> graph_application_associations_list(application_id, targets, content_type, accept, opts) +Delete application image -List the associations of an Application +Deletes the specified image from an application -This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete application image + api_instance.applications_delete_logo(application_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->applications_delete_logo: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **application_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **applications_get** +> Object applications_get(application_id, opts) + +Get an Application + +The endpoint retrieves an Application. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get an Application + result = api_instance.applications_get(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->applications_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **application_id** | **String**| ObjectID of the Application. | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +**Object** + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **applications_post_logo** +> applications_post_logo(application_id, opts) + +Save application logo + +This endpoint sets the logo for an application. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/logo \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -30,24 +145,74 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | +opts = { + image: 'image_example' # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} -application_id = "application_id_example" # String | ObjectID of the Application. +begin + #Save application logo + api_instance.applications_post_logo(application_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->applications_post_logo: #{e}" +end +``` -targets = ["targets_example"] # Array | +### Parameters -content_type = "application/json" # String | +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **application_id** | **String**| | + **image** | **String**| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: multipart/form-data + - **Accept**: application/json + + + +# **graph_application_associations_list** +> Array<GraphConnection> graph_application_associations_list(application_id, targets, opts) + +List the associations of an Application + +This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` -accept = "application/json" # String | +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +targets = ['targets_example'] # Array | Targets which a \"application\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of an Application - result = api_instance.graph_application_associations_list(application_id, targets, content_type, accept, opts) + result = api_instance.graph_application_associations_list(application_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ApplicationsApi->graph_application_associations_list: #{e}" @@ -59,12 +224,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **application_id** | **String**| ObjectID of the Application. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"application\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -76,17 +239,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_application_associations_post** -> graph_application_associations_post(application_id, content_type, accept, opts) +> graph_application_associations_post(application_id, opts) Manage the associations of an Application -This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` ### Example ```ruby @@ -101,21 +264,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ApplicationsApi.new - -application_id = "application_id_example" # String | ObjectID of the Application. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +application_id = 'application_id_example' # String | ObjectID of the Application. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationApplication.new # GraphOperationApplication | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of an Application - api_instance.graph_application_associations_post(application_id, content_type, accept, opts) + api_instance.graph_application_associations_post(application_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling ApplicationsApi->graph_application_associations_post: #{e}" end @@ -126,10 +283,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **application_id** | **String**| ObjectID of the Application. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationApplication**](GraphOperationApplication.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -142,12 +297,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_application_traverse_user** -> Array<GraphObjectWithPaths> graph_application_traverse_user(application_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_application_traverse_user(application_id, opts) List the Users bound to an Application @@ -166,23 +321,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ApplicationsApi.new - -application_id = "application_id_example" # String | ObjectID of the Application. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +application_id = 'application_id_example' # String | ObjectID of the Application. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to an Application - result = api_instance.graph_application_traverse_user(application_id, content_type, accept, opts) + result = api_instance.graph_application_traverse_user(application_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ApplicationsApi->graph_application_traverse_user: #{e}" @@ -194,12 +343,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **application_id** | **String**| ObjectID of the Application. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -211,13 +358,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_application_traverse_user_group** -> Array<GraphObjectWithPaths> graph_application_traverse_user_group(application_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_application_traverse_user_group(application_id, opts) List the User Groups bound to an Application @@ -236,23 +383,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ApplicationsApi.new - -application_id = "application_id_example" # String | ObjectID of the Application. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +application_id = 'application_id_example' # String | ObjectID of the Application. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to an Application - result = api_instance.graph_application_traverse_user_group(application_id, content_type, accept, opts) + result = api_instance.graph_application_traverse_user_group(application_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling ApplicationsApi->graph_application_traverse_user_group: #{e}" @@ -264,12 +405,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **application_id** | **String**| ObjectID of the Application. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -279,6 +418,64 @@ Name | Type | Description | Notes [x-api-key](../README.md#x-api-key) +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **import_create** +> JobId import_create(application_id, opts) + +Create an import job + +This endpoint allows you to create a user import job that will import new users and/or update existing users in JumpCloud from the application. The endpoint can currently only be used for applications that have an active Identity Management custom API integration. The request will fail with a “Not found” error for applications if that type of integration is not configured. To learn more about configuring this type of integration, read [Import users from an external identity source using a custom API integration](https://support.jumpcloud.com/support/s/article/Import-users-from-a-custom-rest-API-integration). #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applications/{application_id}/import/jobs \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' \\ -d '{ \"allowUserReactivation\": true, \"operations\": [ \"users.create\", \"users.update\" ] \"queryString\": \"location=Chicago&department=IT\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + body: JCAPIv2::ImportUsersRequest.new # ImportUsersRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create an import job + result = api_instance.import_create(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->import_create: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **application_id** | **String**| ObjectID of the Application. | + **body** | [**ImportUsersRequest**](ImportUsersRequest.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**JobId**](JobId.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + ### HTTP request headers - **Content-Type**: application/json @@ -286,3 +483,71 @@ Name | Type | Description | Notes +# **import_users** +> ImportUsersResponse import_users(application_id, opts) + +Get a list of users to import from an Application IdM service provider + +Get a list of users to import from an Application IdM service provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ApplicationsApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + filter: 'filter_example', # String | Filter users by a search term + query: 'query_example', # String | URL query to merge with the service provider request + sort: 'sort_example', # String | Sort users by supported fields + sort_order: 'asc', # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #Get a list of users to import from an Application IdM service provider + result = api_instance.import_users(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ApplicationsApi->import_users: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **application_id** | **String**| ObjectID of the Application. | + **filter** | **String**| Filter users by a search term | [optional] + **query** | **String**| URL query to merge with the service provider request | [optional] + **sort** | **String**| Sort users by supported fields | [optional] + **sort_order** | **String**| | [optional] [default to asc] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**ImportUsersResponse**](ImportUsersResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv1/docs/Usersystembinding.md b/jcapiv2/docs/Apps.md similarity index 78% rename from jcapiv1/docs/Usersystembinding.md rename to jcapiv2/docs/Apps.md index e275945..1d39e8e 100644 --- a/jcapiv1/docs/Usersystembinding.md +++ b/jcapiv2/docs/Apps.md @@ -1,7 +1,6 @@ -# JCAPIv1::Usersystembinding +# JCAPIv2::Apps ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- - diff --git a/jcapiv2/docs/AppsInner.md b/jcapiv2/docs/AppsInner.md new file mode 100644 index 0000000..85cd2c0 --- /dev/null +++ b/jcapiv2/docs/AppsInner.md @@ -0,0 +1,8 @@ +# JCAPIv2::AppsInner + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**app_version** | **String** | | [optional] +**os_id** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/AuthInfo.md b/jcapiv2/docs/AuthInfo.md index e0e99ea..3d61485 100644 --- a/jcapiv2/docs/AuthInfo.md +++ b/jcapiv2/docs/AuthInfo.md @@ -7,4 +7,3 @@ Name | Type | Description | Notes **is_valid** | **BOOLEAN** | | [optional] **message** | **String** | | [optional] - diff --git a/jcapiv2/docs/AuthInput.md b/jcapiv2/docs/AuthInput.md index d858150..9ab5e2a 100644 --- a/jcapiv2/docs/AuthInput.md +++ b/jcapiv2/docs/AuthInput.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **basic** | [**AuthinputBasic**](AuthinputBasic.md) | | [optional] **oauth** | [**AuthinputOauth**](AuthinputOauth.md) | | [optional] - diff --git a/jcapiv2/docs/AuthInputObject.md b/jcapiv2/docs/AuthInputObject.md index e9e3358..6eda8df 100644 --- a/jcapiv2/docs/AuthInputObject.md +++ b/jcapiv2/docs/AuthInputObject.md @@ -5,4 +5,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **auth** | [**AuthInput**](AuthInput.md) | | [optional] - diff --git a/jcapiv2/docs/AuthenticationPoliciesApi.md b/jcapiv2/docs/AuthenticationPoliciesApi.md new file mode 100644 index 0000000..a353df1 --- /dev/null +++ b/jcapiv2/docs/AuthenticationPoliciesApi.md @@ -0,0 +1,302 @@ +# JCAPIv2::AuthenticationPoliciesApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**authnpolicies_delete**](AuthenticationPoliciesApi.md#authnpolicies_delete) | **DELETE** /authn/policies/{id} | Delete Authentication Policy +[**authnpolicies_get**](AuthenticationPoliciesApi.md#authnpolicies_get) | **GET** /authn/policies/{id} | Get an authentication policy +[**authnpolicies_list**](AuthenticationPoliciesApi.md#authnpolicies_list) | **GET** /authn/policies | List Authentication Policies +[**authnpolicies_patch**](AuthenticationPoliciesApi.md#authnpolicies_patch) | **PATCH** /authn/policies/{id} | Patch Authentication Policy +[**authnpolicies_post**](AuthenticationPoliciesApi.md#authnpolicies_post) | **POST** /authn/policies | Create an Authentication Policy + +# **authnpolicies_delete** +> AuthnPolicy authnpolicies_delete(id, opts) + +Delete Authentication Policy + +Delete the specified authentication policy. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AuthenticationPoliciesApi.new +id = 'id_example' # String | Unique identifier of the authentication policy +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete Authentication Policy + result = api_instance.authnpolicies_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AuthenticationPoliciesApi->authnpolicies_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| Unique identifier of the authentication policy | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**AuthnPolicy**](AuthnPolicy.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **authnpolicies_get** +> AuthnPolicy authnpolicies_get(id, opts) + +Get an authentication policy + +Return a specific authentication policy. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AuthenticationPoliciesApi.new +id = 'id_example' # String | Unique identifier of the authentication policy +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get an authentication policy + result = api_instance.authnpolicies_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AuthenticationPoliciesApi->authnpolicies_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| Unique identifier of the authentication policy | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**AuthnPolicy**](AuthnPolicy.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **authnpolicies_list** +> Array<AuthnPolicy> authnpolicies_list(opts) + +List Authentication Policies + +Get a list of all authentication policies. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/authn/policies \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AuthenticationPoliciesApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + x_total_count: 56, # Integer | + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List Authentication Policies + result = api_instance.authnpolicies_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AuthenticationPoliciesApi->authnpolicies_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **x_total_count** | **Integer**| | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**Array<AuthnPolicy>**](AuthnPolicy.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **authnpolicies_patch** +> AuthnPolicy authnpolicies_patch(id, opts) + +Patch Authentication Policy + +Patch the specified authentication policy. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"disabled\": false }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AuthenticationPoliciesApi.new +id = 'id_example' # String | Unique identifier of the authentication policy +opts = { + body: JCAPIv2::AuthnPolicy.new # AuthnPolicy | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Patch Authentication Policy + result = api_instance.authnpolicies_patch(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AuthenticationPoliciesApi->authnpolicies_patch: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| Unique identifier of the authentication policy | + **body** | [**AuthnPolicy**](AuthnPolicy.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**AuthnPolicy**](AuthnPolicy.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **authnpolicies_post** +> AuthnPolicy authnpolicies_post(opts) + +Create an Authentication Policy + +Create an authentication policy. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/authn/policies \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample Policy\", \"disabled\": false, \"effect\": { \"action\": \"allow\" }, \"targets\": { \"users\": { \"inclusions\": [\"ALL\"] }, \"userGroups\": { \"exclusions\": [{USER_GROUP_ID}] }, \"resources\": [ {\"type\": \"user_portal\" } ] }, \"conditions\":{ \"ipAddressIn\": [{IP_LIST_ID}] } }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::AuthenticationPoliciesApi.new +opts = { + body: JCAPIv2::AuthnPolicy.new # AuthnPolicy | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create an Authentication Policy + result = api_instance.authnpolicies_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling AuthenticationPoliciesApi->authnpolicies_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**AuthnPolicy**](AuthnPolicy.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**AuthnPolicy**](AuthnPolicy.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/AuthinputBasic.md b/jcapiv2/docs/AuthinputBasic.md index 92527e8..c7cb5d0 100644 --- a/jcapiv2/docs/AuthinputBasic.md +++ b/jcapiv2/docs/AuthinputBasic.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **password** | **String** | | [optional] **username** | **String** | | [optional] - diff --git a/jcapiv2/docs/AuthinputOauth.md b/jcapiv2/docs/AuthinputOauth.md index 12573da..cff89c7 100644 --- a/jcapiv2/docs/AuthinputOauth.md +++ b/jcapiv2/docs/AuthinputOauth.md @@ -5,4 +5,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **code** | **String** | | [optional] - diff --git a/jcapiv2/docs/AuthnPolicy.md b/jcapiv2/docs/AuthnPolicy.md new file mode 100644 index 0000000..15d4229 --- /dev/null +++ b/jcapiv2/docs/AuthnPolicy.md @@ -0,0 +1,14 @@ +# JCAPIv2::AuthnPolicy + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**conditions** | **Object** | Conditions may be added to an authentication policy using the following conditional language: ``` <conditions> ::= <expression> <expression> ::= <deviceEncrypted> | <deviceManaged> | <ipAddressIn> | <locationIn> | <notExpression> | <allExpression> | <anyExpression> <deviceEncrypted> ::= { \"deviceEncrypted\": <boolean> } <deviceManaged> ::= { \"deviceManaged\": <boolean> } <ipAddressIn> ::= { \"ipAddressIn\": [ <objectId>, ... ] } <locationIn> ::= { \"locationIn\": { \"countries\": [ <iso_3166_country_code>, ... ] } } <notExpression> ::= { \"not\": <expression> } <allExpression> ::= { \"all\": [ <expression>, ... ] } <anyExpression> ::= { \"any\": [ <expression>, ... ] } ``` For example, to add a condition that applies to IP addresses in a given list, the following condition can be added: ``` {\"ipAddressIn\": [ <ip_list_object_id> ]} ``` If you would rather exclude IP addresses in the given lists, the following condition could be added: ``` { \"not\": { \"ipAddressIn\": [ <ip_list_object_id_1>, <ip_list_object_id_2> ] } } ``` You may also include more than one condition and choose whether \"all\" or \"any\" of them must be met for the policy to apply: ``` { \"all\": [ { \"ipAddressIn\": [ <ip_list_object_id>, ... ] }, { \"deviceManaged\": true }, { \"locationIn\": { countries: [ <iso_3166_country_code>, ... ] } } ] } ``` | [optional] +**description** | **String** | | [optional] +**disabled** | **BOOLEAN** | | [optional] +**effect** | [**AuthnPolicyEffect**](AuthnPolicyEffect.md) | | [optional] +**id** | **String** | | [optional] +**name** | **String** | | [optional] +**targets** | [**AuthnPolicyTargets**](AuthnPolicyTargets.md) | | [optional] +**type** | [**AuthnPolicyType**](AuthnPolicyType.md) | | [optional] + diff --git a/jcapiv2/docs/AuthnPolicyEffect.md b/jcapiv2/docs/AuthnPolicyEffect.md new file mode 100644 index 0000000..2c2601a --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyEffect.md @@ -0,0 +1,8 @@ +# JCAPIv2::AuthnPolicyEffect + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**action** | **String** | | +**obligations** | [**AuthnPolicyObligations**](AuthnPolicyObligations.md) | | [optional] + diff --git a/jcapiv2/docs/AuthnPolicyObligations.md b/jcapiv2/docs/AuthnPolicyObligations.md new file mode 100644 index 0000000..6c0207e --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyObligations.md @@ -0,0 +1,9 @@ +# JCAPIv2::AuthnPolicyObligations + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**external_identity_provider** | [**AuthnPolicyObligationsExternalIdentityProvider**](AuthnPolicyObligationsExternalIdentityProvider.md) | | [optional] +**mfa** | [**AuthnPolicyObligationsMfa**](AuthnPolicyObligationsMfa.md) | | [optional] +**user_verification** | [**AuthnPolicyObligationsUserVerification**](AuthnPolicyObligationsUserVerification.md) | | [optional] + diff --git a/jcapiv2/docs/WorkdayRequest.md b/jcapiv2/docs/AuthnPolicyObligationsExternalIdentityProvider.md similarity index 70% rename from jcapiv2/docs/WorkdayRequest.md rename to jcapiv2/docs/AuthnPolicyObligationsExternalIdentityProvider.md index e71c2a8..c80d22c 100644 --- a/jcapiv2/docs/WorkdayRequest.md +++ b/jcapiv2/docs/AuthnPolicyObligationsExternalIdentityProvider.md @@ -1,9 +1,7 @@ -# JCAPIv2::WorkdayRequest +# JCAPIv2::AuthnPolicyObligationsExternalIdentityProvider ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**name** | **String** | | [optional] **object_id** | **String** | | [optional] - diff --git a/jcapiv2/docs/AuthnPolicyObligationsMfa.md b/jcapiv2/docs/AuthnPolicyObligationsMfa.md new file mode 100644 index 0000000..9df8f06 --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyObligationsMfa.md @@ -0,0 +1,7 @@ +# JCAPIv2::AuthnPolicyObligationsMfa + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**required** | **BOOLEAN** | | [optional] + diff --git a/jcapiv2/docs/AuthnPolicyObligationsUserVerification.md b/jcapiv2/docs/AuthnPolicyObligationsUserVerification.md new file mode 100644 index 0000000..6906c7f --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyObligationsUserVerification.md @@ -0,0 +1,7 @@ +# JCAPIv2::AuthnPolicyObligationsUserVerification + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**requirement** | **String** | | [optional] + diff --git a/jcapiv2/docs/AuthnPolicyResourceTarget.md b/jcapiv2/docs/AuthnPolicyResourceTarget.md new file mode 100644 index 0000000..4597bc0 --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyResourceTarget.md @@ -0,0 +1,8 @@ +# JCAPIv2::AuthnPolicyResourceTarget + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | Object ID of the resource target. If undefined, then all resources of the given type are targeted. | [optional] +**type** | **String** | | + diff --git a/jcapiv2/docs/AuthnPolicyTargets.md b/jcapiv2/docs/AuthnPolicyTargets.md new file mode 100644 index 0000000..3fdaccd --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyTargets.md @@ -0,0 +1,10 @@ +# JCAPIv2::AuthnPolicyTargets + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**resources** | [**Array<AuthnPolicyResourceTarget>**](AuthnPolicyResourceTarget.md) | | [optional] +**user_attributes** | [**AuthnPolicyUserAttributeTarget**](AuthnPolicyUserAttributeTarget.md) | | [optional] +**user_groups** | [**AuthnPolicyUserGroupTarget**](AuthnPolicyUserGroupTarget.md) | | [optional] +**users** | [**AuthnPolicyUserTarget**](AuthnPolicyUserTarget.md) | | [optional] + diff --git a/jcapiv2/docs/AuthnPolicyType.md b/jcapiv2/docs/AuthnPolicyType.md new file mode 100644 index 0000000..b7cff0c --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyType.md @@ -0,0 +1,6 @@ +# JCAPIv2::AuthnPolicyType + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/AuthnPolicyUserAttributeFilter.md b/jcapiv2/docs/AuthnPolicyUserAttributeFilter.md new file mode 100644 index 0000000..742827f --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyUserAttributeFilter.md @@ -0,0 +1,9 @@ +# JCAPIv2::AuthnPolicyUserAttributeFilter + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**field** | **String** | The only field that is currently supported is ldap_binding_user | [optional] +**operator** | **String** | | [optional] +**value** | [**AnyValue**](AnyValue.md) | | [optional] + diff --git a/jcapiv2/docs/AuthnPolicyUserAttributeTarget.md b/jcapiv2/docs/AuthnPolicyUserAttributeTarget.md new file mode 100644 index 0000000..eff6ee2 --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyUserAttributeTarget.md @@ -0,0 +1,8 @@ +# JCAPIv2::AuthnPolicyUserAttributeTarget + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**exclusions** | [**Array<AuthnPolicyUserAttributeFilter>**](AuthnPolicyUserAttributeFilter.md) | | [optional] +**inclusions** | [**Array<AuthnPolicyUserAttributeFilter>**](AuthnPolicyUserAttributeFilter.md) | | [optional] + diff --git a/jcapiv2/docs/AuthnPolicyUserGroupTarget.md b/jcapiv2/docs/AuthnPolicyUserGroupTarget.md new file mode 100644 index 0000000..7108cdc --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyUserGroupTarget.md @@ -0,0 +1,8 @@ +# JCAPIv2::AuthnPolicyUserGroupTarget + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**exclusions** | **Array<String>** | | [optional] +**inclusions** | **Array<String>** | | [optional] + diff --git a/jcapiv2/docs/AuthnPolicyUserTarget.md b/jcapiv2/docs/AuthnPolicyUserTarget.md new file mode 100644 index 0000000..340fdaf --- /dev/null +++ b/jcapiv2/docs/AuthnPolicyUserTarget.md @@ -0,0 +1,7 @@ +# JCAPIv2::AuthnPolicyUserTarget + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**inclusions** | **Array<String>** | | [optional] + diff --git a/jcapiv2/docs/AutotaskCompany.md b/jcapiv2/docs/AutotaskCompany.md new file mode 100644 index 0000000..0614fcb --- /dev/null +++ b/jcapiv2/docs/AutotaskCompany.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskCompany + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The autotask company identifier. | +**name** | **String** | The autotask company name. | + diff --git a/jcapiv2/docs/AutotaskCompanyResp.md b/jcapiv2/docs/AutotaskCompanyResp.md new file mode 100644 index 0000000..8086fec --- /dev/null +++ b/jcapiv2/docs/AutotaskCompanyResp.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskCompanyResp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<AutotaskCompany>**](AutotaskCompany.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/AutotaskCompanyTypeResp.md b/jcapiv2/docs/AutotaskCompanyTypeResp.md new file mode 100644 index 0000000..637e37a --- /dev/null +++ b/jcapiv2/docs/AutotaskCompanyTypeResp.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskCompanyTypeResp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<BillingIntegrationCompanyType>**](BillingIntegrationCompanyType.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/AutotaskContract.md b/jcapiv2/docs/AutotaskContract.md new file mode 100644 index 0000000..4d01c7f --- /dev/null +++ b/jcapiv2/docs/AutotaskContract.md @@ -0,0 +1,9 @@ +# JCAPIv2::AutotaskContract + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**company_id** | **String** | The Autotask company identifier linked to contract. | +**id** | **String** | The contract identifier. | +**name** | **String** | The contract name. | + diff --git a/jcapiv2/docs/AutotaskContractField.md b/jcapiv2/docs/AutotaskContractField.md new file mode 100644 index 0000000..114d8c5 --- /dev/null +++ b/jcapiv2/docs/AutotaskContractField.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskContractField + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | The contract field name. | +**values** | [**Array<AutotaskContractFieldValues>**](AutotaskContractFieldValues.md) | | + diff --git a/jcapiv2/docs/AutotaskContractFieldValues.md b/jcapiv2/docs/AutotaskContractFieldValues.md new file mode 100644 index 0000000..5b52a96 --- /dev/null +++ b/jcapiv2/docs/AutotaskContractFieldValues.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskContractFieldValues + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**label** | **String** | | [optional] +**value** | **String** | | [optional] + diff --git a/jcapiv2/docs/AutotaskIntegration.md b/jcapiv2/docs/AutotaskIntegration.md new file mode 100644 index 0000000..829423d --- /dev/null +++ b/jcapiv2/docs/AutotaskIntegration.md @@ -0,0 +1,9 @@ +# JCAPIv2::AutotaskIntegration + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The identifier for this Autotask integration. | +**is_msp_auth_configured** | **BOOLEAN** | Has the msp-api been configured with auth data yet | [optional] +**username** | **String** | The username for connecting to Autotask. | + diff --git a/jcapiv2/docs/AutotaskIntegrationPatchReq.md b/jcapiv2/docs/AutotaskIntegrationPatchReq.md new file mode 100644 index 0000000..854898d --- /dev/null +++ b/jcapiv2/docs/AutotaskIntegrationPatchReq.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskIntegrationPatchReq + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**secret** | **String** | The secret for connecting to Autotask. | [optional] +**username** | **String** | The username for connecting to Autotask. | [optional] + diff --git a/jcapiv2/docs/AutotaskIntegrationReq.md b/jcapiv2/docs/AutotaskIntegrationReq.md new file mode 100644 index 0000000..3717608 --- /dev/null +++ b/jcapiv2/docs/AutotaskIntegrationReq.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskIntegrationReq + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**secret** | **String** | The secret for connecting to Autotask. | +**username** | **String** | The username for connecting to Autotask. | + diff --git a/jcapiv2/docs/AutotaskMappingRequest.md b/jcapiv2/docs/AutotaskMappingRequest.md new file mode 100644 index 0000000..6c89ce9 --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingRequest.md @@ -0,0 +1,7 @@ +# JCAPIv2::AutotaskMappingRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**data** | [**Array<AutotaskMappingRequestData>**](AutotaskMappingRequestData.md) | | [optional] + diff --git a/jcapiv2/docs/AutotaskMappingRequestCompany.md b/jcapiv2/docs/AutotaskMappingRequestCompany.md new file mode 100644 index 0000000..c44e8d2 --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingRequestCompany.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskMappingRequestCompany + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | +**name** | **String** | | + diff --git a/jcapiv2/docs/AutotaskMappingRequestContract.md b/jcapiv2/docs/AutotaskMappingRequestContract.md new file mode 100644 index 0000000..8545783 --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingRequestContract.md @@ -0,0 +1,6 @@ +# JCAPIv2::AutotaskMappingRequestContract + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/AutotaskMappingRequestData.md b/jcapiv2/docs/AutotaskMappingRequestData.md new file mode 100644 index 0000000..770a5f6 --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingRequestData.md @@ -0,0 +1,11 @@ +# JCAPIv2::AutotaskMappingRequestData + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**company** | [**AutotaskMappingRequestCompany**](AutotaskMappingRequestCompany.md) | | +**contract** | [**AutotaskMappingRequestContract**](AutotaskMappingRequestContract.md) | | [optional] +**delete** | **BOOLEAN** | | [optional] +**organization** | [**AutotaskMappingRequestOrganization**](AutotaskMappingRequestOrganization.md) | | +**service** | [**AutotaskMappingRequestService**](AutotaskMappingRequestService.md) | | [optional] + diff --git a/jcapiv2/docs/AutotaskMappingRequestOrganization.md b/jcapiv2/docs/AutotaskMappingRequestOrganization.md new file mode 100644 index 0000000..582c8bb --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingRequestOrganization.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskMappingRequestOrganization + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | +**name** | **String** | | + diff --git a/jcapiv2/docs/AutotaskMappingRequestService.md b/jcapiv2/docs/AutotaskMappingRequestService.md new file mode 100644 index 0000000..866b84f --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingRequestService.md @@ -0,0 +1,6 @@ +# JCAPIv2::AutotaskMappingRequestService + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/AutotaskMappingResponse.md b/jcapiv2/docs/AutotaskMappingResponse.md new file mode 100644 index 0000000..83e715b --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingResponse.md @@ -0,0 +1,12 @@ +# JCAPIv2::AutotaskMappingResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**company** | [**AutotaskMappingResponseCompany**](AutotaskMappingResponseCompany.md) | | [optional] +**contract** | [**AutotaskMappingResponseContract**](AutotaskMappingResponseContract.md) | | [optional] +**last_sync_date_time** | **String** | | [optional] +**last_sync_status** | **String** | | [optional] +**organization** | [**AutotaskMappingResponseOrganization**](AutotaskMappingResponseOrganization.md) | | [optional] +**service** | [**AutotaskMappingResponseService**](AutotaskMappingResponseService.md) | | [optional] + diff --git a/jcapiv2/docs/AutotaskMappingResponseCompany.md b/jcapiv2/docs/AutotaskMappingResponseCompany.md new file mode 100644 index 0000000..d55fcc0 --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingResponseCompany.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskMappingResponseCompany + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/AutotaskMappingResponseContract.md b/jcapiv2/docs/AutotaskMappingResponseContract.md new file mode 100644 index 0000000..c60d153 --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingResponseContract.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskMappingResponseContract + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/AutotaskMappingResponseOrganization.md b/jcapiv2/docs/AutotaskMappingResponseOrganization.md new file mode 100644 index 0000000..41e3bcf --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingResponseOrganization.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskMappingResponseOrganization + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/AutotaskMappingResponseService.md b/jcapiv2/docs/AutotaskMappingResponseService.md new file mode 100644 index 0000000..bdcd222 --- /dev/null +++ b/jcapiv2/docs/AutotaskMappingResponseService.md @@ -0,0 +1,9 @@ +# JCAPIv2::AutotaskMappingResponseService + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | [optional] +**name** | **String** | | [optional] +**non_billable_users** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/AutotaskService.md b/jcapiv2/docs/AutotaskService.md new file mode 100644 index 0000000..1c00fb7 --- /dev/null +++ b/jcapiv2/docs/AutotaskService.md @@ -0,0 +1,9 @@ +# JCAPIv2::AutotaskService + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**contract_id** | **String** | The autotask contract identifier linked to this contract service. | +**id** | **String** | The contract service identifier. | +**name** | **String** | The autotask service name linked to this contract service. | + diff --git a/jcapiv2/docs/AutotaskSettings.md b/jcapiv2/docs/AutotaskSettings.md new file mode 100644 index 0000000..9c27a82 --- /dev/null +++ b/jcapiv2/docs/AutotaskSettings.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskSettings + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**automatic_ticketing** | **BOOLEAN** | Determine whether Autotask uses automatic ticketing | [optional] +**company_type_ids** | **Array<Integer>** | The array of Autotask companyType IDs applicable to the Provider. | [optional] + diff --git a/jcapiv2/docs/AutotaskSettingsPatchReq.md b/jcapiv2/docs/AutotaskSettingsPatchReq.md new file mode 100644 index 0000000..dedd5c4 --- /dev/null +++ b/jcapiv2/docs/AutotaskSettingsPatchReq.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskSettingsPatchReq + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**automatic_ticketing** | **BOOLEAN** | Determine whether Autotask uses automatic ticketing | [optional] +**company_type_ids** | **Array<Integer>** | The array of Autotask companyType IDs applicable to the Provider. | [optional] + diff --git a/jcapiv2/docs/AutotaskTicketingAlertConfiguration.md b/jcapiv2/docs/AutotaskTicketingAlertConfiguration.md new file mode 100644 index 0000000..3ebfccd --- /dev/null +++ b/jcapiv2/docs/AutotaskTicketingAlertConfiguration.md @@ -0,0 +1,18 @@ +# JCAPIv2::AutotaskTicketingAlertConfiguration + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**category** | **String** | | [optional] +**description** | **String** | | [optional] +**destination** | **String** | | [optional] +**display_name** | **String** | | [optional] +**due_days** | **Integer** | | [optional] +**id** | **Integer** | | [optional] +**priority** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**queue** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**resource** | [**AutotaskTicketingAlertConfigurationResource**](AutotaskTicketingAlertConfigurationResource.md) | | [optional] +**should_create_tickets** | **BOOLEAN** | | [optional] +**source** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**status** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] + diff --git a/jcapiv2/docs/AutotaskTicketingAlertConfigurationList.md b/jcapiv2/docs/AutotaskTicketingAlertConfigurationList.md new file mode 100644 index 0000000..e4492d0 --- /dev/null +++ b/jcapiv2/docs/AutotaskTicketingAlertConfigurationList.md @@ -0,0 +1,7 @@ +# JCAPIv2::AutotaskTicketingAlertConfigurationList + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | **Array<AllOfAutotaskTicketingAlertConfigurationListRecordsItems>** | | + diff --git a/jcapiv2/docs/AutotaskTicketingAlertConfigurationOption.md b/jcapiv2/docs/AutotaskTicketingAlertConfigurationOption.md new file mode 100644 index 0000000..60ee194 --- /dev/null +++ b/jcapiv2/docs/AutotaskTicketingAlertConfigurationOption.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskTicketingAlertConfigurationOption + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | | [optional] +**values** | [**Array<AutotaskTicketingAlertConfigurationOptionValues>**](AutotaskTicketingAlertConfigurationOptionValues.md) | | [optional] + diff --git a/jcapiv2/docs/AutotaskTicketingAlertConfigurationOptionValues.md b/jcapiv2/docs/AutotaskTicketingAlertConfigurationOptionValues.md new file mode 100644 index 0000000..3cd8788 --- /dev/null +++ b/jcapiv2/docs/AutotaskTicketingAlertConfigurationOptionValues.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskTicketingAlertConfigurationOptionValues + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**label** | **String** | | [optional] +**value** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/AutotaskTicketingAlertConfigurationOptions.md b/jcapiv2/docs/AutotaskTicketingAlertConfigurationOptions.md new file mode 100644 index 0000000..3a92752 --- /dev/null +++ b/jcapiv2/docs/AutotaskTicketingAlertConfigurationOptions.md @@ -0,0 +1,8 @@ +# JCAPIv2::AutotaskTicketingAlertConfigurationOptions + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**options** | [**Array<AutotaskTicketingAlertConfigurationOption>**](AutotaskTicketingAlertConfigurationOption.md) | | [optional] +**resources** | [**Array<AutotaskTicketingAlertConfigurationResource>**](AutotaskTicketingAlertConfigurationResource.md) | | [optional] + diff --git a/jcapiv2/docs/UserGroupAttributesPosixGroups.md b/jcapiv2/docs/AutotaskTicketingAlertConfigurationPriority.md similarity index 77% rename from jcapiv2/docs/UserGroupAttributesPosixGroups.md rename to jcapiv2/docs/AutotaskTicketingAlertConfigurationPriority.md index 93235e2..3c6dafb 100644 --- a/jcapiv2/docs/UserGroupAttributesPosixGroups.md +++ b/jcapiv2/docs/AutotaskTicketingAlertConfigurationPriority.md @@ -1,4 +1,4 @@ -# JCAPIv2::UserGroupAttributesPosixGroups +# JCAPIv2::AutotaskTicketingAlertConfigurationPriority ## Properties Name | Type | Description | Notes @@ -6,4 +6,3 @@ Name | Type | Description | Notes **id** | **Integer** | | [optional] **name** | **String** | | [optional] - diff --git a/jcapiv2/docs/AutotaskTicketingAlertConfigurationRequest.md b/jcapiv2/docs/AutotaskTicketingAlertConfigurationRequest.md new file mode 100644 index 0000000..ef9d1e0 --- /dev/null +++ b/jcapiv2/docs/AutotaskTicketingAlertConfigurationRequest.md @@ -0,0 +1,14 @@ +# JCAPIv2::AutotaskTicketingAlertConfigurationRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**destination** | **String** | | +**due_days** | **Integer** | | +**priority** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | +**queue** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**resource** | [**AutotaskTicketingAlertConfigurationResource**](AutotaskTicketingAlertConfigurationResource.md) | | [optional] +**should_create_tickets** | **BOOLEAN** | | +**source** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**status** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | + diff --git a/jcapiv2/docs/AutotaskTicketingAlertConfigurationResource.md b/jcapiv2/docs/AutotaskTicketingAlertConfigurationResource.md new file mode 100644 index 0000000..833c3e5 --- /dev/null +++ b/jcapiv2/docs/AutotaskTicketingAlertConfigurationResource.md @@ -0,0 +1,9 @@ +# JCAPIv2::AutotaskTicketingAlertConfigurationResource + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **Integer** | | [optional] +**name** | **String** | | [optional] +**role** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] + diff --git a/jcapiv2/docs/BillingIntegrationCompanyType.md b/jcapiv2/docs/BillingIntegrationCompanyType.md new file mode 100644 index 0000000..42969d9 --- /dev/null +++ b/jcapiv2/docs/BillingIntegrationCompanyType.md @@ -0,0 +1,8 @@ +# JCAPIv2::BillingIntegrationCompanyType + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | [**BigDecimal**](BigDecimal.md) | The company type identifier. | +**name** | **String** | The company type name. | + diff --git a/jcapiv2/docs/Body.md b/jcapiv2/docs/Body.md deleted file mode 100644 index b6add20..0000000 --- a/jcapiv2/docs/Body.md +++ /dev/null @@ -1,8 +0,0 @@ -# JCAPIv2::Body - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**name** | **String** | The name used to identify this AppleMDM. | [optional] - - diff --git a/jcapiv2/docs/BulkJobRequestsApi.md b/jcapiv2/docs/BulkJobRequestsApi.md index f0265fd..05df61b 100644 --- a/jcapiv2/docs/BulkJobRequestsApi.md +++ b/jcapiv2/docs/BulkJobRequestsApi.md @@ -4,19 +4,22 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- +[**bulk_user_expires**](BulkJobRequestsApi.md#bulk_user_expires) | **POST** /bulk/user/expires | Bulk Expire Users +[**bulk_user_states_create**](BulkJobRequestsApi.md#bulk_user_states_create) | **POST** /bulk/userstates | Create Scheduled Userstate Job +[**bulk_user_states_delete**](BulkJobRequestsApi.md#bulk_user_states_delete) | **DELETE** /bulk/userstates/{id} | Delete Scheduled Userstate Job +[**bulk_user_states_get_next_scheduled**](BulkJobRequestsApi.md#bulk_user_states_get_next_scheduled) | **GET** /bulk/userstates/eventlist/next | Get the next scheduled state change for a list of users +[**bulk_user_states_list**](BulkJobRequestsApi.md#bulk_user_states_list) | **GET** /bulk/userstates | List Scheduled Userstate Change Jobs +[**bulk_user_unlocks**](BulkJobRequestsApi.md#bulk_user_unlocks) | **POST** /bulk/user/unlocks | Bulk Unlock Users [**bulk_users_create**](BulkJobRequestsApi.md#bulk_users_create) | **POST** /bulk/users | Bulk Users Create [**bulk_users_create_results**](BulkJobRequestsApi.md#bulk_users_create_results) | **GET** /bulk/users/{job_id}/results | List Bulk Users Results [**bulk_users_update**](BulkJobRequestsApi.md#bulk_users_update) | **PATCH** /bulk/users | Bulk Users Update -[**jobs_get**](BulkJobRequestsApi.md#jobs_get) | **GET** /jobs/{id} | Get Job (incomplete) -[**jobs_results**](BulkJobRequestsApi.md#jobs_results) | **GET** /jobs/{id}/results | List Job Results +# **bulk_user_expires** +> JobId bulk_user_expires(opts) -# **bulk_users_create** -> JobId bulk_users_create(content_type, accept, opts) - -Bulk Users Create +Bulk Expire Users -The endpoint allows you to create a bulk job to asynchronously create users. See [Create a System User](https://docs.jumpcloud.com/1.0/systemusers/create-a-system-user) for full list of attributes. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ {\"name\":\"EmployeeID\",\"value\":\"0000\"}, {\"name\":\"Custom\",\"value\":\"attribute\"} ] } ] ``` +The endpoint allows you to start a bulk job to asynchronously expire users. ### Example ```ruby @@ -31,22 +34,73 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::BulkJobRequestsApi.new +opts = { + body: [JCAPIv2::BulkUserExpire.new] # Array | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Bulk Expire Users + result = api_instance.bulk_user_expires(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_user_expires: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**Array<BulkUserExpire>**](BulkUserExpire.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**JobId**](JobId.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + -content_type = "application/json" # String | +# **bulk_user_states_create** +> Array<ScheduledUserstateResult> bulk_user_states_create(opts) -accept = "application/json" # String | +Create Scheduled Userstate Job +This endpoint allows you to create scheduled statechange jobs. #### Sample Request ``` curl -X POST \"https://console.jumpcloud.com/api/v2/bulk/userstates\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -d '{ \"user_ids\": [\"{User_ID_1}\", \"{User_ID_2}\", \"{User_ID_3}\"], \"state\": \"SUSPENDED\", \"start_date\": \"2000-01-01T00:00:00.000Z\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new opts = { - body: [JCAPIv2::BulkUserCreate.new], # Array | - x_org_id: "" # String | + body: JCAPIv2::BulkScheduledStatechangeCreate.new # BulkScheduledStatechangeCreate | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Bulk Users Create - result = api_instance.bulk_users_create(content_type, accept, opts) + #Create Scheduled Userstate Job + result = api_instance.bulk_user_states_create(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling BulkJobRequestsApi->bulk_users_create: #{e}" + puts "Exception when calling BulkJobRequestsApi->bulk_user_states_create: #{e}" end ``` @@ -54,14 +108,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Array<BulkUserCreate>**](BulkUserCreate.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**BulkScheduledStatechangeCreate**](BulkScheduledStatechangeCreate.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**JobId**](JobId.md) +[**Array<ScheduledUserstateResult>**](ScheduledUserstateResult.md) ### Authorization @@ -74,12 +126,12 @@ Name | Type | Description | Notes -# **bulk_users_create_results** -> Array<JobWorkresult> bulk_users_create_results(job_id, content_type, accept, opts) +# **bulk_user_states_delete** +> bulk_user_states_delete(id, opts) -List Bulk Users Results +Delete Scheduled Userstate Job -This endpoint will return the results of particular user import or update job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/bulk/users/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint deletes a scheduled statechange job. #### Sample Request ``` curl -X DELETE \"https://console.jumpcloud.com/api/v2/bulk/userstates/{ScheduledJob_ID}\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' ``` ### Example ```ruby @@ -94,25 +146,73 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::BulkJobRequestsApi.new +id = 'id_example' # String | Unique identifier of the scheduled statechange job. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} -job_id = "job_id_example" # String | +begin + #Delete Scheduled Userstate Job + api_instance.bulk_user_states_delete(id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_user_states_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| Unique identifier of the scheduled statechange job. | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type -content_type = "application/json" # String | +nil (empty response body) -accept = "application/json" # String | +### Authorization + +[x-api-key](../README.md#x-api-key) +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **bulk_user_states_get_next_scheduled** +> InlineResponse200 bulk_user_states_get_next_scheduled(users, opts) + +Get the next scheduled state change for a list of users + +This endpoint is used to lookup the next upcoming scheduled state change for each user in the given list. The users parameter is limited to 100 items per request. The results are also limited to 100 items. This endpoint returns a max of 1 event per state per user. For example, if a user has 3 ACTIVATED events scheduled it will return the next upcoming activation event. However, if a user also has a SUSPENDED event scheduled along with the ACTIVATED events it will return the next upcoming activation event _and_ the next upcoming suspension event. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +users = ['users_example'] # Array | A list of system user IDs, limited to 100 items. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + skip: 0 # Integer | The offset into the records to return. } begin - #List Bulk Users Results - result = api_instance.bulk_users_create_results(job_id, content_type, accept, opts) + #Get the next scheduled state change for a list of users + result = api_instance.bulk_user_states_get_next_scheduled(users, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling BulkJobRequestsApi->bulk_users_create_results: #{e}" + puts "Exception when calling BulkJobRequestsApi->bulk_user_states_get_next_scheduled: #{e}" end ``` @@ -120,16 +220,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **job_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **users** | [**Array<String>**](String.md)| A list of system user IDs, limited to 100 items. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] ### Return type -[**Array<JobWorkresult>**](JobWorkresult.md) +[**InlineResponse200**](InlineResponse200.md) ### Authorization @@ -137,17 +234,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **bulk_users_update** -> JobId bulk_users_update(content_type, accept, opts) +# **bulk_user_states_list** +> Array<ScheduledUserstateResult> bulk_user_states_list(opts) -Bulk Users Update +List Scheduled Userstate Change Jobs -The endpoint allows you to create a bulk job to asynchronously update users. See [Update a System User](https://docs.jumpcloud.com/1.0/systemusers/update-a-system-user) for full list of attributes. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"department\":\"{UPDATED_DEPARTMENT}\", \"attributes\":[ {\"name\":\"Custom\",\"value\":\"{ATTRIBUTE_VALUE}\"} ] }, { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"costCenter\":\"{UPDATED_COST_CENTER}\", \"phoneNumbers\":[ {\"type\":\"home\",\"number\":\"{HOME_PHONE_NUMBER}\"}, {\"type\":\"work\",\"number\":\"{WORK_PHONE_NUMBER}\"} ] } ] ``` +The endpoint allows you to list scheduled statechange jobs. #### Sample Request ``` curl -X GET \"https://console.jumpcloud.com/api/v2/bulk/userstates\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' ``` ### Example ```ruby @@ -162,22 +259,79 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::BulkJobRequestsApi.new +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + userid: 'userid_example' # String | The systemuser id to filter by. +} + +begin + #List Scheduled Userstate Change Jobs + result = api_instance.bulk_user_states_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_user_states_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **userid** | **String**| The systemuser id to filter by. | [optional] + +### Return type + +[**Array<ScheduledUserstateResult>**](ScheduledUserstateResult.md) -content_type = "application/json" # String | +### Authorization + +[x-api-key](../README.md#x-api-key) -accept = "application/json" # String | +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **bulk_user_unlocks** +> JobId bulk_user_unlocks(opts) + +Bulk Unlock Users + +The endpoint allows you to start a bulk job to asynchronously unlock users. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::BulkJobRequestsApi.new opts = { - body: [JCAPIv2::BulkUserUpdate.new], # Array | - x_org_id: "" # String | + body: [JCAPIv2::BulkUserUnlock.new] # Array | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Bulk Users Update - result = api_instance.bulk_users_update(content_type, accept, opts) + #Bulk Unlock Users + result = api_instance.bulk_user_unlocks(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling BulkJobRequestsApi->bulk_users_update: #{e}" + puts "Exception when calling BulkJobRequestsApi->bulk_user_unlocks: #{e}" end ``` @@ -185,10 +339,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Array<BulkUserUpdate>**](BulkUserUpdate.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**Array<BulkUserUnlock>**](BulkUserUnlock.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -205,12 +357,12 @@ Name | Type | Description | Notes -# **jobs_get** -> JobDetails jobs_get(id, content_type, accept, opts) +# **bulk_users_create** +> JobId bulk_users_create(opts) -Get Job (incomplete) +Bulk Users Create -**This endpoint is not complete and should remain hidden as it's not functional yet.** +The endpoint allows you to create a bulk job to asynchronously create users. See [Create a System User](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_post) for the full list of attributes. #### Default User State The `state` of each user in the request can be explicitly passed in or omitted. If `state` is omitted, then the user will get created using the value returned from the [Get an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organizations_get) endpoint. The default user state for bulk created users depends on the `creation-source` header. For `creation-source:jumpcloud:bulk` the default state is stored in `settings.newSystemUserStateDefaults.csvImport`. For other `creation-source` header values, the default state is stored in `settings.newSystemUserStateDefaults.applicationImport` These default state values can be changed in the admin portal settings or by using the [Update an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organization_put) endpoint. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ { \"name\":\"EmployeeID\", \"value\":\"0000\" }, { \"name\":\"Custom\", \"value\":\"attribute\" } ] } ]' ``` ### Example ```ruby @@ -225,23 +377,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::BulkJobRequestsApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - x_org_id: "" # String | + body: [JCAPIv2::BulkUserCreate.new] # Array | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. + creation_source: 'jumpcloud:bulk' # String | Defines the creation-source header for gapps, o365 and workdays requests. If the header isn't sent, the default value is `jumpcloud:bulk`, if you send the header with a malformed value you receive a 400 error. } begin - #Get Job (incomplete) - result = api_instance.jobs_get(id, content_type, accept, opts) + #Bulk Users Create + result = api_instance.bulk_users_create(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling BulkJobRequestsApi->jobs_get: #{e}" + puts "Exception when calling BulkJobRequestsApi->bulk_users_create: #{e}" end ``` @@ -249,14 +396,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**Array<BulkUserCreate>**](BulkUserCreate.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **creation_source** | **String**| Defines the creation-source header for gapps, o365 and workdays requests. If the header isn't sent, the default value is `jumpcloud:bulk`, if you send the header with a malformed value you receive a 400 error. | [optional] [default to jumpcloud:bulk] ### Return type -[**JobDetails**](JobDetails.md) +[**JobId**](JobId.md) ### Authorization @@ -269,12 +415,12 @@ Name | Type | Description | Notes -# **jobs_results** -> Array<JobWorkresult> jobs_results(id, content_type, accept, opts) +# **bulk_users_create_results** +> Array<JobWorkresult> bulk_users_create_results(job_id, opts) -List Job Results +List Bulk Users Results -This endpoint will return the results of particular import job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/jobs/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return the results of particular user import or update job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/bulk/users/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -289,25 +435,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::BulkJobRequestsApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +job_id = 'job_id_example' # String | opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List Job Results - result = api_instance.jobs_results(id, content_type, accept, opts) + #List Bulk Users Results + result = api_instance.bulk_users_create_results(job_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling BulkJobRequestsApi->jobs_results: #{e}" + puts "Exception when calling BulkJobRequestsApi->bulk_users_create_results: #{e}" end ``` @@ -315,12 +455,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **job_id** | **String**| | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -330,6 +468,62 @@ Name | Type | Description | Notes [x-api-key](../README.md#x-api-key) +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **bulk_users_update** +> JobId bulk_users_update(opts) + +Bulk Users Update + +The endpoint allows you to create a bulk job to asynchronously update users. See [Update a System User](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_put) for full list of attributes. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"department\":\"{UPDATED_DEPARTMENT}\", \"attributes\":[ {\"name\":\"Custom\",\"value\":\"{ATTRIBUTE_VALUE}\"} ] }, { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"costCenter\":\"{UPDATED_COST_CENTER}\", \"phoneNumbers\":[ {\"type\":\"home\",\"number\":\"{HOME_PHONE_NUMBER}\"}, {\"type\":\"work\",\"number\":\"{WORK_PHONE_NUMBER}\"} ] } ] ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::BulkJobRequestsApi.new +opts = { + body: [JCAPIv2::BulkUserUpdate.new] # Array | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Bulk Users Update + result = api_instance.bulk_users_update(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling BulkJobRequestsApi->bulk_users_update: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**Array<BulkUserUpdate>**](BulkUserUpdate.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**JobId**](JobId.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + ### HTTP request headers - **Content-Type**: application/json diff --git a/jcapiv2/docs/BulkScheduledStatechangeCreate.md b/jcapiv2/docs/BulkScheduledStatechangeCreate.md new file mode 100644 index 0000000..491d9f6 --- /dev/null +++ b/jcapiv2/docs/BulkScheduledStatechangeCreate.md @@ -0,0 +1,11 @@ +# JCAPIv2::BulkScheduledStatechangeCreate + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**activation_email_override** | **String** | Send the activation or welcome email to the specified email address upon activation. Can only be used with a single user_id and scheduled activation. This field will be ignored if `send_activation_emails` is explicitly set to false. | [optional] +**send_activation_emails** | **BOOLEAN** | Set to true to send activation or welcome email(s) to each user_id upon activation. Set to false to suppress emails. Can only be used with scheduled activation(s). | [optional] +**start_date** | **DateTime** | Date and time that scheduled action should occur | +**state** | **String** | The state to move the user(s) to | +**user_ids** | **Array<String>** | Array of system user ids to schedule for a state change | + diff --git a/jcapiv2/docs/BulkUserCreate.md b/jcapiv2/docs/BulkUserCreate.md index 8c5a5e1..10fe76f 100644 --- a/jcapiv2/docs/BulkUserCreate.md +++ b/jcapiv2/docs/BulkUserCreate.md @@ -9,4 +9,3 @@ Name | Type | Description | Notes **lastname** | **String** | | [optional] **username** | **String** | | [optional] - diff --git a/jcapiv2/docs/BulkUserExpire.md b/jcapiv2/docs/BulkUserExpire.md new file mode 100644 index 0000000..a3ae4a9 --- /dev/null +++ b/jcapiv2/docs/BulkUserExpire.md @@ -0,0 +1,9 @@ +# JCAPIv2::BulkUserExpire + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**attributes** | **Array<Object>** | Map of additional attributes. | [optional] +**id** | **String** | Object ID of the systemuser to expire | [optional] +**organization** | **String** | The identifier for an organization to link this systemuser to | [optional] + diff --git a/jcapiv2/docs/BulkUserUnlock.md b/jcapiv2/docs/BulkUserUnlock.md new file mode 100644 index 0000000..51b3f8b --- /dev/null +++ b/jcapiv2/docs/BulkUserUnlock.md @@ -0,0 +1,9 @@ +# JCAPIv2::BulkUserUnlock + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**attributes** | **Array<Object>** | Map of additional attributes. | [optional] +**id** | **String** | Object ID of the systemuser to unlock | [optional] +**organization** | **String** | The identifier for an organization to link this systemuser | [optional] + diff --git a/jcapiv2/docs/BulkUserUpdate.md b/jcapiv2/docs/BulkUserUpdate.md index 74b7225..7652f10 100644 --- a/jcapiv2/docs/BulkUserUpdate.md +++ b/jcapiv2/docs/BulkUserUpdate.md @@ -6,8 +6,8 @@ Name | Type | Description | Notes **attributes** | **Array<Object>** | Map of additional attributes. | [optional] **email** | **String** | | [optional] **firstname** | **String** | | [optional] -**id** | **String** | Object ID of the systemuser being updated | [optional] +**id** | **String** | Object ID of the user being updated | [optional] **lastname** | **String** | | [optional] +**organization** | **String** | Organization object id of the user | [optional] **username** | **String** | | [optional] - diff --git a/jcapiv2/docs/CasesResponse.md b/jcapiv2/docs/CasesResponse.md new file mode 100644 index 0000000..1ddab9a --- /dev/null +++ b/jcapiv2/docs/CasesResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::CasesResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<ModelCase>**](ModelCase.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/CommandResultList.md b/jcapiv2/docs/CommandResultList.md new file mode 100644 index 0000000..a72e2f6 --- /dev/null +++ b/jcapiv2/docs/CommandResultList.md @@ -0,0 +1,8 @@ +# JCAPIv2::CommandResultList + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<CommandResultListResults>**](CommandResultListResults.md) | | [optional] +**total_count** | **Integer** | The total number of command results | [optional] + diff --git a/jcapiv2/docs/CommandResultListResults.md b/jcapiv2/docs/CommandResultListResults.md new file mode 100644 index 0000000..bb469b0 --- /dev/null +++ b/jcapiv2/docs/CommandResultListResults.md @@ -0,0 +1,11 @@ +# JCAPIv2::CommandResultListResults + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**command** | **String** | The ID of the command, from savedAgentCommands. | [optional] +**completed_count** | **Integer** | The number of devices that we do have results from. | [optional] +**id** | **String** | The workflowInstanceId. | [optional] +**pending_count** | **Integer** | The number of devices that we haven't received results from. | [optional] +**system** | **String** | The ID of the device the command is bound to. | [optional] + diff --git a/jcapiv2/docs/CommandResultsApi.md b/jcapiv2/docs/CommandResultsApi.md new file mode 100644 index 0000000..87f018e --- /dev/null +++ b/jcapiv2/docs/CommandResultsApi.md @@ -0,0 +1,68 @@ +# JCAPIv2::CommandResultsApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**commands_list_results_by_workflow**](CommandResultsApi.md#commands_list_results_by_workflow) | **GET** /commandresult/workflows | List all Command Results by Workflow + +# **commands_list_results_by_workflow** +> CommandResultList commands_list_results_by_workflow(opts) + +List all Command Results by Workflow + +This endpoint returns all command results, grouped by workflowInstanceId. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commandresult/workflows \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CommandResultsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List all Command Results by Workflow + result = api_instance.commands_list_results_by_workflow(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CommandResultsApi->commands_list_results_by_workflow: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**CommandResultList**](CommandResultList.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/CommandsApi.md b/jcapiv2/docs/CommandsApi.md index e2f1e76..8600624 100644 --- a/jcapiv2/docs/CommandsApi.md +++ b/jcapiv2/docs/CommandsApi.md @@ -4,18 +4,74 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- +[**commands_cancel_queued_commands_by_workflow_instance_id**](CommandsApi.md#commands_cancel_queued_commands_by_workflow_instance_id) | **DELETE** /commandqueue/{workflow_instance_id} | Cancel all queued commands for an organization by workflow instance Id +[**commands_get_queued_commands_by_workflow**](CommandsApi.md#commands_get_queued_commands_by_workflow) | **GET** /queuedcommand/workflows | Fetch the queued Commands for an Organization [**graph_command_associations_list**](CommandsApi.md#graph_command_associations_list) | **GET** /commands/{command_id}/associations | List the associations of a Command [**graph_command_associations_post**](CommandsApi.md#graph_command_associations_post) | **POST** /commands/{command_id}/associations | Manage the associations of a Command [**graph_command_traverse_system**](CommandsApi.md#graph_command_traverse_system) | **GET** /commands/{command_id}/systems | List the Systems bound to a Command [**graph_command_traverse_system_group**](CommandsApi.md#graph_command_traverse_system_group) | **GET** /commands/{command_id}/systemgroups | List the System Groups bound to a Command +# **commands_cancel_queued_commands_by_workflow_instance_id** +> commands_cancel_queued_commands_by_workflow_instance_id(workflow_instance_id, opts) -# **graph_command_associations_list** -> Array<GraphConnection> graph_command_associations_list(command_id, targets, content_type, accept, opts) +Cancel all queued commands for an organization by workflow instance Id -List the associations of a Command +This endpoint allows all queued commands for one workflow instance to be canceled. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/commandqueue/{workflow_instance_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` -This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CommandsApi.new +workflow_instance_id = 'workflow_instance_id_example' # String | Workflow instance Id of the queued commands to cancel. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Cancel all queued commands for an organization by workflow instance Id + api_instance.commands_cancel_queued_commands_by_workflow_instance_id(workflow_instance_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling CommandsApi->commands_cancel_queued_commands_by_workflow_instance_id: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **workflow_instance_id** | **String**| Workflow instance Id of the queued commands to cancel. | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **commands_get_queued_commands_by_workflow** +> QueuedCommandList commands_get_queued_commands_by_workflow(opts) + +Fetch the queued Commands for an Organization + +This endpoint will return all queued Commands for an Organization. Each element will contain the workflow ID, the command name, the launch type (e.g. manual, triggered, or scheduled), the target OS, the number of assigned devices, and the number of pending devices that have not yet ran the command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/queuedcommand/workflows \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -30,24 +86,81 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::CommandsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + search: 'search_example' # String | The search string to query records +} + +begin + #Fetch the queued Commands for an Organization + result = api_instance.commands_get_queued_commands_by_workflow(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CommandsApi->commands_get_queued_commands_by_workflow: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **search** | **String**| The search string to query records | [optional] + +### Return type + +[**QueuedCommandList**](QueuedCommandList.md) + +### Authorization -command_id = "command_id_example" # String | ObjectID of the Command. +[x-api-key](../README.md#x-api-key) + +### HTTP request headers -targets = ["targets_example"] # Array | + - **Content-Type**: Not defined + - **Accept**: application/json -content_type = "application/json" # String | -accept = "application/json" # String | +# **graph_command_associations_list** +> Array<GraphConnection> graph_command_associations_list(command_id, targets, opts) + +List the associations of a Command + +This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CommandsApi.new +command_id = 'command_id_example' # String | ObjectID of the Command. +targets = ['targets_example'] # Array | Targets which a \"command\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a Command - result = api_instance.graph_command_associations_list(command_id, targets, content_type, accept, opts) + result = api_instance.graph_command_associations_list(command_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling CommandsApi->graph_command_associations_list: #{e}" @@ -59,12 +172,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **command_id** | **String**| ObjectID of the Command. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"command\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -76,17 +187,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_command_associations_post** -> graph_command_associations_post(command_id, content_type, accept, opts) +> graph_command_associations_post(command_id, opts) Manage the associations of a Command -This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` +This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` ### Example ```ruby @@ -101,21 +212,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::CommandsApi.new - -command_id = "command_id_example" # String | ObjectID of the Command. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +command_id = 'command_id_example' # String | ObjectID of the Command. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationCommand.new # GraphOperationCommand | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a Command - api_instance.graph_command_associations_post(command_id, content_type, accept, opts) + api_instance.graph_command_associations_post(command_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling CommandsApi->graph_command_associations_post: #{e}" end @@ -126,10 +231,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **command_id** | **String**| ObjectID of the Command. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationCommand**](GraphOperationCommand.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -142,12 +245,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_command_traverse_system** -> Array<GraphObjectWithPaths> graph_command_traverse_system(command_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_command_traverse_system(command_id, opts) List the Systems bound to a Command @@ -166,23 +269,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::CommandsApi.new - -command_id = "command_id_example" # String | ObjectID of the Command. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +command_id = 'command_id_example' # String | ObjectID of the Command. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Systems bound to a Command - result = api_instance.graph_command_traverse_system(command_id, content_type, accept, opts) + result = api_instance.graph_command_traverse_system(command_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling CommandsApi->graph_command_traverse_system: #{e}" @@ -194,12 +291,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **command_id** | **String**| ObjectID of the Command. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -211,13 +306,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_command_traverse_system_group** -> Array<GraphObjectWithPaths> graph_command_traverse_system_group(command_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_command_traverse_system_group(command_id, opts) List the System Groups bound to a Command @@ -236,23 +331,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::CommandsApi.new - -command_id = "command_id_example" # String | ObjectID of the Command. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +command_id = 'command_id_example' # String | ObjectID of the Command. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the System Groups bound to a Command - result = api_instance.graph_command_traverse_system_group(command_id, content_type, accept, opts) + result = api_instance.graph_command_traverse_system_group(command_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling CommandsApi->graph_command_traverse_system_group: #{e}" @@ -264,12 +353,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **command_id** | **String**| ObjectID of the Command. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -281,7 +368,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/CommandsGraphObjectWithPaths.md b/jcapiv2/docs/CommandsGraphObjectWithPaths.md new file mode 100644 index 0000000..a4ebeec --- /dev/null +++ b/jcapiv2/docs/CommandsGraphObjectWithPaths.md @@ -0,0 +1,19 @@ +# JCAPIv2::CommandsGraphObjectWithPaths + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**command** | **String** | | [optional] +**command_type** | **String** | | [optional] +**compiled_attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**id** | **String** | Object ID of this graph object. | +**launch_type** | **String** | | [optional] +**name** | **String** | | [optional] +**organization** | **String** | | [optional] +**paths** | **Array<Array<GraphConnection>>** | A path through the graph between two graph objects. | +**schedule** | **String** | | [optional] +**schedule_repeat_type** | **String** | | [optional] +**time_to_live_seconds** | **Integer** | | [optional] +**timeout** | **String** | | [optional] +**type** | [**GraphType**](GraphType.md) | | + diff --git a/jcapiv2/docs/ConfiguredPolicyTemplate.md b/jcapiv2/docs/ConfiguredPolicyTemplate.md new file mode 100644 index 0000000..69671ea --- /dev/null +++ b/jcapiv2/docs/ConfiguredPolicyTemplate.md @@ -0,0 +1,10 @@ +# JCAPIv2::ConfiguredPolicyTemplate + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | [optional] +**name** | **String** | | [optional] +**policy_template_id** | **String** | | [optional] +**values** | [**Array<ConfiguredPolicyTemplateValue>**](ConfiguredPolicyTemplateValue.md) | | [optional] + diff --git a/jcapiv2/docs/ConfiguredPolicyTemplateValue.md b/jcapiv2/docs/ConfiguredPolicyTemplateValue.md new file mode 100644 index 0000000..fd60d8c --- /dev/null +++ b/jcapiv2/docs/ConfiguredPolicyTemplateValue.md @@ -0,0 +1,9 @@ +# JCAPIv2::ConfiguredPolicyTemplateValue + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**config_field_id** | **String** | The ObjectId of the corresponding Policy Template configuration field. | [optional] +**name** | **String** | | [optional] +**value** | **Object** | The value of this Configured Policy Template Value | [optional] + diff --git a/jcapiv2/docs/ConnectWiseMappingRequest.md b/jcapiv2/docs/ConnectWiseMappingRequest.md new file mode 100644 index 0000000..7ed8858 --- /dev/null +++ b/jcapiv2/docs/ConnectWiseMappingRequest.md @@ -0,0 +1,7 @@ +# JCAPIv2::ConnectWiseMappingRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**data** | [**Array<ConnectWiseMappingRequestData>**](ConnectWiseMappingRequestData.md) | | [optional] + diff --git a/jcapiv2/docs/ConnectWiseMappingRequestCompany.md b/jcapiv2/docs/ConnectWiseMappingRequestCompany.md new file mode 100644 index 0000000..177b973 --- /dev/null +++ b/jcapiv2/docs/ConnectWiseMappingRequestCompany.md @@ -0,0 +1,8 @@ +# JCAPIv2::ConnectWiseMappingRequestCompany + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | +**name** | **String** | | + diff --git a/jcapiv2/docs/ConnectWiseMappingRequestData.md b/jcapiv2/docs/ConnectWiseMappingRequestData.md new file mode 100644 index 0000000..11ae0dd --- /dev/null +++ b/jcapiv2/docs/ConnectWiseMappingRequestData.md @@ -0,0 +1,11 @@ +# JCAPIv2::ConnectWiseMappingRequestData + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**addition** | **Object** | | [optional] +**agreement** | **Object** | | [optional] +**company** | [**ConnectWiseMappingRequestCompany**](ConnectWiseMappingRequestCompany.md) | | +**delete** | **BOOLEAN** | | [optional] +**organization** | [**ConnectWiseMappingRequestOrganization**](ConnectWiseMappingRequestOrganization.md) | | + diff --git a/jcapiv2/docs/ConnectWiseMappingRequestOrganization.md b/jcapiv2/docs/ConnectWiseMappingRequestOrganization.md new file mode 100644 index 0000000..d4d57dd --- /dev/null +++ b/jcapiv2/docs/ConnectWiseMappingRequestOrganization.md @@ -0,0 +1,8 @@ +# JCAPIv2::ConnectWiseMappingRequestOrganization + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | +**name** | **String** | | + diff --git a/jcapiv2/docs/ConnectWiseMappingResponse.md b/jcapiv2/docs/ConnectWiseMappingResponse.md new file mode 100644 index 0000000..a2d4f0c --- /dev/null +++ b/jcapiv2/docs/ConnectWiseMappingResponse.md @@ -0,0 +1,12 @@ +# JCAPIv2::ConnectWiseMappingResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**addition** | [**ConnectWiseMappingResponseAddition**](ConnectWiseMappingResponseAddition.md) | | [optional] +**agreement** | [**ConnectWiseMappingResponseAddition**](ConnectWiseMappingResponseAddition.md) | | [optional] +**company** | [**ConnectWiseMappingResponseAddition**](ConnectWiseMappingResponseAddition.md) | | [optional] +**last_sync_date_time** | **String** | | [optional] +**last_sync_status** | **String** | | [optional] +**organization** | [**ConnectWiseMappingResponseAddition**](ConnectWiseMappingResponseAddition.md) | | [optional] + diff --git a/jcapiv2/docs/ConnectWiseMappingResponseAddition.md b/jcapiv2/docs/ConnectWiseMappingResponseAddition.md new file mode 100644 index 0000000..eb887e9 --- /dev/null +++ b/jcapiv2/docs/ConnectWiseMappingResponseAddition.md @@ -0,0 +1,8 @@ +# JCAPIv2::ConnectWiseMappingResponseAddition + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/ConnectWiseSettings.md b/jcapiv2/docs/ConnectWiseSettings.md new file mode 100644 index 0000000..12623b9 --- /dev/null +++ b/jcapiv2/docs/ConnectWiseSettings.md @@ -0,0 +1,8 @@ +# JCAPIv2::ConnectWiseSettings + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**automatic_ticketing** | **BOOLEAN** | Determine whether ConnectWise uses automatic ticketing | [optional] +**company_type_ids** | **Array<Integer>** | The array of ConnectWise companyType IDs applicable to the Provider. | [optional] + diff --git a/jcapiv2/docs/ConnectWiseSettingsPatchReq.md b/jcapiv2/docs/ConnectWiseSettingsPatchReq.md new file mode 100644 index 0000000..e6742e6 --- /dev/null +++ b/jcapiv2/docs/ConnectWiseSettingsPatchReq.md @@ -0,0 +1,8 @@ +# JCAPIv2::ConnectWiseSettingsPatchReq + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**automatic_ticketing** | **BOOLEAN** | Determine whether ConnectWise uses automatic ticketing | [optional] +**company_type_ids** | **Array<Integer>** | The array of ConnectWise companyType IDs applicable to the Provider. | [optional] + diff --git a/jcapiv2/docs/ConnectWiseTicketingAlertConfiguration.md b/jcapiv2/docs/ConnectWiseTicketingAlertConfiguration.md new file mode 100644 index 0000000..1bb4e5d --- /dev/null +++ b/jcapiv2/docs/ConnectWiseTicketingAlertConfiguration.md @@ -0,0 +1,14 @@ +# JCAPIv2::ConnectWiseTicketingAlertConfiguration + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**category** | **String** | | [optional] +**description** | **String** | | [optional] +**display_name** | **String** | | [optional] +**due_days** | **Integer** | | [optional] +**id** | **Integer** | | [optional] +**priority** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**should_create_tickets** | **BOOLEAN** | | +**source** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] + diff --git a/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationList.md b/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationList.md new file mode 100644 index 0000000..0e39bd2 --- /dev/null +++ b/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationList.md @@ -0,0 +1,7 @@ +# JCAPIv2::ConnectWiseTicketingAlertConfigurationList + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | **Array<AllOfConnectWiseTicketingAlertConfigurationListRecordsItems>** | | + diff --git a/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationOption.md b/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationOption.md new file mode 100644 index 0000000..e9a5b92 --- /dev/null +++ b/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationOption.md @@ -0,0 +1,8 @@ +# JCAPIv2::ConnectWiseTicketingAlertConfigurationOption + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | | [optional] +**values** | [**Array<AutotaskTicketingAlertConfigurationOptionValues>**](AutotaskTicketingAlertConfigurationOptionValues.md) | | [optional] + diff --git a/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationOptions.md b/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationOptions.md new file mode 100644 index 0000000..1af4ff1 --- /dev/null +++ b/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationOptions.md @@ -0,0 +1,7 @@ +# JCAPIv2::ConnectWiseTicketingAlertConfigurationOptions + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<ConnectWiseTicketingAlertConfigurationOption>**](ConnectWiseTicketingAlertConfigurationOption.md) | | + diff --git a/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationRequest.md b/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationRequest.md new file mode 100644 index 0000000..f9deb4f --- /dev/null +++ b/jcapiv2/docs/ConnectWiseTicketingAlertConfigurationRequest.md @@ -0,0 +1,10 @@ +# JCAPIv2::ConnectWiseTicketingAlertConfigurationRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**due_days** | **Integer** | | [optional] +**priority** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] +**should_create_tickets** | **BOOLEAN** | | +**source** | [**AutotaskTicketingAlertConfigurationPriority**](AutotaskTicketingAlertConfigurationPriority.md) | | [optional] + diff --git a/jcapiv2/docs/ConnectwiseAddition.md b/jcapiv2/docs/ConnectwiseAddition.md new file mode 100644 index 0000000..718c25b --- /dev/null +++ b/jcapiv2/docs/ConnectwiseAddition.md @@ -0,0 +1,8 @@ +# JCAPIv2::ConnectwiseAddition + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The addition identifier. | +**name** | **String** | The addition name. | + diff --git a/jcapiv2/docs/ConnectwiseAgreement.md b/jcapiv2/docs/ConnectwiseAgreement.md new file mode 100644 index 0000000..1d2fafc --- /dev/null +++ b/jcapiv2/docs/ConnectwiseAgreement.md @@ -0,0 +1,9 @@ +# JCAPIv2::ConnectwiseAgreement + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**company_id** | **String** | The ConnectWise company identifier linked to agreement. | +**id** | **String** | The agreement identifier. | +**name** | **String** | The agreement name. | + diff --git a/jcapiv2/docs/ConnectwiseCompany.md b/jcapiv2/docs/ConnectwiseCompany.md new file mode 100644 index 0000000..80aead5 --- /dev/null +++ b/jcapiv2/docs/ConnectwiseCompany.md @@ -0,0 +1,8 @@ +# JCAPIv2::ConnectwiseCompany + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The company identifier. | +**name** | **String** | The company name. | + diff --git a/jcapiv2/docs/ConnectwiseCompanyResp.md b/jcapiv2/docs/ConnectwiseCompanyResp.md new file mode 100644 index 0000000..337ad74 --- /dev/null +++ b/jcapiv2/docs/ConnectwiseCompanyResp.md @@ -0,0 +1,8 @@ +# JCAPIv2::ConnectwiseCompanyResp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<ConnectwiseCompany>**](ConnectwiseCompany.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/ConnectwiseCompanyTypeResp.md b/jcapiv2/docs/ConnectwiseCompanyTypeResp.md new file mode 100644 index 0000000..05f20e8 --- /dev/null +++ b/jcapiv2/docs/ConnectwiseCompanyTypeResp.md @@ -0,0 +1,8 @@ +# JCAPIv2::ConnectwiseCompanyTypeResp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<BillingIntegrationCompanyType>**](BillingIntegrationCompanyType.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/ConnectwiseIntegration.md b/jcapiv2/docs/ConnectwiseIntegration.md new file mode 100644 index 0000000..0b9c48c --- /dev/null +++ b/jcapiv2/docs/ConnectwiseIntegration.md @@ -0,0 +1,10 @@ +# JCAPIv2::ConnectwiseIntegration + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**company_id** | **String** | The ConnectWise company identifier. | +**id** | **String** | The identifier for this ConnectWise integration. | +**is_msp_auth_configured** | **BOOLEAN** | Has the msp-api been configured with auth data yet | [optional] +**url** | **String** | The base url for connecting to ConnectWise. | + diff --git a/jcapiv2/docs/ConnectwiseIntegrationPatchReq.md b/jcapiv2/docs/ConnectwiseIntegrationPatchReq.md new file mode 100644 index 0000000..0a9b89e --- /dev/null +++ b/jcapiv2/docs/ConnectwiseIntegrationPatchReq.md @@ -0,0 +1,10 @@ +# JCAPIv2::ConnectwiseIntegrationPatchReq + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**company_id** | **String** | The ConnectWise company identifier. | [optional] +**private_key** | **String** | The ConnectWise private key for authentication | [optional] +**public_key** | **String** | The ConnectWise public key for authentication. | [optional] +**url** | **String** | The base url for connecting to ConnectWise. | [optional] + diff --git a/jcapiv2/docs/ConnectwiseIntegrationReq.md b/jcapiv2/docs/ConnectwiseIntegrationReq.md new file mode 100644 index 0000000..b50cc82 --- /dev/null +++ b/jcapiv2/docs/ConnectwiseIntegrationReq.md @@ -0,0 +1,10 @@ +# JCAPIv2::ConnectwiseIntegrationReq + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**company_id** | **String** | The ConnectWise company identifier. | +**private_key** | **String** | The ConnectWise private key for authentication | +**public_key** | **String** | The ConnectWise public key for authentication. | +**url** | **String** | The base url for connecting to ConnectWise. | + diff --git a/jcapiv2/docs/CreateOrganization.md b/jcapiv2/docs/CreateOrganization.md new file mode 100644 index 0000000..89c2d76 --- /dev/null +++ b/jcapiv2/docs/CreateOrganization.md @@ -0,0 +1,8 @@ +# JCAPIv2::CreateOrganization + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**max_system_users** | **Integer** | The maximum number of users allowed in this organization. Requires organizations.billing scope to modify. | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/CustomEmail.md b/jcapiv2/docs/CustomEmail.md new file mode 100644 index 0000000..e35a34b --- /dev/null +++ b/jcapiv2/docs/CustomEmail.md @@ -0,0 +1,14 @@ +# JCAPIv2::CustomEmail + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**body** | **String** | | [optional] +**button** | **String** | | [optional] +**header** | **String** | | [optional] +**id** | **String** | | [optional] +**next_step_contact_info** | **String** | | [optional] +**subject** | **String** | | +**title** | **String** | | [optional] +**type** | [**CustomEmailType**](CustomEmailType.md) | | + diff --git a/jcapiv2/docs/CustomEmailTemplate.md b/jcapiv2/docs/CustomEmailTemplate.md new file mode 100644 index 0000000..87553fb --- /dev/null +++ b/jcapiv2/docs/CustomEmailTemplate.md @@ -0,0 +1,10 @@ +# JCAPIv2::CustomEmailTemplate + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**description** | **String** | | [optional] +**display_name** | **String** | | [optional] +**fields** | [**Array<CustomEmailTemplateField>**](CustomEmailTemplateField.md) | | [optional] +**type** | [**CustomEmailType**](CustomEmailType.md) | | [optional] + diff --git a/jcapiv2/docs/CustomEmailTemplateField.md b/jcapiv2/docs/CustomEmailTemplateField.md new file mode 100644 index 0000000..521bb97 --- /dev/null +++ b/jcapiv2/docs/CustomEmailTemplateField.md @@ -0,0 +1,10 @@ +# JCAPIv2::CustomEmailTemplateField + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**default_value** | **String** | | [optional] +**display_name** | **String** | | [optional] +**field** | **String** | | [optional] +**multiline** | **BOOLEAN** | | [optional] + diff --git a/jcapiv2/docs/CustomEmailType.md b/jcapiv2/docs/CustomEmailType.md new file mode 100644 index 0000000..025ae45 --- /dev/null +++ b/jcapiv2/docs/CustomEmailType.md @@ -0,0 +1,6 @@ +# JCAPIv2::CustomEmailType + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/CustomEmailsApi.md b/jcapiv2/docs/CustomEmailsApi.md new file mode 100644 index 0000000..1722f54 --- /dev/null +++ b/jcapiv2/docs/CustomEmailsApi.md @@ -0,0 +1,285 @@ +# JCAPIv2::CustomEmailsApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**custom_emails_create**](CustomEmailsApi.md#custom_emails_create) | **POST** /customemails | Create custom email configuration +[**custom_emails_destroy**](CustomEmailsApi.md#custom_emails_destroy) | **DELETE** /customemails/{custom_email_type} | Delete custom email configuration +[**custom_emails_get_templates**](CustomEmailsApi.md#custom_emails_get_templates) | **GET** /customemail/templates | List custom email templates +[**custom_emails_read**](CustomEmailsApi.md#custom_emails_read) | **GET** /customemails/{custom_email_type} | Get custom email configuration +[**custom_emails_update**](CustomEmailsApi.md#custom_emails_update) | **PUT** /customemails/{custom_email_type} | Update custom email configuration + +# **custom_emails_create** +> CustomEmail custom_emails_create(opts) + +Create custom email configuration + +Create the custom email configuration for the specified custom email type. This action is only available to paying customers. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CustomEmailsApi.new +opts = { + body: JCAPIv2::CustomEmail.new # CustomEmail | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create custom email configuration + result = api_instance.custom_emails_create(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CustomEmailsApi->custom_emails_create: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**CustomEmail**](CustomEmail.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**CustomEmail**](CustomEmail.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **custom_emails_destroy** +> custom_emails_destroy(custom_email_type, opts) + +Delete custom email configuration + +Delete the custom email configuration for the specified custom email type + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CustomEmailsApi.new +custom_email_type = 'custom_email_type_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete custom email configuration + api_instance.custom_emails_destroy(custom_email_type, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling CustomEmailsApi->custom_emails_destroy: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **custom_email_type** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **custom_emails_get_templates** +> Array<CustomEmailTemplate> custom_emails_get_templates + +List custom email templates + +Get the list of custom email templates + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CustomEmailsApi.new + +begin + #List custom email templates + result = api_instance.custom_emails_get_templates + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CustomEmailsApi->custom_emails_get_templates: #{e}" +end +``` + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**Array<CustomEmailTemplate>**](CustomEmailTemplate.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **custom_emails_read** +> CustomEmail custom_emails_read(custom_email_type, opts) + +Get custom email configuration + +Get the custom email configuration for the specified custom email type + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CustomEmailsApi.new +custom_email_type = 'custom_email_type_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get custom email configuration + result = api_instance.custom_emails_read(custom_email_type, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CustomEmailsApi->custom_emails_read: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **custom_email_type** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**CustomEmail**](CustomEmail.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **custom_emails_update** +> CustomEmail custom_emails_update(custom_email_type, opts) + +Update custom email configuration + +Update the custom email configuration for the specified custom email type. This action is only available to paying customers. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::CustomEmailsApi.new +custom_email_type = 'custom_email_type_example' # String | +opts = { + body: JCAPIv2::CustomEmail.new # CustomEmail | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update custom email configuration + result = api_instance.custom_emails_update(custom_email_type, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling CustomEmailsApi->custom_emails_update: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **custom_email_type** | **String**| | + **body** | [**CustomEmail**](CustomEmail.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**CustomEmail**](CustomEmail.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/DEP.md b/jcapiv2/docs/DEP.md new file mode 100644 index 0000000..d4d81a7 --- /dev/null +++ b/jcapiv2/docs/DEP.md @@ -0,0 +1,9 @@ +# JCAPIv2::DEP + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**enable_zero_touch_enrollment** | **BOOLEAN** | A toggle to determine if DEP registered devices should go through JumpCloud Zero Touch Enrollment. | [optional] +**setup_assistant_options** | [**Array<DEPSetupAssistantOption>**](DEPSetupAssistantOption.md) | | [optional] +**welcome_screen** | [**DEPWelcomeScreen**](DEPWelcomeScreen.md) | | [optional] + diff --git a/jcapiv2/docs/DEPSetupAssistantOption.md b/jcapiv2/docs/DEPSetupAssistantOption.md new file mode 100644 index 0000000..5ca9a1f --- /dev/null +++ b/jcapiv2/docs/DEPSetupAssistantOption.md @@ -0,0 +1,7 @@ +# JCAPIv2::DEPSetupAssistantOption + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**option** | [**SetupAssistantOption**](SetupAssistantOption.md) | | [optional] + diff --git a/jcapiv2/docs/DEPWelcomeScreen.md b/jcapiv2/docs/DEPWelcomeScreen.md new file mode 100644 index 0000000..4d55244 --- /dev/null +++ b/jcapiv2/docs/DEPWelcomeScreen.md @@ -0,0 +1,9 @@ +# JCAPIv2::DEPWelcomeScreen + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**button** | **String** | Text to display on the button on the DEP Welcome Screen. | [optional] +**paragraph** | **String** | A message to display on the DEP Welcome Screen. | [optional] +**title** | **String** | The title to display on the DEP Welcome Screen. | [optional] + diff --git a/jcapiv2/docs/DefaultApi.md b/jcapiv2/docs/DefaultApi.md deleted file mode 100644 index db078c6..0000000 --- a/jcapiv2/docs/DefaultApi.md +++ /dev/null @@ -1,284 +0,0 @@ -# JCAPIv2::DefaultApi - -All URIs are relative to *https://console.jumpcloud.com/api/v2* - -Method | HTTP request | Description -------------- | ------------- | ------------- -[**jc_enrollment_profiles_delete**](DefaultApi.md#jc_enrollment_profiles_delete) | **DELETE** /enrollmentprofiles/{enrollment_profile_id} | Delete Enrollment Profile -[**jc_enrollment_profiles_get**](DefaultApi.md#jc_enrollment_profiles_get) | **GET** /enrollmentprofiles/{enrollment_profile_id} | Get Enrollment Profile -[**jc_enrollment_profiles_list**](DefaultApi.md#jc_enrollment_profiles_list) | **GET** /enrollmentprofiles | List Enrollment Profiles -[**jc_enrollment_profiles_post**](DefaultApi.md#jc_enrollment_profiles_post) | **POST** /enrollmentprofiles | Create new Enrollment Profile -[**jc_enrollment_profiles_put**](DefaultApi.md#jc_enrollment_profiles_put) | **PUT** /enrollmentprofiles/{enrollment_profile_id} | Update Enrollment Profile - - -# **jc_enrollment_profiles_delete** -> JcEnrollmentProfile jc_enrollment_profiles_delete(enrollment_profile_id) - -Delete Enrollment Profile - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::DefaultApi.new - -enrollment_profile_id = "enrollment_profile_id_example" # String | - - -begin - #Delete Enrollment Profile - result = api_instance.jc_enrollment_profiles_delete(enrollment_profile_id) - p result -rescue JCAPIv2::ApiError => e - puts "Exception when calling DefaultApi->jc_enrollment_profiles_delete: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **enrollment_profile_id** | **String**| | - -### Return type - -[**JcEnrollmentProfile**](JcEnrollmentProfile.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - -# **jc_enrollment_profiles_get** -> jc_enrollment_profiles_get(enrollment_profile_id, opts) - -Get Enrollment Profile - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::DefaultApi.new - -enrollment_profile_id = "enrollment_profile_id_example" # String | - -opts = { - body: JCAPIv2::JcEnrollmentProfile.new # JcEnrollmentProfile | -} - -begin - #Get Enrollment Profile - api_instance.jc_enrollment_profiles_get(enrollment_profile_id, opts) -rescue JCAPIv2::ApiError => e - puts "Exception when calling DefaultApi->jc_enrollment_profiles_get: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **enrollment_profile_id** | **String**| | - **body** | [**JcEnrollmentProfile**](JcEnrollmentProfile.md)| | [optional] - -### Return type - -nil (empty response body) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - -# **jc_enrollment_profiles_list** -> Array<JcEnrollmentProfile> jc_enrollment_profiles_list(opts) - -List Enrollment Profiles - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::DefaultApi.new - -opts = { - limit: 10, # Integer | - skip: 0, # Integer | The offset into the records to return. -} - -begin - #List Enrollment Profiles - result = api_instance.jc_enrollment_profiles_list(opts) - p result -rescue JCAPIv2::ApiError => e - puts "Exception when calling DefaultApi->jc_enrollment_profiles_list: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **limit** | **Integer**| | [optional] [default to 10] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - -### Return type - -[**Array<JcEnrollmentProfile>**](JcEnrollmentProfile.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - -# **jc_enrollment_profiles_post** -> JcEnrollmentProfile jc_enrollment_profiles_post(opts) - -Create new Enrollment Profile - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::DefaultApi.new - -opts = { - body: JCAPIv2::Body1.new # Body1 | -} - -begin - #Create new Enrollment Profile - result = api_instance.jc_enrollment_profiles_post(opts) - p result -rescue JCAPIv2::ApiError => e - puts "Exception when calling DefaultApi->jc_enrollment_profiles_post: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **body** | [**Body1**](Body1.md)| | [optional] - -### Return type - -[**JcEnrollmentProfile**](JcEnrollmentProfile.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - -# **jc_enrollment_profiles_put** -> JcEnrollmentProfile jc_enrollment_profiles_put(enrollment_profile_id, opts) - -Update Enrollment Profile - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::DefaultApi.new - -enrollment_profile_id = "enrollment_profile_id_example" # String | - -opts = { - body: JCAPIv2::Body2.new # Body2 | -} - -begin - #Update Enrollment Profile - result = api_instance.jc_enrollment_profiles_put(enrollment_profile_id, opts) - p result -rescue JCAPIv2::ApiError => e - puts "Exception when calling DefaultApi->jc_enrollment_profiles_put: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **enrollment_profile_id** | **String**| | - **body** | [**Body2**](Body2.md)| | [optional] - -### Return type - -[**JcEnrollmentProfile**](JcEnrollmentProfile.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - diff --git a/jcapiv2/docs/SalesforceknowledgelistoutputInner.md b/jcapiv2/docs/DefaultDomain.md similarity index 69% rename from jcapiv2/docs/SalesforceknowledgelistoutputInner.md rename to jcapiv2/docs/DefaultDomain.md index fa51fdd..8838b53 100644 --- a/jcapiv2/docs/SalesforceknowledgelistoutputInner.md +++ b/jcapiv2/docs/DefaultDomain.md @@ -1,8 +1,8 @@ -# JCAPIv2::SalesforceknowledgelistoutputInner +# JCAPIv2::DefaultDomain ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**domain** | **String** | | [optional] **id** | **String** | | [optional] - diff --git a/jcapiv2/docs/DeviceIdEraseBody.md b/jcapiv2/docs/DeviceIdEraseBody.md new file mode 100644 index 0000000..aecc359 --- /dev/null +++ b/jcapiv2/docs/DeviceIdEraseBody.md @@ -0,0 +1,7 @@ +# JCAPIv2::DeviceIdEraseBody + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**pin** | **String** | 6-digit PIN, required for MacOS, to erase the device | [optional] + diff --git a/jcapiv2/docs/DeviceIdLockBody.md b/jcapiv2/docs/DeviceIdLockBody.md new file mode 100644 index 0000000..76ed96e --- /dev/null +++ b/jcapiv2/docs/DeviceIdLockBody.md @@ -0,0 +1,7 @@ +# JCAPIv2::DeviceIdLockBody + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**pin** | **String** | 6-digit PIN, required for MacOS, to lock the device | [optional] + diff --git a/jcapiv2/docs/DeviceIdResetpasswordBody.md b/jcapiv2/docs/DeviceIdResetpasswordBody.md new file mode 100644 index 0000000..9115b34 --- /dev/null +++ b/jcapiv2/docs/DeviceIdResetpasswordBody.md @@ -0,0 +1,8 @@ +# JCAPIv2::DeviceIdResetpasswordBody + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**flags** | **Array<String>** | | [optional] +**new_password** | **String** | Not logging as it contains sensitive information. | [optional] + diff --git a/jcapiv2/docs/DeviceIdRestartBody.md b/jcapiv2/docs/DeviceIdRestartBody.md new file mode 100644 index 0000000..df071c0 --- /dev/null +++ b/jcapiv2/docs/DeviceIdRestartBody.md @@ -0,0 +1,7 @@ +# JCAPIv2::DeviceIdRestartBody + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**kext_paths** | **Array<String>** | The string to pass when doing a restart and performing a RebuildKernelCache. | [optional] + diff --git a/jcapiv2/docs/DevicePackageV1Device.md b/jcapiv2/docs/DevicePackageV1Device.md new file mode 100644 index 0000000..e773703 --- /dev/null +++ b/jcapiv2/docs/DevicePackageV1Device.md @@ -0,0 +1,14 @@ +# JCAPIv2::DevicePackageV1Device + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**app_version** | **String** | | [optional] +**created_at** | **String** | | [optional] +**id** | **String** | | [optional] +**name** | **String** | | [optional] +**os_name** | **String** | | [optional] +**public_key** | **String** | | [optional] +**updated_at** | **String** | | [optional] +**user_uuid** | **String** | | [optional] + diff --git a/jcapiv2/docs/DevicePackageV1ListDevicesResponse.md b/jcapiv2/docs/DevicePackageV1ListDevicesResponse.md new file mode 100644 index 0000000..a91708e --- /dev/null +++ b/jcapiv2/docs/DevicePackageV1ListDevicesResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::DevicePackageV1ListDevicesResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<DevicePackageV1Device>**](DevicePackageV1Device.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/DevicesGetSignInWithJumpCloudSettingsResponse.md b/jcapiv2/docs/DevicesGetSignInWithJumpCloudSettingsResponse.md new file mode 100644 index 0000000..4d17faa --- /dev/null +++ b/jcapiv2/docs/DevicesGetSignInWithJumpCloudSettingsResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::DevicesGetSignInWithJumpCloudSettingsResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**organization_object_id** | **String** | | [optional] +**settings** | [**Array<DevicesSignInWithJumpCloudSetting>**](DevicesSignInWithJumpCloudSetting.md) | | [optional] + diff --git a/jcapiv2/docs/DevicesSetSignInWithJumpCloudSettingsRequest.md b/jcapiv2/docs/DevicesSetSignInWithJumpCloudSettingsRequest.md new file mode 100644 index 0000000..7793d0e --- /dev/null +++ b/jcapiv2/docs/DevicesSetSignInWithJumpCloudSettingsRequest.md @@ -0,0 +1,8 @@ +# JCAPIv2::DevicesSetSignInWithJumpCloudSettingsRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**organization_object_id** | **String** | | [optional] +**settings** | [**Array<DevicesSignInWithJumpCloudSetting>**](DevicesSignInWithJumpCloudSetting.md) | | [optional] + diff --git a/jcapiv2/docs/DevicesSignInWithJumpCloudSetting.md b/jcapiv2/docs/DevicesSignInWithJumpCloudSetting.md new file mode 100644 index 0000000..f47c589 --- /dev/null +++ b/jcapiv2/docs/DevicesSignInWithJumpCloudSetting.md @@ -0,0 +1,9 @@ +# JCAPIv2::DevicesSignInWithJumpCloudSetting + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**default_permission** | [**DevicesSignInWithJumpCloudSettingPermission**](DevicesSignInWithJumpCloudSettingPermission.md) | | [optional] +**enabled** | **BOOLEAN** | | [optional] +**os_family** | [**DevicesSignInWithJumpCloudSettingOSFamily**](DevicesSignInWithJumpCloudSettingOSFamily.md) | | [optional] + diff --git a/jcapiv2/docs/DevicesSignInWithJumpCloudSettingOSFamily.md b/jcapiv2/docs/DevicesSignInWithJumpCloudSettingOSFamily.md new file mode 100644 index 0000000..a511161 --- /dev/null +++ b/jcapiv2/docs/DevicesSignInWithJumpCloudSettingOSFamily.md @@ -0,0 +1,6 @@ +# JCAPIv2::DevicesSignInWithJumpCloudSettingOSFamily + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/DevicesSignInWithJumpCloudSettingPermission.md b/jcapiv2/docs/DevicesSignInWithJumpCloudSettingPermission.md new file mode 100644 index 0000000..3ed2360 --- /dev/null +++ b/jcapiv2/docs/DevicesSignInWithJumpCloudSettingPermission.md @@ -0,0 +1,6 @@ +# JCAPIv2::DevicesSignInWithJumpCloudSettingPermission + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/DirectoriesApi.md b/jcapiv2/docs/DirectoriesApi.md index a21756d..e1e6c9c 100644 --- a/jcapiv2/docs/DirectoriesApi.md +++ b/jcapiv2/docs/DirectoriesApi.md @@ -6,9 +6,8 @@ Method | HTTP request | Description ------------- | ------------- | ------------- [**directories_list**](DirectoriesApi.md#directories_list) | **GET** /directories | List All Directories - # **directories_list** -> Array<Directory> directories_list(content_type, accept, opts) +> Array<Directory> directories_list(opts) List All Directories @@ -27,22 +26,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::DirectoriesApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. limit: 10, # Integer | The number of records to return at once. Limited to 100. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List All Directories - result = api_instance.directories_list(content_type, accept, opts) + result = api_instance.directories_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling DirectoriesApi->directories_list: #{e}" @@ -53,13 +47,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -71,7 +63,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/Directory.md b/jcapiv2/docs/Directory.md index 27bc2b8..f0324c3 100644 --- a/jcapiv2/docs/Directory.md +++ b/jcapiv2/docs/Directory.md @@ -3,8 +3,9 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**default_domain** | [**DirectoryDefaultDomain**](DirectoryDefaultDomain.md) | | [optional] **id** | **String** | The ObjectID of the directory. | **name** | **String** | The name of the directory. | +**o_auth_status** | **Object** | the expiry and error status of the bearer token | [optional] **type** | **String** | The type of directory. | - diff --git a/jcapiv2/docs/EnrollmentProfile.md b/jcapiv2/docs/DirectoryDefaultDomain.md similarity index 65% rename from jcapiv2/docs/EnrollmentProfile.md rename to jcapiv2/docs/DirectoryDefaultDomain.md index 9ebdc0c..92a34c5 100644 --- a/jcapiv2/docs/EnrollmentProfile.md +++ b/jcapiv2/docs/DirectoryDefaultDomain.md @@ -1,9 +1,8 @@ -# JCAPIv2::EnrollmentProfile +# JCAPIv2::DirectoryDefaultDomain ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**apple_mdm_id** | **String** | | [optional] +**domain** | **String** | | [optional] **id** | **String** | | [optional] - diff --git a/jcapiv2/docs/DuoAccount.md b/jcapiv2/docs/DuoAccount.md index be90db3..c9acb5c 100644 --- a/jcapiv2/docs/DuoAccount.md +++ b/jcapiv2/docs/DuoAccount.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **id** | **String** | object ID | **name** | **String** | Duo application name. | [optional] - diff --git a/jcapiv2/docs/DuoApi.md b/jcapiv2/docs/DuoApi.md index ba89325..563132c 100644 --- a/jcapiv2/docs/DuoApi.md +++ b/jcapiv2/docs/DuoApi.md @@ -6,7 +6,7 @@ Method | HTTP request | Description ------------- | ------------- | ------------- [**duo_account_delete**](DuoApi.md#duo_account_delete) | **DELETE** /duo/accounts/{id} | Delete a Duo Account [**duo_account_get**](DuoApi.md#duo_account_get) | **GET** /duo/accounts/{id} | Get a Duo Acount -[**duo_account_list**](DuoApi.md#duo_account_list) | **GET** /duo/accounts | List Duo Acounts +[**duo_account_list**](DuoApi.md#duo_account_list) | **GET** /duo/accounts | List Duo Accounts [**duo_account_post**](DuoApi.md#duo_account_post) | **POST** /duo/accounts | Create Duo Account [**duo_application_delete**](DuoApi.md#duo_application_delete) | **DELETE** /duo/accounts/{account_id}/applications/{application_id} | Delete a Duo Application [**duo_application_get**](DuoApi.md#duo_application_get) | **GET** /duo/accounts/{account_id}/applications/{application_id} | Get a Duo application @@ -14,9 +14,8 @@ Method | HTTP request | Description [**duo_application_post**](DuoApi.md#duo_application_post) | **POST** /duo/accounts/{account_id}/applications | Create Duo Application [**duo_application_update**](DuoApi.md#duo_application_update) | **PUT** /duo/accounts/{account_id}/applications/{application_id} | Update Duo Application - # **duo_account_delete** -> DuoAccount duo_account_delete(id, content_type, accept, opts) +> DuoAccount duo_account_delete(id, opts) Delete a Duo Account @@ -35,20 +34,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::DuoApi.new - -id = "id_example" # String | ObjectID of the Duo Account - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the Duo Account opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Delete a Duo Account - result = api_instance.duo_account_delete(id, content_type, accept, opts) + result = api_instance.duo_account_delete(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling DuoApi->duo_account_delete: #{e}" @@ -60,9 +53,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the Duo Account | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -74,13 +65,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **duo_account_get** -> DuoAccount duo_account_get(id, content_type, accept, opts) +> DuoAccount duo_account_get(id, opts) Get a Duo Acount @@ -99,20 +90,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::DuoApi.new - -id = "id_example" # String | ObjectID of the Duo Account - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the Duo Account opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Get a Duo Acount - result = api_instance.duo_account_get(id, content_type, accept, opts) + result = api_instance.duo_account_get(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling DuoApi->duo_account_get: #{e}" @@ -124,9 +109,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the Duo Account | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -138,15 +121,15 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **duo_account_list** -> Array<DuoAccount> duo_account_list(content_type, accept, opts) +> Array<DuoAccount> duo_account_list(opts) -List Duo Acounts +List Duo Accounts This endpoint returns all the Duo accounts for your organization. Note: There can currently only be one Duo account for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` @@ -163,18 +146,13 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::DuoApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List Duo Acounts - result = api_instance.duo_account_list(content_type, accept, opts) + #List Duo Accounts + result = api_instance.duo_account_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling DuoApi->duo_account_list: #{e}" @@ -185,9 +163,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -199,13 +175,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **duo_account_post** -> DuoAccount duo_account_post(content_type, accept, opts) +> DuoAccount duo_account_post(opts) Create Duo Account @@ -224,18 +200,13 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::DuoApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Create Duo Account - result = api_instance.duo_account_post(content_type, accept, opts) + result = api_instance.duo_account_post(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling DuoApi->duo_account_post: #{e}" @@ -246,9 +217,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -260,13 +229,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **duo_application_delete** -> DuoApplication duo_application_delete(account_id, application_id, content_type, accept, opts) +> DuoApplication duo_application_delete(account_id, application_id, opts) Delete a Duo Application @@ -285,22 +254,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::DuoApi.new - -account_id = "account_id_example" # String | - -application_id = "application_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +account_id = 'account_id_example' # String | +application_id = 'application_id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Delete a Duo Application - result = api_instance.duo_application_delete(account_id, application_id, content_type, accept, opts) + result = api_instance.duo_application_delete(account_id, application_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling DuoApi->duo_application_delete: #{e}" @@ -313,9 +275,7 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **account_id** | **String**| | **application_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -327,13 +287,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **duo_application_get** -> DuoApplication duo_application_get(account_id, application_id, content_type, accept, opts) +> DuoApplication duo_application_get(account_id, application_id, opts) Get a Duo application @@ -352,22 +312,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::DuoApi.new - -account_id = "account_id_example" # String | - -application_id = "application_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +account_id = 'account_id_example' # String | +application_id = 'application_id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Get a Duo application - result = api_instance.duo_application_get(account_id, application_id, content_type, accept, opts) + result = api_instance.duo_application_get(account_id, application_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling DuoApi->duo_application_get: #{e}" @@ -380,9 +333,7 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **account_id** | **String**| | **application_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -394,13 +345,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **duo_application_list** -> Array<DuoApplication> duo_application_list(account_id, content_type, accept, opts) +> Array<DuoApplication> duo_application_list(account_id, opts) List Duo Applications @@ -419,20 +370,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::DuoApi.new - -account_id = "account_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +account_id = 'account_id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List Duo Applications - result = api_instance.duo_application_list(account_id, content_type, accept, opts) + result = api_instance.duo_application_list(account_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling DuoApi->duo_application_list: #{e}" @@ -444,9 +389,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **account_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -458,13 +401,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **duo_application_post** -> DuoApplication duo_application_post(account_id, content_type, accept, opts) +> DuoApplication duo_application_post(account_id, opts) Create Duo Application @@ -483,21 +426,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::DuoApi.new - -account_id = "account_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +account_id = 'account_id_example' # String | opts = { - body: JCAPIv2::DuoApplicationReq.new, # DuoApplicationReq | - x_org_id: "" # String | + body: JCAPIv2::DuoApplicationReq.new # DuoApplicationReq | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Create Duo Application - result = api_instance.duo_application_post(account_id, content_type, accept, opts) + result = api_instance.duo_application_post(account_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling DuoApi->duo_application_post: #{e}" @@ -509,10 +446,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **account_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**DuoApplicationReq**](DuoApplicationReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -530,7 +465,7 @@ Name | Type | Description | Notes # **duo_application_update** -> DuoApplication duo_application_update(account_id, application_id, content_type, accept, opts) +> DuoApplication duo_application_update(account_idapplication_id, opts) Update Duo Application @@ -549,23 +484,16 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::DuoApi.new - -account_id = "account_id_example" # String | - -application_id = "application_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +account_id = 'account_id_example' # String | +application_id = 'application_id_example' # String | opts = { - body: JCAPIv2::DuoApplicationUpdateReq.new, # DuoApplicationUpdateReq | - x_org_id: "" # String | + body: JCAPIv2::DuoApplicationUpdateReq.new # DuoApplicationUpdateReq | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Update Duo Application - result = api_instance.duo_application_update(account_id, application_id, content_type, accept, opts) + result = api_instance.duo_application_update(account_idapplication_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling DuoApi->duo_application_update: #{e}" @@ -578,10 +506,8 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **account_id** | **String**| | **application_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**DuoApplicationUpdateReq**](DuoApplicationUpdateReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type diff --git a/jcapiv2/docs/DuoApplication.md b/jcapiv2/docs/DuoApplication.md index 17aec0c..7c48e80 100644 --- a/jcapiv2/docs/DuoApplication.md +++ b/jcapiv2/docs/DuoApplication.md @@ -8,4 +8,3 @@ Name | Type | Description | Notes **integration_key** | **String** | | **name** | **String** | | - diff --git a/jcapiv2/docs/DuoApplicationReq.md b/jcapiv2/docs/DuoApplicationReq.md index ac221ac..4f27dd4 100644 --- a/jcapiv2/docs/DuoApplicationReq.md +++ b/jcapiv2/docs/DuoApplicationReq.md @@ -8,4 +8,3 @@ Name | Type | Description | Notes **name** | **String** | | **secret_key** | **String** | | - diff --git a/jcapiv2/docs/DuoApplicationUpdateReq.md b/jcapiv2/docs/DuoApplicationUpdateReq.md index d7314a3..463cb6f 100644 --- a/jcapiv2/docs/DuoApplicationUpdateReq.md +++ b/jcapiv2/docs/DuoApplicationUpdateReq.md @@ -3,9 +3,8 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**api_host** | **String** | | [optional] -**integration_key** | **String** | | [optional] -**name** | **String** | | [optional] +**api_host** | **String** | | +**integration_key** | **String** | | +**name** | **String** | | **secret_key** | **String** | | [optional] - diff --git a/jcapiv2/docs/DuoRegistrationApplication.md b/jcapiv2/docs/DuoRegistrationApplication.md deleted file mode 100644 index 0ea864f..0000000 --- a/jcapiv2/docs/DuoRegistrationApplication.md +++ /dev/null @@ -1,10 +0,0 @@ -# JCAPIv2::DuoRegistrationApplication - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**api_host** | **String** | Duo Application host name. | -**integration_key** | **String** | Duo Application integration key. | -**secret_key** | **String** | Duo Application secret key. | - - diff --git a/jcapiv2/docs/DuoRegistrationApplicationReq.md b/jcapiv2/docs/DuoRegistrationApplicationReq.md deleted file mode 100644 index 083e028..0000000 --- a/jcapiv2/docs/DuoRegistrationApplicationReq.md +++ /dev/null @@ -1,8 +0,0 @@ -# JCAPIv2::DuoRegistrationApplicationReq - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**registration_application** | [**DuoRegistrationApplication**](DuoRegistrationApplication.md) | | - - diff --git a/jcapiv2/docs/Emailrequest.md b/jcapiv2/docs/Emailrequest.md deleted file mode 100644 index 8d8185b..0000000 --- a/jcapiv2/docs/Emailrequest.md +++ /dev/null @@ -1,8 +0,0 @@ -# JCAPIv2::Emailrequest - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**email_type** | **String** | | [optional] - - diff --git a/jcapiv2/docs/EnterprisesEnterpriseIdBody.md b/jcapiv2/docs/EnterprisesEnterpriseIdBody.md new file mode 100644 index 0000000..ca34bc5 --- /dev/null +++ b/jcapiv2/docs/EnterprisesEnterpriseIdBody.md @@ -0,0 +1,8 @@ +# JCAPIv2::EnterprisesEnterpriseIdBody + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**allow_device_enrollment** | **BOOLEAN** | | [optional] +**device_group_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/Error.md b/jcapiv2/docs/Error.md index fab3f1f..6c3a91a 100644 --- a/jcapiv2/docs/Error.md +++ b/jcapiv2/docs/Error.md @@ -3,8 +3,7 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**code** | **Integer** | | [optional] -**fields** | **String** | | [optional] -**message** | **String** | | [optional] - +**code** | **Integer** | HTTP status code | [optional] +**message** | **String** | Error message | [optional] +**status** | **String** | HTTP status description | [optional] diff --git a/jcapiv2/docs/ErrorDetails.md b/jcapiv2/docs/ErrorDetails.md new file mode 100644 index 0000000..07cb3a0 --- /dev/null +++ b/jcapiv2/docs/ErrorDetails.md @@ -0,0 +1,10 @@ +# JCAPIv2::ErrorDetails + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**code** | **Integer** | HTTP status code | [optional] +**message** | **String** | Error message | [optional] +**status** | **String** | HTTP status description | [optional] +**details** | **Array<Hash>** | Describes a list of objects with more detailed information of the given error. Each detail schema is according to one of the messages defined in Google's API: https://github.com/googleapis/googleapis/blob/master/google/rpc/error_details.proto | [optional] + diff --git a/jcapiv2/docs/Errorresponse.md b/jcapiv2/docs/Errorresponse.md deleted file mode 100644 index c280920..0000000 --- a/jcapiv2/docs/Errorresponse.md +++ /dev/null @@ -1,8 +0,0 @@ -# JCAPIv2::Errorresponse - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**message** | **String** | | [optional] - - diff --git a/jcapiv2/docs/FdeApi.md b/jcapiv2/docs/FdeApi.md index e393dbd..83013e2 100644 --- a/jcapiv2/docs/FdeApi.md +++ b/jcapiv2/docs/FdeApi.md @@ -6,7 +6,6 @@ Method | HTTP request | Description ------------- | ------------- | ------------- [**systems_get_fde_key**](FdeApi.md#systems_get_fde_key) | **GET** /systems/{system_id}/fdekey | Get System FDE Key - # **systems_get_fde_key** > Systemfdekey systems_get_fde_key(system_id, opts) @@ -27,11 +26,9 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::FdeApi.new - -system_id = "system_id_example" # String | - +system_id = 'system_id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin @@ -48,7 +45,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| | - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -60,7 +57,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/Feature.md b/jcapiv2/docs/Feature.md new file mode 100644 index 0000000..8a6396e --- /dev/null +++ b/jcapiv2/docs/Feature.md @@ -0,0 +1,7 @@ +# JCAPIv2::Feature + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | The unique identifier for this feature. | [optional] + diff --git a/jcapiv2/docs/FeatureTrialData.md b/jcapiv2/docs/FeatureTrialData.md new file mode 100644 index 0000000..1210d46 --- /dev/null +++ b/jcapiv2/docs/FeatureTrialData.md @@ -0,0 +1,8 @@ +# JCAPIv2::FeatureTrialData + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**end_date** | **String** | | [optional] +**start_date** | **String** | | [optional] + diff --git a/jcapiv2/docs/FeatureTrialsApi.md b/jcapiv2/docs/FeatureTrialsApi.md new file mode 100644 index 0000000..3a68ab0 --- /dev/null +++ b/jcapiv2/docs/FeatureTrialsApi.md @@ -0,0 +1,61 @@ +# JCAPIv2::FeatureTrialsApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**feature_trials_get_feature_trials**](FeatureTrialsApi.md#feature_trials_get_feature_trials) | **GET** /featureTrials/{feature_code} | Check current feature trial usage for a specific feature + +# **feature_trials_get_feature_trials** +> FeatureTrialData feature_trials_get_feature_trials(feature_code) + +Check current feature trial usage for a specific feature + +This endpoint get's the current state of a feature trial for an org. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.local/api/v2/featureTrials/zeroTrust \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::FeatureTrialsApi.new +feature_code = 'feature_code_example' # String | + + +begin + #Check current feature trial usage for a specific feature + result = api_instance.feature_trials_get_feature_trials(feature_code) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling FeatureTrialsApi->feature_trials_get_feature_trials: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **feature_code** | **String**| | + +### Return type + +[**FeatureTrialData**](FeatureTrialData.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/Filter.md b/jcapiv2/docs/Filter.md new file mode 100644 index 0000000..f3d6cbe --- /dev/null +++ b/jcapiv2/docs/Filter.md @@ -0,0 +1,9 @@ +# JCAPIv2::Filter + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**field** | **String** | Name of field in filter target object. | +**operator** | **String** | Filter comparison operator. | +**value** | **String** | Filter comparison value. | + diff --git a/jcapiv2/docs/FilterQuery.md b/jcapiv2/docs/FilterQuery.md new file mode 100644 index 0000000..fea20b8 --- /dev/null +++ b/jcapiv2/docs/FilterQuery.md @@ -0,0 +1,8 @@ +# JCAPIv2::FilterQuery + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**query_type** | **String** | | +**filters** | [**Array<Filter>**](Filter.md) | | [optional] + diff --git a/jcapiv2/docs/GSuiteApi.md b/jcapiv2/docs/GSuiteApi.md index ef32ade..566a414 100644 --- a/jcapiv2/docs/GSuiteApi.md +++ b/jcapiv2/docs/GSuiteApi.md @@ -4,24 +4,139 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- +[**gapps_domains_delete**](GSuiteApi.md#gapps_domains_delete) | **DELETE** /gsuites/{gsuite_id}/domains/{domainId} | Delete a domain from a Google Workspace integration instance +[**gapps_domains_insert**](GSuiteApi.md#gapps_domains_insert) | **POST** /gsuites/{gsuite_id}/domains | Add a domain to a Google Workspace integration instance +[**gapps_domains_list**](GSuiteApi.md#gapps_domains_list) | **GET** /gsuites/{gsuite_id}/domains | List all domains configured for the Google Workspace integration instance [**graph_g_suite_associations_list**](GSuiteApi.md#graph_g_suite_associations_list) | **GET** /gsuites/{gsuite_id}/associations | List the associations of a G Suite instance [**graph_g_suite_associations_post**](GSuiteApi.md#graph_g_suite_associations_post) | **POST** /gsuites/{gsuite_id}/associations | Manage the associations of a G Suite instance [**graph_g_suite_traverse_user**](GSuiteApi.md#graph_g_suite_traverse_user) | **GET** /gsuites/{gsuite_id}/users | List the Users bound to a G Suite instance [**graph_g_suite_traverse_user_group**](GSuiteApi.md#graph_g_suite_traverse_user_group) | **GET** /gsuites/{gsuite_id}/usergroups | List the User Groups bound to a G Suite instance [**gsuites_get**](GSuiteApi.md#gsuites_get) | **GET** /gsuites/{id} | Get G Suite +[**gsuites_list_import_jumpcloud_users**](GSuiteApi.md#gsuites_list_import_jumpcloud_users) | **GET** /gsuites/{gsuite_id}/import/jumpcloudusers | Get a list of users in Jumpcloud format to import from a Google Workspace account. +[**gsuites_list_import_users**](GSuiteApi.md#gsuites_list_import_users) | **GET** /gsuites/{gsuite_id}/import/users | Get a list of users to import from a G Suite instance [**gsuites_patch**](GSuiteApi.md#gsuites_patch) | **PATCH** /gsuites/{id} | Update existing G Suite [**translation_rules_g_suite_delete**](GSuiteApi.md#translation_rules_g_suite_delete) | **DELETE** /gsuites/{gsuite_id}/translationrules/{id} | Deletes a G Suite translation rule [**translation_rules_g_suite_get**](GSuiteApi.md#translation_rules_g_suite_get) | **GET** /gsuites/{gsuite_id}/translationrules/{id} | Gets a specific G Suite translation rule [**translation_rules_g_suite_list**](GSuiteApi.md#translation_rules_g_suite_list) | **GET** /gsuites/{gsuite_id}/translationrules | List all the G Suite Translation Rules [**translation_rules_g_suite_post**](GSuiteApi.md#translation_rules_g_suite_post) | **POST** /gsuites/{gsuite_id}/translationrules | Create a new G Suite Translation Rule +# **gapps_domains_delete** +> JumpcloudGappsDomainResponse gapps_domains_delete(gsuite_id, domain_id) -# **graph_g_suite_associations_list** -> Array<GraphConnection> graph_g_suite_associations_list(gsuite_idtargets, content_type, accept, opts) +Delete a domain from a Google Workspace integration instance -List the associations of a G Suite instance +Delete a domain from a specific Google Workspace directory sync integration instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains/{domainId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` -This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'B' # String | Id for the specific Google Workspace directory sync integration instance. +domain_id = 'B' # String | Id for the domain. + + +begin + #Delete a domain from a Google Workspace integration instance + result = api_instance.gapps_domains_delete(gsuite_id, domain_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gapps_domains_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **gsuite_id** | **String**| Id for the specific Google Workspace directory sync integration instance. | + **domain_id** | **String**| Id for the domain. | + +### Return type + +[**JumpcloudGappsDomainResponse**](JumpcloudGappsDomainResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **gapps_domains_insert** +> JumpcloudGappsDomainResponse gapps_domains_insert(gsuite_id, opts) + +Add a domain to a Google Workspace integration instance + +Add a domain to a specific Google Workspace directory sync integration instance. The domain must be a verified domain in Google Workspace. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"domain\": \"{domain name}\"}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'B' # String | Id for the specific Google Workspace directory sync integration instance. +opts = { + domain: 'domain_example' # String | +} + +begin + #Add a domain to a Google Workspace integration instance + result = api_instance.gapps_domains_insert(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gapps_domains_insert: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **gsuite_id** | **String**| Id for the specific Google Workspace directory sync integration instance. | + **domain** | **String**| | [optional] + +### Return type + +[**JumpcloudGappsDomainResponse**](JumpcloudGappsDomainResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **gapps_domains_list** +> JumpcloudGappsDomainListResponse gapps_domains_list(gsuite_id, opts) + +List all domains configured for the Google Workspace integration instance + +List the domains configured for a specific Google Workspace directory sync integration instance. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -36,24 +151,75 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'B' # String | Id for the specific Google Workspace directory sync integration instance.. +opts = { + limit: '100', # String | The number of records to return at once. Limited to 100. + skip: '0' # String | The offset into the records to return. +} + +begin + #List all domains configured for the Google Workspace integration instance + result = api_instance.gapps_domains_list(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gapps_domains_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **gsuite_id** | **String**| Id for the specific Google Workspace directory sync integration instance.. | + **limit** | **String**| The number of records to return at once. Limited to 100. | [optional] [default to 100] + **skip** | **String**| The offset into the records to return. | [optional] [default to 0] -gsuite_id = "gsuite_id_example" # String | ObjectID of the G Suite instance. +### Return type -targets = ["targets_example"] # Array | +[**JumpcloudGappsDomainListResponse**](JumpcloudGappsDomainListResponse.md) -content_type = "application/json" # String | +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json -accept = "application/json" # String | + +# **graph_g_suite_associations_list** +> Array<GraphConnection> graph_g_suite_associations_list(gsuite_id, targets, opts) + +List the associations of a G Suite instance + +This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. +targets = ['targets_example'] # Array | Targets which a \"g_suite\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a G Suite instance - result = api_instance.graph_g_suite_associations_list(gsuite_idtargets, content_type, accept, opts) + result = api_instance.graph_g_suite_associations_list(gsuite_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GSuiteApi->graph_g_suite_associations_list: #{e}" @@ -65,12 +231,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| ObjectID of the G Suite instance. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"g_suite\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -82,7 +246,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json @@ -92,7 +256,7 @@ Name | Type | Description | Notes Manage the associations of a G Suite instance -This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` +This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` ### Example ```ruby @@ -107,12 +271,10 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GSuiteApi.new - -gsuite_id = "gsuite_id_example" # String | ObjectID of the G Suite instance. - +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationGSuite.new # GraphOperationGSuite | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin @@ -128,8 +290,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| ObjectID of the G Suite instance. | - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationGSuite**](GraphOperationGSuite.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -142,12 +304,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_g_suite_traverse_user** -> Array<GraphObjectWithPaths> graph_g_suite_traverse_user(gsuite_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_g_suite_traverse_user(gsuite_id, opts) List the Users bound to a G Suite instance @@ -166,23 +328,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GSuiteApi.new - -gsuite_id = "gsuite_id_example" # String | ObjectID of the G Suite instance. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to a G Suite instance - result = api_instance.graph_g_suite_traverse_user(gsuite_id, content_type, accept, opts) + result = api_instance.graph_g_suite_traverse_user(gsuite_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GSuiteApi->graph_g_suite_traverse_user: #{e}" @@ -194,12 +350,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| ObjectID of the G Suite instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -211,13 +365,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_g_suite_traverse_user_group** -> Array<GraphObjectWithPaths> graph_g_suite_traverse_user_group(gsuite_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_g_suite_traverse_user_group(gsuite_id, opts) List the User Groups bound to a G Suite instance @@ -236,23 +390,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GSuiteApi.new - -gsuite_id = "gsuite_id_example" # String | ObjectID of the G Suite instance. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to a G Suite instance - result = api_instance.graph_g_suite_traverse_user_group(gsuite_id, content_type, accept, opts) + result = api_instance.graph_g_suite_traverse_user_group(gsuite_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GSuiteApi->graph_g_suite_traverse_user_group: #{e}" @@ -264,12 +412,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| ObjectID of the G Suite instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -281,13 +427,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **gsuites_get** -> GsuiteOutput gsuites_get(id, content_type, accept, opts) +> Gsuite gsuites_get(id, opts) Get G Suite @@ -297,25 +443,86 @@ This endpoint returns a specific G Suite. ##### Sample Request ``` curl -X GE ```ruby # load the gem require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end api_instance = JCAPIv2::GSuiteApi.new +id = 'id_example' # String | Unique identifier of the GSuite. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get G Suite + result = api_instance.gsuites_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gsuites_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| Unique identifier of the GSuite. | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] -id = "id_example" # String | Unique identifier of the GSuite. +### Return type + +[**Gsuite**](Gsuite.md) -content_type = "application/json" # String | +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json -accept = "application/json" # String | + +# **gsuites_list_import_jumpcloud_users** +> InlineResponse2001 gsuites_list_import_jumpcloud_users(gsuite_id, opts) + +Get a list of users in Jumpcloud format to import from a Google Workspace account. + +Lists available G Suite users for import, translated to the Jumpcloud user schema. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | opts = { - x_org_id: "" # String | + max_results: 56, # Integer | Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + order_by: 'order_by_example', # String | Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + page_token: 'page_token_example', # String | Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + query: 'query_example', # String | Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + sort_order: 'sort_order_example' # String | Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. } begin - #Get G Suite - result = api_instance.gsuites_get(id, content_type, accept, opts) + #Get a list of users in Jumpcloud format to import from a Google Workspace account. + result = api_instance.gsuites_list_import_jumpcloud_users(gsuite_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GSuiteApi->gsuites_get: #{e}" + puts "Exception when calling GSuiteApi->gsuites_list_import_jumpcloud_users: #{e}" end ``` @@ -323,54 +530,116 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| Unique identifier of the GSuite. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **gsuite_id** | **String**| | + **max_results** | **Integer**| Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **order_by** | **String**| Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **page_token** | **String**| Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **query** | **String**| Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. | [optional] + **sort_order** | **String**| Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] ### Return type -[**GsuiteOutput**](GsuiteOutput.md) +[**InlineResponse2001**](InlineResponse2001.md) ### Authorization -No authorization required +[x-api-key](../README.md#x-api-key) ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **gsuites_patch** -> GsuiteOutput gsuites_patch(id, content_type, accept, opts) +# **gsuites_list_import_users** +> InlineResponse2002 gsuites_list_import_users(gsuite_id, opts) -Update existing G Suite +Get a list of users to import from a G Suite instance -This endpoint allows updating some attributes of a G Suite. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"remove\", \"userPasswordExpirationAction\": \"disable\" }' ``` +Lists G Suite users available for import. ### Example ```ruby # load the gem require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end api_instance = JCAPIv2::GSuiteApi.new +gsuite_id = 'gsuite_id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + max_results: 56, # Integer | Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + order_by: 'order_by_example', # String | Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + page_token: 'page_token_example', # String | Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + query: 'query_example', # String | Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + sort_order: 'sort_order_example' # String | Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. +} + +begin + #Get a list of users to import from a G Suite instance + result = api_instance.gsuites_list_import_users(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteApi->gsuites_list_import_users: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **gsuite_id** | **String**| | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **max_results** | **Integer**| Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **order_by** | **String**| Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **page_token** | **String**| Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **query** | **String**| Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. | [optional] + **sort_order** | **String**| Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + +### Return type + +[**InlineResponse2002**](InlineResponse2002.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers -id = "id_example" # String | Unique identifier of the GSuite. + - **Content-Type**: Not defined + - **Accept**: application/json -content_type = "application/json" # String | -accept = "application/json" # String | +# **gsuites_patch** +> Gsuite gsuites_patch(id, opts) + +Update existing G Suite + +This endpoint allows updating some attributes of a G Suite. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"suspend\", \"userPasswordExpirationAction\": \"maintain\" }' ``` Sample Request, set a default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": { \"id\": \"{domainObjectID}\" } }' ``` Sample Request, unset the default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": {} }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' + +api_instance = JCAPIv2::GSuiteApi.new +id = 'id_example' # String | Unique identifier of the GSuite. opts = { - body: JCAPIv2::GsuitePatchInput.new, # GsuitePatchInput | - x_org_id: "" # String | + body: JCAPIv2::Gsuite.new # Gsuite | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Update existing G Suite - result = api_instance.gsuites_patch(id, content_type, accept, opts) + result = api_instance.gsuites_patch(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GSuiteApi->gsuites_patch: #{e}" @@ -382,14 +651,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| Unique identifier of the GSuite. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GsuitePatchInput**](GsuitePatchInput.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**Gsuite**](Gsuite.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**GsuiteOutput**](GsuiteOutput.md) +[**Gsuite**](Gsuite.md) ### Authorization @@ -403,7 +670,7 @@ No authorization required # **translation_rules_g_suite_delete** -> translation_rules_g_suite_delete(gsuite_id, id, content_type, accept) +> translation_rules_g_suite_delete(gsuite_id, id) Deletes a G Suite translation rule @@ -422,19 +689,13 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GSuiteApi.new - -gsuite_id = "gsuite_id_example" # String | - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | +gsuite_id = 'gsuite_id_example' # String | +id = 'id_example' # String | begin #Deletes a G Suite translation rule - api_instance.translation_rules_g_suite_delete(gsuite_id, id, content_type, accept) + api_instance.translation_rules_g_suite_delete(gsuite_id, id) rescue JCAPIv2::ApiError => e puts "Exception when calling GSuiteApi->translation_rules_g_suite_delete: #{e}" end @@ -446,8 +707,6 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| | **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] ### Return type @@ -459,13 +718,13 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json - - **Accept**: application/json + - **Content-Type**: Not defined + - **Accept**: Not defined # **translation_rules_g_suite_get** -> GSuiteTranslationRule translation_rules_g_suite_get(gsuite_id, id, content_type, accept) +> GSuiteTranslationRule translation_rules_g_suite_get(gsuite_id, id) Gets a specific G Suite translation rule @@ -484,19 +743,13 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GSuiteApi.new - -gsuite_id = "gsuite_id_example" # String | - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | +gsuite_id = 'gsuite_id_example' # String | +id = 'id_example' # String | begin #Gets a specific G Suite translation rule - result = api_instance.translation_rules_g_suite_get(gsuite_id, id, content_type, accept) + result = api_instance.translation_rules_g_suite_get(gsuite_id, id) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GSuiteApi->translation_rules_g_suite_get: #{e}" @@ -509,8 +762,6 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| | **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] ### Return type @@ -522,17 +773,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **translation_rules_g_suite_list** -> Array<GSuiteTranslationRule> translation_rules_g_suite_list(gsuite_id, content_type, accept, opts) +> Array<GSuiteTranslationRule> translation_rules_g_suite_list(gsuite_id, opts) List all the G Suite Translation Rules -This endpoint returns all graph translation rules for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns all graph translation rules for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -547,24 +798,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GSuiteApi.new - -gsuite_id = "gsuite_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +gsuite_id = 'gsuite_id_example' # String | opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. } begin #List all the G Suite Translation Rules - result = api_instance.translation_rules_g_suite_list(gsuite_id, content_type, accept, opts) + result = api_instance.translation_rules_g_suite_list(gsuite_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GSuiteApi->translation_rules_g_suite_list: #{e}" @@ -576,10 +821,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] @@ -594,17 +837,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **translation_rules_g_suite_post** -> GSuiteTranslationRule translation_rules_g_suite_post(gsuite_id, content_type, accept, opts) +> GSuiteTranslationRule translation_rules_g_suite_post(gsuite_id, opts) Create a new G Suite Translation Rule -This endpoint allows you to create a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` +This endpoint allows you to create a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` ### Example ```ruby @@ -619,20 +862,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GSuiteApi.new - -gsuite_id = "gsuite_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +gsuite_id = 'gsuite_id_example' # String | opts = { body: JCAPIv2::GSuiteTranslationRuleRequest.new # GSuiteTranslationRuleRequest | } begin #Create a new G Suite Translation Rule - result = api_instance.translation_rules_g_suite_post(gsuite_id, content_type, accept, opts) + result = api_instance.translation_rules_g_suite_post(gsuite_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GSuiteApi->translation_rules_g_suite_post: #{e}" @@ -644,8 +881,6 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**GSuiteTranslationRuleRequest**](GSuiteTranslationRuleRequest.md)| | [optional] ### Return type diff --git a/jcapiv2/docs/GSuiteBuiltinTranslation.md b/jcapiv2/docs/GSuiteBuiltinTranslation.md index ce0d47f..4a734a2 100644 --- a/jcapiv2/docs/GSuiteBuiltinTranslation.md +++ b/jcapiv2/docs/GSuiteBuiltinTranslation.md @@ -4,4 +4,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- - diff --git a/jcapiv2/docs/GSuiteDirectionTranslation.md b/jcapiv2/docs/GSuiteDirectionTranslation.md new file mode 100644 index 0000000..f6bb34f --- /dev/null +++ b/jcapiv2/docs/GSuiteDirectionTranslation.md @@ -0,0 +1,6 @@ +# JCAPIv2::GSuiteDirectionTranslation + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/GSuiteImportApi.md b/jcapiv2/docs/GSuiteImportApi.md new file mode 100644 index 0000000..a9ca97d --- /dev/null +++ b/jcapiv2/docs/GSuiteImportApi.md @@ -0,0 +1,139 @@ +# JCAPIv2::GSuiteImportApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**gsuites_list_import_jumpcloud_users**](GSuiteImportApi.md#gsuites_list_import_jumpcloud_users) | **GET** /gsuites/{gsuite_id}/import/jumpcloudusers | Get a list of users in Jumpcloud format to import from a Google Workspace account. +[**gsuites_list_import_users**](GSuiteImportApi.md#gsuites_list_import_users) | **GET** /gsuites/{gsuite_id}/import/users | Get a list of users to import from a G Suite instance + +# **gsuites_list_import_jumpcloud_users** +> InlineResponse2001 gsuites_list_import_jumpcloud_users(gsuite_id, opts) + +Get a list of users in Jumpcloud format to import from a Google Workspace account. + +Lists available G Suite users for import, translated to the Jumpcloud user schema. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteImportApi.new +gsuite_id = 'gsuite_id_example' # String | +opts = { + max_results: 56, # Integer | Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + order_by: 'order_by_example', # String | Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + page_token: 'page_token_example', # String | Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + query: 'query_example', # String | Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + sort_order: 'sort_order_example' # String | Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. +} + +begin + #Get a list of users in Jumpcloud format to import from a Google Workspace account. + result = api_instance.gsuites_list_import_jumpcloud_users(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteImportApi->gsuites_list_import_jumpcloud_users: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **gsuite_id** | **String**| | + **max_results** | **Integer**| Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **order_by** | **String**| Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **page_token** | **String**| Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **query** | **String**| Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. | [optional] + **sort_order** | **String**| Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + +### Return type + +[**InlineResponse2001**](InlineResponse2001.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **gsuites_list_import_users** +> InlineResponse2002 gsuites_list_import_users(gsuite_id, opts) + +Get a list of users to import from a G Suite instance + +Lists G Suite users available for import. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GSuiteImportApi.new +gsuite_id = 'gsuite_id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + max_results: 56, # Integer | Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + order_by: 'order_by_example', # String | Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + page_token: 'page_token_example', # String | Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + query: 'query_example', # String | Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + sort_order: 'sort_order_example' # String | Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. +} + +begin + #Get a list of users to import from a G Suite instance + result = api_instance.gsuites_list_import_users(gsuite_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GSuiteImportApi->gsuites_list_import_users: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **gsuite_id** | **String**| | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **max_results** | **Integer**| Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **order_by** | **String**| Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **page_token** | **String**| Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + **query** | **String**| Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. | [optional] + **sort_order** | **String**| Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. | [optional] + +### Return type + +[**InlineResponse2002**](InlineResponse2002.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/GSuiteTranslationRule.md b/jcapiv2/docs/GSuiteTranslationRule.md index 38fa8cf..e1d4476 100644 --- a/jcapiv2/docs/GSuiteTranslationRule.md +++ b/jcapiv2/docs/GSuiteTranslationRule.md @@ -4,6 +4,6 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **built_in** | [**GSuiteBuiltinTranslation**](GSuiteBuiltinTranslation.md) | | [optional] +**direction** | [**GSuiteDirectionTranslation**](GSuiteDirectionTranslation.md) | | [optional] **id** | **String** | ObjectId uniquely identifying a Translation Rule. | [optional] - diff --git a/jcapiv2/docs/GSuiteTranslationRuleRequest.md b/jcapiv2/docs/GSuiteTranslationRuleRequest.md index 1b4f5d9..c808ba9 100644 --- a/jcapiv2/docs/GSuiteTranslationRuleRequest.md +++ b/jcapiv2/docs/GSuiteTranslationRuleRequest.md @@ -4,5 +4,5 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **built_in** | [**GSuiteBuiltinTranslation**](GSuiteBuiltinTranslation.md) | | [optional] - +**direction** | [**GSuiteDirectionTranslation**](GSuiteDirectionTranslation.md) | | [optional] diff --git a/jcapiv2/docs/GoogleEMMApi.md b/jcapiv2/docs/GoogleEMMApi.md new file mode 100644 index 0000000..de930c0 --- /dev/null +++ b/jcapiv2/docs/GoogleEMMApi.md @@ -0,0 +1,832 @@ +# JCAPIv2::GoogleEMMApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**devices_erase_device**](GoogleEMMApi.md#devices_erase_device) | **POST** /google-emm/devices/{deviceId}/erase-device | Erase the Android Device +[**devices_get_device**](GoogleEMMApi.md#devices_get_device) | **GET** /google-emm/devices/{deviceId} | Get device +[**devices_get_device_android_policy**](GoogleEMMApi.md#devices_get_device_android_policy) | **GET** /google-emm/devices/{deviceId}/policy_results | Get the policy JSON of a device +[**devices_list_devices**](GoogleEMMApi.md#devices_list_devices) | **GET** /google-emm/enterprises/{enterpriseObjectId}/devices | List devices +[**devices_lock_device**](GoogleEMMApi.md#devices_lock_device) | **POST** /google-emm/devices/{deviceId}/lock | Lock device +[**devices_reboot_device**](GoogleEMMApi.md#devices_reboot_device) | **POST** /google-emm/devices/{deviceId}/reboot | Reboot device +[**devices_reset_password**](GoogleEMMApi.md#devices_reset_password) | **POST** /google-emm/devices/{deviceId}/resetpassword | Reset Password of a device +[**enrollment_tokens_create_enrollment_token**](GoogleEMMApi.md#enrollment_tokens_create_enrollment_token) | **POST** /google-emm/enrollment-tokens | Create an enrollment token +[**enterprises_create_enterprise**](GoogleEMMApi.md#enterprises_create_enterprise) | **POST** /google-emm/enterprises | Create a Google Enterprise +[**enterprises_delete_enterprise**](GoogleEMMApi.md#enterprises_delete_enterprise) | **DELETE** /google-emm/enterprises/{enterpriseId} | Delete a Google Enterprise +[**enterprises_get_connection_status**](GoogleEMMApi.md#enterprises_get_connection_status) | **GET** /google-emm/enterprises/{enterpriseId}/connection-status | Test connection with Google +[**enterprises_list_enterprises**](GoogleEMMApi.md#enterprises_list_enterprises) | **GET** /google-emm/enterprises | List Google Enterprises +[**enterprises_patch_enterprise**](GoogleEMMApi.md#enterprises_patch_enterprise) | **PATCH** /google-emm/enterprises/{enterpriseId} | Update a Google Enterprise +[**signup_urls_create**](GoogleEMMApi.md#signup_urls_create) | **POST** /google-emm/signup-urls | Get a Signup URL to enroll Google enterprise +[**web_tokens_create_web_token**](GoogleEMMApi.md#web_tokens_create_web_token) | **POST** /google-emm/web-tokens | Get a web token to render Google Play iFrame + +# **devices_erase_device** +> JumpcloudGoogleEmmCommandResponse devices_erase_device(bodydevice_id) + +Erase the Android Device + +Removes the work profile and all policies from a personal/company-owned Android 8.0+ device. Company owned devices will be relinquished for personal use. Apps and data associated with the personal profile(s) are preserved. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/erase-device \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = nil # Object | +device_id = 'B' # String | + + +begin + #Erase the Android Device + result = api_instance.devices_erase_device(bodydevice_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_erase_device: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**Object**](Object.md)| | + **device_id** | **String**| | + +### Return type + +[**JumpcloudGoogleEmmCommandResponse**](JumpcloudGoogleEmmCommandResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **devices_get_device** +> JumpcloudGoogleEmmDevice devices_get_device(device_id) + +Get device + +Gets a Google EMM enrolled device details. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +device_id = 'B' # String | + + +begin + #Get device + result = api_instance.devices_get_device(device_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_get_device: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **device_id** | **String**| | + +### Return type + +[**JumpcloudGoogleEmmDevice**](JumpcloudGoogleEmmDevice.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **devices_get_device_android_policy** +> JumpcloudGoogleEmmDeviceAndroidPolicy devices_get_device_android_policy(device_id) + +Get the policy JSON of a device + +Gets an android JSON policy for a Google EMM enrolled device. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/policy_results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +device_id = 'B' # String | + + +begin + #Get the policy JSON of a device + result = api_instance.devices_get_device_android_policy(device_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_get_device_android_policy: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **device_id** | **String**| | + +### Return type + +[**JumpcloudGoogleEmmDeviceAndroidPolicy**](JumpcloudGoogleEmmDeviceAndroidPolicy.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **devices_list_devices** +> JumpcloudGoogleEmmListDevicesResponse devices_list_devices(enterprise_object_id, opts) + +List devices + +Lists google EMM enrolled devices. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/enterprises/{enterprise_object_id}/devices \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +enterprise_object_id = 'B' # String | +opts = { + limit: '100', # String | The number of records to return at once. Limited to 100. + skip: '0', # String | The offset into the records to return. + filter: ['filter_example'] # Array | +} + +begin + #List devices + result = api_instance.devices_list_devices(enterprise_object_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_list_devices: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **enterprise_object_id** | **String**| | + **limit** | **String**| The number of records to return at once. Limited to 100. | [optional] [default to 100] + **skip** | **String**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| | [optional] + +### Return type + +[**JumpcloudGoogleEmmListDevicesResponse**](JumpcloudGoogleEmmListDevicesResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **devices_lock_device** +> JumpcloudGoogleEmmCommandResponse devices_lock_device(bodydevice_id) + +Lock device + +Locks a Google EMM enrolled device, as if the lock screen timeout had expired. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/lock \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = nil # Object | +device_id = 'B' # String | + + +begin + #Lock device + result = api_instance.devices_lock_device(bodydevice_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_lock_device: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**Object**](Object.md)| | + **device_id** | **String**| | + +### Return type + +[**JumpcloudGoogleEmmCommandResponse**](JumpcloudGoogleEmmCommandResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **devices_reboot_device** +> JumpcloudGoogleEmmCommandResponse devices_reboot_device(bodydevice_id) + +Reboot device + +Reboots a Google EMM enrolled device. Only supported on fully managed devices running Android 7.0 or higher. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/reboot \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = nil # Object | +device_id = 'B' # String | + + +begin + #Reboot device + result = api_instance.devices_reboot_device(bodydevice_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_reboot_device: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**Object**](Object.md)| | + **device_id** | **String**| | + +### Return type + +[**JumpcloudGoogleEmmCommandResponse**](JumpcloudGoogleEmmCommandResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **devices_reset_password** +> JumpcloudGoogleEmmCommandResponse devices_reset_password(bodydevice_id) + +Reset Password of a device + +Reset the user's password of a Google EMM enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/resetpassword \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'new_password' : 'string' }' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = JCAPIv2::DeviceIdResetpasswordBody.new # DeviceIdResetpasswordBody | +device_id = 'B' # String | + + +begin + #Reset Password of a device + result = api_instance.devices_reset_password(bodydevice_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->devices_reset_password: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**DeviceIdResetpasswordBody**](DeviceIdResetpasswordBody.md)| | + **device_id** | **String**| | + +### Return type + +[**JumpcloudGoogleEmmCommandResponse**](JumpcloudGoogleEmmCommandResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **enrollment_tokens_create_enrollment_token** +> JumpcloudGoogleEmmCreateEnrollmentTokenResponse enrollment_tokens_create_enrollment_token(body) + +Create an enrollment token + +Gets an enrollment token to enroll a device into Google EMM. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/enrollment-tokens \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenRequest.new # JumpcloudGoogleEmmCreateEnrollmentTokenRequest | + + +begin + #Create an enrollment token + result = api_instance.enrollment_tokens_create_enrollment_token(body) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enrollment_tokens_create_enrollment_token: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**JumpcloudGoogleEmmCreateEnrollmentTokenRequest**](JumpcloudGoogleEmmCreateEnrollmentTokenRequest.md)| | + +### Return type + +[**JumpcloudGoogleEmmCreateEnrollmentTokenResponse**](JumpcloudGoogleEmmCreateEnrollmentTokenResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **enterprises_create_enterprise** +> JumpcloudGoogleEmmEnterprise enterprises_create_enterprise(body) + +Create a Google Enterprise + +Creates a Google EMM enterprise. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'signupUrlName': 'string', 'enrollmentToken': 'string' }' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = JCAPIv2::JumpcloudGoogleEmmCreateEnterpriseRequest.new # JumpcloudGoogleEmmCreateEnterpriseRequest | + + +begin + #Create a Google Enterprise + result = api_instance.enterprises_create_enterprise(body) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enterprises_create_enterprise: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**JumpcloudGoogleEmmCreateEnterpriseRequest**](JumpcloudGoogleEmmCreateEnterpriseRequest.md)| | + +### Return type + +[**JumpcloudGoogleEmmEnterprise**](JumpcloudGoogleEmmEnterprise.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **enterprises_delete_enterprise** +> Object enterprises_delete_enterprise(enterprise_id) + +Delete a Google Enterprise + +Removes a Google EMM enterprise. Warning: This is a destructive operation and will remove all data associated with Google EMM enterprise from JumpCloud including devices and applications associated with the given enterprise. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/google-emm/devices/{enterpriseId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +enterprise_id = 'B' # String | + + +begin + #Delete a Google Enterprise + result = api_instance.enterprises_delete_enterprise(enterprise_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enterprises_delete_enterprise: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **enterprise_id** | **String**| | + +### Return type + +**Object** + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **enterprises_get_connection_status** +> JumpcloudGoogleEmmConnectionStatus enterprises_get_connection_status(enterprise_id) + +Test connection with Google + +Gives a connection status between JumpCloud and Google. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{enterpriseId}/connection-status \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +enterprise_id = 'B' # String | + + +begin + #Test connection with Google + result = api_instance.enterprises_get_connection_status(enterprise_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enterprises_get_connection_status: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **enterprise_id** | **String**| | + +### Return type + +[**JumpcloudGoogleEmmConnectionStatus**](JumpcloudGoogleEmmConnectionStatus.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **enterprises_list_enterprises** +> JumpcloudGoogleEmmListEnterprisesResponse enterprises_list_enterprises(opts) + +List Google Enterprises + +Lists all Google EMM enterprises. An empty list indicates that the Organization is not configured with a Google EMM enterprise yet. Note: Currently only one Google Enterprise per Organization is supported. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +opts = { + limit: '100', # String | The number of records to return at once. Limited to 100. + skip: '0' # String | The offset into the records to return. +} + +begin + #List Google Enterprises + result = api_instance.enterprises_list_enterprises(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enterprises_list_enterprises: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **limit** | **String**| The number of records to return at once. Limited to 100. | [optional] [default to 100] + **skip** | **String**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**JumpcloudGoogleEmmListEnterprisesResponse**](JumpcloudGoogleEmmListEnterprisesResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **enterprises_patch_enterprise** +> JumpcloudGoogleEmmEnterprise enterprises_patch_enterprise(bodyenterprise_id) + +Update a Google Enterprise + +Updates a Google EMM enterprise details. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'allowDeviceEnrollment': true, 'deviceGroupId': 'string' }' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = JCAPIv2::EnterprisesEnterpriseIdBody.new # EnterprisesEnterpriseIdBody | +enterprise_id = 'B' # String | + + +begin + #Update a Google Enterprise + result = api_instance.enterprises_patch_enterprise(bodyenterprise_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->enterprises_patch_enterprise: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**EnterprisesEnterpriseIdBody**](EnterprisesEnterpriseIdBody.md)| | + **enterprise_id** | **String**| | + +### Return type + +[**JumpcloudGoogleEmmEnterprise**](JumpcloudGoogleEmmEnterprise.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **signup_urls_create** +> JumpcloudGoogleEmmSignupURL signup_urls_create + +Get a Signup URL to enroll Google enterprise + +Creates a Google EMM enterprise signup URL. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/signup-urls \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new + +begin + #Get a Signup URL to enroll Google enterprise + result = api_instance.signup_urls_create + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->signup_urls_create: #{e}" +end +``` + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**JumpcloudGoogleEmmSignupURL**](JumpcloudGoogleEmmSignupURL.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **web_tokens_create_web_token** +> JumpcloudGoogleEmmWebToken web_tokens_create_web_token(body) + +Get a web token to render Google Play iFrame + +Creates a web token to access an embeddable managed Google Play web UI for a given Google EMM enterprise. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/web-tokens \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GoogleEMMApi.new +body = JCAPIv2::JumpcloudGoogleEmmCreateWebTokenRequest.new # JumpcloudGoogleEmmCreateWebTokenRequest | + + +begin + #Get a web token to render Google Play iFrame + result = api_instance.web_tokens_create_web_token(body) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GoogleEMMApi->web_tokens_create_web_token: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**JumpcloudGoogleEmmCreateWebTokenRequest**](JumpcloudGoogleEmmCreateWebTokenRequest.md)| | + +### Return type + +[**JumpcloudGoogleEmmWebToken**](JumpcloudGoogleEmmWebToken.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/GoogleProtobufAny.md b/jcapiv2/docs/GoogleProtobufAny.md new file mode 100644 index 0000000..193c476 --- /dev/null +++ b/jcapiv2/docs/GoogleProtobufAny.md @@ -0,0 +1,6 @@ +# JCAPIv2::GoogleProtobufAny + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/GoogleRpcStatus.md b/jcapiv2/docs/GoogleRpcStatus.md new file mode 100644 index 0000000..1923547 --- /dev/null +++ b/jcapiv2/docs/GoogleRpcStatus.md @@ -0,0 +1,9 @@ +# JCAPIv2::GoogleRpcStatus + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**code** | **Integer** | | [optional] +**details** | [**Array<GoogleProtobufAny>**](GoogleProtobufAny.md) | | [optional] +**message** | **String** | | [optional] + diff --git a/jcapiv2/docs/GraphApi.md b/jcapiv2/docs/GraphApi.md index f7e2531..67db513 100644 --- a/jcapiv2/docs/GraphApi.md +++ b/jcapiv2/docs/GraphApi.md @@ -30,37 +30,49 @@ Method | HTTP request | Description [**graph_office365_traverse_user_group**](GraphApi.md#graph_office365_traverse_user_group) | **GET** /office365s/{office365_id}/usergroups | List the User Groups bound to an Office 365 instance [**graph_policy_associations_list**](GraphApi.md#graph_policy_associations_list) | **GET** /policies/{policy_id}/associations | List the associations of a Policy [**graph_policy_associations_post**](GraphApi.md#graph_policy_associations_post) | **POST** /policies/{policy_id}/associations | Manage the associations of a Policy +[**graph_policy_group_associations_list**](GraphApi.md#graph_policy_group_associations_list) | **GET** /policygroups/{group_id}/associations | List the associations of a Policy Group. +[**graph_policy_group_associations_post**](GraphApi.md#graph_policy_group_associations_post) | **POST** /policygroups/{group_id}/associations | Manage the associations of a Policy Group +[**graph_policy_group_members_list**](GraphApi.md#graph_policy_group_members_list) | **GET** /policygroups/{group_id}/members | List the members of a Policy Group +[**graph_policy_group_members_post**](GraphApi.md#graph_policy_group_members_post) | **POST** /policygroups/{group_id}/members | Manage the members of a Policy Group +[**graph_policy_group_membership**](GraphApi.md#graph_policy_group_membership) | **GET** /policygroups/{group_id}/membership | List the Policy Group's membership +[**graph_policy_group_traverse_system**](GraphApi.md#graph_policy_group_traverse_system) | **GET** /policygroups/{group_id}/systems | List the Systems bound to a Policy Group +[**graph_policy_group_traverse_system_group**](GraphApi.md#graph_policy_group_traverse_system_group) | **GET** /policygroups/{group_id}/systemgroups | List the System Groups bound to Policy Groups +[**graph_policy_member_of**](GraphApi.md#graph_policy_member_of) | **GET** /policies/{policy_id}/memberof | List the parent Groups of a Policy [**graph_policy_traverse_system**](GraphApi.md#graph_policy_traverse_system) | **GET** /policies/{policy_id}/systems | List the Systems bound to a Policy [**graph_policy_traverse_system_group**](GraphApi.md#graph_policy_traverse_system_group) | **GET** /policies/{policy_id}/systemgroups | List the System Groups bound to a Policy [**graph_radius_server_associations_list**](GraphApi.md#graph_radius_server_associations_list) | **GET** /radiusservers/{radiusserver_id}/associations | List the associations of a RADIUS Server [**graph_radius_server_associations_post**](GraphApi.md#graph_radius_server_associations_post) | **POST** /radiusservers/{radiusserver_id}/associations | Manage the associations of a RADIUS Server [**graph_radius_server_traverse_user**](GraphApi.md#graph_radius_server_traverse_user) | **GET** /radiusservers/{radiusserver_id}/users | List the Users bound to a RADIUS Server [**graph_radius_server_traverse_user_group**](GraphApi.md#graph_radius_server_traverse_user_group) | **GET** /radiusservers/{radiusserver_id}/usergroups | List the User Groups bound to a RADIUS Server +[**graph_softwareapps_associations_list**](GraphApi.md#graph_softwareapps_associations_list) | **GET** /softwareapps/{software_app_id}/associations | List the associations of a Software Application +[**graph_softwareapps_associations_post**](GraphApi.md#graph_softwareapps_associations_post) | **POST** /softwareapps/{software_app_id}/associations | Manage the associations of a software application. +[**graph_softwareapps_traverse_system**](GraphApi.md#graph_softwareapps_traverse_system) | **GET** /softwareapps/{software_app_id}/systems | List the Systems bound to a Software App. +[**graph_softwareapps_traverse_system_group**](GraphApi.md#graph_softwareapps_traverse_system_group) | **GET** /softwareapps/{software_app_id}/systemgroups | List the System Groups bound to a Software App. [**graph_system_associations_list**](GraphApi.md#graph_system_associations_list) | **GET** /systems/{system_id}/associations | List the associations of a System [**graph_system_associations_post**](GraphApi.md#graph_system_associations_post) | **POST** /systems/{system_id}/associations | Manage associations of a System [**graph_system_group_associations_list**](GraphApi.md#graph_system_group_associations_list) | **GET** /systemgroups/{group_id}/associations | List the associations of a System Group [**graph_system_group_associations_post**](GraphApi.md#graph_system_group_associations_post) | **POST** /systemgroups/{group_id}/associations | Manage the associations of a System Group -[**graph_system_group_member_of**](GraphApi.md#graph_system_group_member_of) | **GET** /systemgroups/{group_id}/memberof | List the System Group's parents [**graph_system_group_members_list**](GraphApi.md#graph_system_group_members_list) | **GET** /systemgroups/{group_id}/members | List the members of a System Group [**graph_system_group_members_post**](GraphApi.md#graph_system_group_members_post) | **POST** /systemgroups/{group_id}/members | Manage the members of a System Group -[**graph_system_group_membership**](GraphApi.md#graph_system_group_membership) | **GET** /systemgroups/{group_id}/membership | List the System Group's membership +[**graph_system_group_membership**](GraphApi.md#graph_system_group_membership) | **GET** /systemgroups/{group_id}/membership | List the System Group's membership [**graph_system_group_traverse_command**](GraphApi.md#graph_system_group_traverse_command) | **GET** /systemgroups/{group_id}/commands | List the Commands bound to a System Group [**graph_system_group_traverse_policy**](GraphApi.md#graph_system_group_traverse_policy) | **GET** /systemgroups/{group_id}/policies | List the Policies bound to a System Group +[**graph_system_group_traverse_policy_group**](GraphApi.md#graph_system_group_traverse_policy_group) | **GET** /systemgroups/{group_id}/policygroups | List the Policy Groups bound to a System Group [**graph_system_group_traverse_user**](GraphApi.md#graph_system_group_traverse_user) | **GET** /systemgroups/{group_id}/users | List the Users bound to a System Group [**graph_system_group_traverse_user_group**](GraphApi.md#graph_system_group_traverse_user_group) | **GET** /systemgroups/{group_id}/usergroups | List the User Groups bound to a System Group [**graph_system_member_of**](GraphApi.md#graph_system_member_of) | **GET** /systems/{system_id}/memberof | List the parent Groups of a System [**graph_system_traverse_command**](GraphApi.md#graph_system_traverse_command) | **GET** /systems/{system_id}/commands | List the Commands bound to a System [**graph_system_traverse_policy**](GraphApi.md#graph_system_traverse_policy) | **GET** /systems/{system_id}/policies | List the Policies bound to a System +[**graph_system_traverse_policy_group**](GraphApi.md#graph_system_traverse_policy_group) | **GET** /systems/{system_id}/policygroups | List the Policy Groups bound to a System [**graph_system_traverse_user**](GraphApi.md#graph_system_traverse_user) | **GET** /systems/{system_id}/users | List the Users bound to a System [**graph_system_traverse_user_group**](GraphApi.md#graph_system_traverse_user_group) | **GET** /systems/{system_id}/usergroups | List the User Groups bound to a System [**graph_user_associations_list**](GraphApi.md#graph_user_associations_list) | **GET** /users/{user_id}/associations | List the associations of a User [**graph_user_associations_post**](GraphApi.md#graph_user_associations_post) | **POST** /users/{user_id}/associations | Manage the associations of a User [**graph_user_group_associations_list**](GraphApi.md#graph_user_group_associations_list) | **GET** /usergroups/{group_id}/associations | List the associations of a User Group. [**graph_user_group_associations_post**](GraphApi.md#graph_user_group_associations_post) | **POST** /usergroups/{group_id}/associations | Manage the associations of a User Group -[**graph_user_group_member_of**](GraphApi.md#graph_user_group_member_of) | **GET** /usergroups/{group_id}/memberof | List the User Group's parents [**graph_user_group_members_list**](GraphApi.md#graph_user_group_members_list) | **GET** /usergroups/{group_id}/members | List the members of a User Group [**graph_user_group_members_post**](GraphApi.md#graph_user_group_members_post) | **POST** /usergroups/{group_id}/members | Manage the members of a User Group -[**graph_user_group_membership**](GraphApi.md#graph_user_group_membership) | **GET** /usergroups/{group_id}/membership | List the User Group's membership +[**graph_user_group_membership**](GraphApi.md#graph_user_group_membership) | **GET** /usergroups/{group_id}/membership | List the User Group's membership [**graph_user_group_traverse_active_directory**](GraphApi.md#graph_user_group_traverse_active_directory) | **GET** /usergroups/{group_id}/activedirectories | List the Active Directories bound to a User Group [**graph_user_group_traverse_application**](GraphApi.md#graph_user_group_traverse_application) | **GET** /usergroups/{group_id}/applications | List the Applications bound to a User Group [**graph_user_group_traverse_directory**](GraphApi.md#graph_user_group_traverse_directory) | **GET** /usergroups/{group_id}/directories | List the Directories bound to a User Group @@ -80,11 +92,10 @@ Method | HTTP request | Description [**graph_user_traverse_radius_server**](GraphApi.md#graph_user_traverse_radius_server) | **GET** /users/{user_id}/radiusservers | List the RADIUS Servers bound to a User [**graph_user_traverse_system**](GraphApi.md#graph_user_traverse_system) | **GET** /users/{user_id}/systems | List the Systems bound to a User [**graph_user_traverse_system_group**](GraphApi.md#graph_user_traverse_system_group) | **GET** /users/{user_id}/systemgroups | List the System Groups bound to a User -[**policystatuses_list**](GraphApi.md#policystatuses_list) | **GET** /systems/{system_id}/policystatuses | List the policy statuses for a system - +[**policystatuses_systems_list**](GraphApi.md#policystatuses_systems_list) | **GET** /systems/{system_id}/policystatuses | List the policy statuses for a system # **graph_active_directory_associations_list** -> Array<GraphConnection> graph_active_directory_associations_list(activedirectory_id, targets, content_type, accept, opts) +> Array<GraphConnection> graph_active_directory_associations_list(activedirectory_id, targets, opts) List the associations of an Active Directory instance @@ -103,24 +114,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -activedirectory_id = "activedirectory_id_example" # String | - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +activedirectory_id = 'activedirectory_id_example' # String | +targets = ['targets_example'] # Array | Targets which a \"active_directory\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of an Active Directory instance - result = api_instance.graph_active_directory_associations_list(activedirectory_id, targets, content_type, accept, opts) + result = api_instance.graph_active_directory_associations_list(activedirectory_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_active_directory_associations_list: #{e}" @@ -132,12 +136,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"active_directory\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -149,17 +151,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_active_directory_associations_post** -> graph_active_directory_associations_post(activedirectory_id, content_type, accept, opts) +> graph_active_directory_associations_post(activedirectory_id, opts) Manage the associations of an Active Directory instance -This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" } ' ``` +This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` ### Example ```ruby @@ -174,21 +176,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -activedirectory_id = "activedirectory_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +activedirectory_id = 'activedirectory_id_example' # String | opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationActiveDirectory.new # GraphOperationActiveDirectory | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of an Active Directory instance - api_instance.graph_active_directory_associations_post(activedirectory_id, content_type, accept, opts) + api_instance.graph_active_directory_associations_post(activedirectory_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_active_directory_associations_post: #{e}" end @@ -199,10 +195,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationActiveDirectory**](GraphOperationActiveDirectory.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -215,12 +209,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_active_directory_traverse_user** -> Array<GraphObjectWithPaths> graph_active_directory_traverse_user(activedirectory_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_active_directory_traverse_user(activedirectory_id, opts) List the Users bound to an Active Directory instance @@ -239,23 +233,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -activedirectory_id = "activedirectory_id_example" # String | ObjectID of the Active Directory instance. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +activedirectory_id = 'activedirectory_id_example' # String | ObjectID of the Active Directory instance. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | - skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0 # Integer | The offset into the records to return. } begin #List the Users bound to an Active Directory instance - result = api_instance.graph_active_directory_traverse_user(activedirectory_id, content_type, accept, opts) + result = api_instance.graph_active_directory_traverse_user(activedirectory_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_active_directory_traverse_user: #{e}" @@ -267,11 +255,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| ObjectID of the Active Directory instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] ### Return type @@ -284,13 +270,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_active_directory_traverse_user_group** -> Array<GraphObjectWithPaths> graph_active_directory_traverse_user_group(activedirectory_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_active_directory_traverse_user_group(activedirectory_id, opts) List the User Groups bound to an Active Directory instance @@ -309,23 +295,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -activedirectory_id = "activedirectory_id_example" # String | ObjectID of the Active Directory instance. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +activedirectory_id = 'activedirectory_id_example' # String | ObjectID of the Active Directory instance. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to an Active Directory instance - result = api_instance.graph_active_directory_traverse_user_group(activedirectory_id, content_type, accept, opts) + result = api_instance.graph_active_directory_traverse_user_group(activedirectory_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_active_directory_traverse_user_group: #{e}" @@ -337,12 +317,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **activedirectory_id** | **String**| ObjectID of the Active Directory instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -354,13 +332,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_application_associations_list** -> Array<GraphConnection> graph_application_associations_list(application_id, targets, content_type, accept, opts) +> Array<GraphConnection> graph_application_associations_list(application_id, targets, opts) List the associations of an Application @@ -379,24 +357,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -application_id = "application_id_example" # String | ObjectID of the Application. - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +application_id = 'application_id_example' # String | ObjectID of the Application. +targets = ['targets_example'] # Array | Targets which a \"application\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of an Application - result = api_instance.graph_application_associations_list(application_id, targets, content_type, accept, opts) + result = api_instance.graph_application_associations_list(application_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_application_associations_list: #{e}" @@ -408,12 +379,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **application_id** | **String**| ObjectID of the Application. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"application\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -425,17 +394,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_application_associations_post** -> graph_application_associations_post(application_id, content_type, accept, opts) +> graph_application_associations_post(application_id, opts) Manage the associations of an Application -This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` ### Example ```ruby @@ -450,21 +419,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -application_id = "application_id_example" # String | ObjectID of the Application. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +application_id = 'application_id_example' # String | ObjectID of the Application. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationApplication.new # GraphOperationApplication | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of an Application - api_instance.graph_application_associations_post(application_id, content_type, accept, opts) + api_instance.graph_application_associations_post(application_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_application_associations_post: #{e}" end @@ -475,10 +438,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **application_id** | **String**| ObjectID of the Application. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationApplication**](GraphOperationApplication.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -491,12 +452,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_application_traverse_user** -> Array<GraphObjectWithPaths> graph_application_traverse_user(application_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_application_traverse_user(application_id, opts) List the Users bound to an Application @@ -515,23 +476,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -application_id = "application_id_example" # String | ObjectID of the Application. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +application_id = 'application_id_example' # String | ObjectID of the Application. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to an Application - result = api_instance.graph_application_traverse_user(application_id, content_type, accept, opts) + result = api_instance.graph_application_traverse_user(application_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_application_traverse_user: #{e}" @@ -543,12 +498,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **application_id** | **String**| ObjectID of the Application. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -560,13 +513,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_application_traverse_user_group** -> Array<GraphObjectWithPaths> graph_application_traverse_user_group(application_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_application_traverse_user_group(application_id, opts) List the User Groups bound to an Application @@ -585,23 +538,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -application_id = "application_id_example" # String | ObjectID of the Application. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +application_id = 'application_id_example' # String | ObjectID of the Application. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to an Application - result = api_instance.graph_application_traverse_user_group(application_id, content_type, accept, opts) + result = api_instance.graph_application_traverse_user_group(application_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_application_traverse_user_group: #{e}" @@ -613,12 +560,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **application_id** | **String**| ObjectID of the Application. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -630,13 +575,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_command_associations_list** -> Array<GraphConnection> graph_command_associations_list(command_id, targets, content_type, accept, opts) +> Array<GraphConnection> graph_command_associations_list(command_id, targets, opts) List the associations of a Command @@ -655,24 +600,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -command_id = "command_id_example" # String | ObjectID of the Command. - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +command_id = 'command_id_example' # String | ObjectID of the Command. +targets = ['targets_example'] # Array | Targets which a \"command\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a Command - result = api_instance.graph_command_associations_list(command_id, targets, content_type, accept, opts) + result = api_instance.graph_command_associations_list(command_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_command_associations_list: #{e}" @@ -684,12 +622,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **command_id** | **String**| ObjectID of the Command. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"command\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -701,17 +637,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_command_associations_post** -> graph_command_associations_post(command_id, content_type, accept, opts) +> graph_command_associations_post(command_id, opts) Manage the associations of a Command -This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` +This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` ### Example ```ruby @@ -726,21 +662,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -command_id = "command_id_example" # String | ObjectID of the Command. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +command_id = 'command_id_example' # String | ObjectID of the Command. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationCommand.new # GraphOperationCommand | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a Command - api_instance.graph_command_associations_post(command_id, content_type, accept, opts) + api_instance.graph_command_associations_post(command_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_command_associations_post: #{e}" end @@ -751,10 +681,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **command_id** | **String**| ObjectID of the Command. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationCommand**](GraphOperationCommand.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -767,12 +695,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_command_traverse_system** -> Array<GraphObjectWithPaths> graph_command_traverse_system(command_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_command_traverse_system(command_id, opts) List the Systems bound to a Command @@ -791,23 +719,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -command_id = "command_id_example" # String | ObjectID of the Command. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +command_id = 'command_id_example' # String | ObjectID of the Command. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Systems bound to a Command - result = api_instance.graph_command_traverse_system(command_id, content_type, accept, opts) + result = api_instance.graph_command_traverse_system(command_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_command_traverse_system: #{e}" @@ -819,12 +741,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **command_id** | **String**| ObjectID of the Command. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -836,13 +756,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_command_traverse_system_group** -> Array<GraphObjectWithPaths> graph_command_traverse_system_group(command_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_command_traverse_system_group(command_id, opts) List the System Groups bound to a Command @@ -861,23 +781,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -command_id = "command_id_example" # String | ObjectID of the Command. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +command_id = 'command_id_example' # String | ObjectID of the Command. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the System Groups bound to a Command - result = api_instance.graph_command_traverse_system_group(command_id, content_type, accept, opts) + result = api_instance.graph_command_traverse_system_group(command_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_command_traverse_system_group: #{e}" @@ -889,12 +803,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **command_id** | **String**| ObjectID of the Command. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -906,13 +818,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_g_suite_associations_list** -> Array<GraphConnection> graph_g_suite_associations_list(gsuite_idtargets, content_type, accept, opts) +> Array<GraphConnection> graph_g_suite_associations_list(gsuite_id, targets, opts) List the associations of a G Suite instance @@ -931,24 +843,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -gsuite_id = "gsuite_id_example" # String | ObjectID of the G Suite instance. - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. +targets = ['targets_example'] # Array | Targets which a \"g_suite\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a G Suite instance - result = api_instance.graph_g_suite_associations_list(gsuite_idtargets, content_type, accept, opts) + result = api_instance.graph_g_suite_associations_list(gsuite_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_g_suite_associations_list: #{e}" @@ -960,12 +865,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| ObjectID of the G Suite instance. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"g_suite\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -977,7 +880,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json @@ -987,7 +890,7 @@ Name | Type | Description | Notes Manage the associations of a G Suite instance -This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` +This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` ### Example ```ruby @@ -1002,12 +905,10 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -gsuite_id = "gsuite_id_example" # String | ObjectID of the G Suite instance. - +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationGSuite.new # GraphOperationGSuite | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin @@ -1023,8 +924,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| ObjectID of the G Suite instance. | - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationGSuite**](GraphOperationGSuite.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1037,12 +938,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_g_suite_traverse_user** -> Array<GraphObjectWithPaths> graph_g_suite_traverse_user(gsuite_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_g_suite_traverse_user(gsuite_id, opts) List the Users bound to a G Suite instance @@ -1061,23 +962,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -gsuite_id = "gsuite_id_example" # String | ObjectID of the G Suite instance. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to a G Suite instance - result = api_instance.graph_g_suite_traverse_user(gsuite_id, content_type, accept, opts) + result = api_instance.graph_g_suite_traverse_user(gsuite_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_g_suite_traverse_user: #{e}" @@ -1089,12 +984,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| ObjectID of the G Suite instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -1106,13 +999,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_g_suite_traverse_user_group** -> Array<GraphObjectWithPaths> graph_g_suite_traverse_user_group(gsuite_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_g_suite_traverse_user_group(gsuite_id, opts) List the User Groups bound to a G Suite instance @@ -1131,23 +1024,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -gsuite_id = "gsuite_id_example" # String | ObjectID of the G Suite instance. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +gsuite_id = 'gsuite_id_example' # String | ObjectID of the G Suite instance. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to a G Suite instance - result = api_instance.graph_g_suite_traverse_user_group(gsuite_id, content_type, accept, opts) + result = api_instance.graph_g_suite_traverse_user_group(gsuite_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_g_suite_traverse_user_group: #{e}" @@ -1159,12 +1046,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **gsuite_id** | **String**| ObjectID of the G Suite instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -1176,13 +1061,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_ldap_server_associations_list** -> Array<GraphConnection> graph_ldap_server_associations_list(ldapserver_id, targets, content_type, accept, opts) +> Array<GraphConnection> graph_ldap_server_associations_list(ldapserver_id, targets, opts) List the associations of a LDAP Server @@ -1201,24 +1086,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -ldapserver_id = "ldapserver_id_example" # String | ObjectID of the LDAP Server. - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. +targets = ['targets_example'] # Array | Targets which a \"ldap_server\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a LDAP Server - result = api_instance.graph_ldap_server_associations_list(ldapserver_id, targets, content_type, accept, opts) + result = api_instance.graph_ldap_server_associations_list(ldapserver_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_ldap_server_associations_list: #{e}" @@ -1230,12 +1108,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| ObjectID of the LDAP Server. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"ldap_server\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1247,17 +1123,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_ldap_server_associations_post** -> graph_ldap_server_associations_post(ldapserver_id, content_type, accept, opts) +> graph_ldap_server_associations_post(ldapserver_id, opts) Manage the associations of a LDAP Server -This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` ### Example ```ruby @@ -1272,21 +1148,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -ldapserver_id = "ldapserver_id_example" # String | ObjectID of the LDAP Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationLdapServer.new # GraphOperationLdapServer | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a LDAP Server - api_instance.graph_ldap_server_associations_post(ldapserver_id, content_type, accept, opts) + api_instance.graph_ldap_server_associations_post(ldapserver_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_ldap_server_associations_post: #{e}" end @@ -1297,10 +1167,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| ObjectID of the LDAP Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationLdapServer**](GraphOperationLdapServer.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1313,12 +1181,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_ldap_server_traverse_user** -> Array<GraphObjectWithPaths> graph_ldap_server_traverse_user(ldapserver_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_ldap_server_traverse_user(ldapserver_id, opts) List the Users bound to a LDAP Server @@ -1337,23 +1205,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -ldapserver_id = "ldapserver_id_example" # String | ObjectID of the LDAP Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to a LDAP Server - result = api_instance.graph_ldap_server_traverse_user(ldapserver_id, content_type, accept, opts) + result = api_instance.graph_ldap_server_traverse_user(ldapserver_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_ldap_server_traverse_user: #{e}" @@ -1365,12 +1227,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| ObjectID of the LDAP Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -1382,13 +1242,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_ldap_server_traverse_user_group** -> Array<GraphObjectWithPaths> graph_ldap_server_traverse_user_group(ldapserver_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_ldap_server_traverse_user_group(ldapserver_id, opts) List the User Groups bound to a LDAP Server @@ -1407,23 +1267,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -ldapserver_id = "ldapserver_id_example" # String | ObjectID of the LDAP Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to a LDAP Server - result = api_instance.graph_ldap_server_traverse_user_group(ldapserver_id, content_type, accept, opts) + result = api_instance.graph_ldap_server_traverse_user_group(ldapserver_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_ldap_server_traverse_user_group: #{e}" @@ -1435,12 +1289,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| ObjectID of the LDAP Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -1452,17 +1304,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_office365_associations_list** -> Array<GraphConnection> graph_office365_associations_list(office365_id, targets, content_type, accept, opts) +> Array<GraphConnection> graph_office365_associations_list(office365_id, targets, opts) List the associations of an Office 365 instance -This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations?targets=user_group' \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -1477,24 +1329,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -office365_id = "office365_id_example" # String | ObjectID of the Office 365 instance. - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. +targets = ['targets_example'] # Array | Targets which a \"office_365\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of an Office 365 instance - result = api_instance.graph_office365_associations_list(office365_id, targets, content_type, accept, opts) + result = api_instance.graph_office365_associations_list(office365_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_office365_associations_list: #{e}" @@ -1506,12 +1351,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| ObjectID of the Office 365 instance. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"office_365\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1523,17 +1366,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_office365_associations_post** -> graph_office365_associations_post(office365_id, content_type, accept, opts) +> graph_office365_associations_post(office365_id, opts) Manage the associations of an Office 365 instance -This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` ### Example ```ruby @@ -1548,21 +1391,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -office365_id = "office365_id_example" # String | ObjectID of the Office 365 instance. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationOffice365.new # GraphOperationOffice365 | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of an Office 365 instance - api_instance.graph_office365_associations_post(office365_id, content_type, accept, opts) + api_instance.graph_office365_associations_post(office365_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_office365_associations_post: #{e}" end @@ -1573,10 +1410,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| ObjectID of the Office 365 instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationOffice365**](GraphOperationOffice365.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1589,16 +1424,16 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_office365_traverse_user** -> Array<GraphObjectWithPaths> graph_office365_traverse_user(office365_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_office365_traverse_user(office365_id, opts) List the Users bound to an Office 365 instance -This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -1613,23 +1448,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -office365_id = "office365_id_example" # String | ObjectID of the Office 365 suite. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 suite. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to an Office 365 instance - result = api_instance.graph_office365_traverse_user(office365_id, content_type, accept, opts) + result = api_instance.graph_office365_traverse_user(office365_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_office365_traverse_user: #{e}" @@ -1641,12 +1470,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| ObjectID of the Office 365 suite. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -1658,17 +1485,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_office365_traverse_user_group** -> Array<GraphObjectWithPaths> graph_office365_traverse_user_group(office365_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_office365_traverse_user_group(office365_id, opts) List the User Groups bound to an Office 365 instance -This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -1683,23 +1510,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -office365_id = "office365_id_example" # String | ObjectID of the Office 365 suite. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 suite. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to an Office 365 instance - result = api_instance.graph_office365_traverse_user_group(office365_id, content_type, accept, opts) + result = api_instance.graph_office365_traverse_user_group(office365_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_office365_traverse_user_group: #{e}" @@ -1711,12 +1532,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| ObjectID of the Office 365 suite. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -1728,13 +1547,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_policy_associations_list** -> Array<GraphConnection> graph_policy_associations_list(policy_id, targets, content_type, accept, opts) +> Array<GraphConnection> graph_policy_associations_list(policy_id, targets, opts) List the associations of a Policy @@ -1753,24 +1572,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -policy_id = "policy_id_example" # String | ObjectID of the Policy. - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +policy_id = 'policy_id_example' # String | ObjectID of the Policy. +targets = ['targets_example'] # Array | Targets which a \"policy\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a Policy - result = api_instance.graph_policy_associations_list(policy_id, targets, content_type, accept, opts) + result = api_instance.graph_policy_associations_list(policy_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_policy_associations_list: #{e}" @@ -1782,12 +1594,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **policy_id** | **String**| ObjectID of the Policy. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"policy\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1799,17 +1609,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_policy_associations_post** -> graph_policy_associations_post(policy_id, content_type, accept, opts) +> graph_policy_associations_post(policy_id, opts) Manage the associations of a Policy -This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` ### Example ```ruby @@ -1824,21 +1634,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -policy_id = "policy_id_example" # String | ObjectID of the Policy. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +policy_id = 'policy_id_example' # String | ObjectID of the Policy. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationPolicy.new # GraphOperationPolicy | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a Policy - api_instance.graph_policy_associations_post(policy_id, content_type, accept, opts) + api_instance.graph_policy_associations_post(policy_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_policy_associations_post: #{e}" end @@ -1849,10 +1653,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **policy_id** | **String**| ObjectID of the Policy. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationPolicy**](GraphOperationPolicy.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1865,16 +1667,16 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined -# **graph_policy_traverse_system** -> Array<GraphObjectWithPaths> graph_policy_traverse_system(policy_id, content_type, accept, opts) +# **graph_policy_group_associations_list** +> Array<GraphConnection> graph_policy_group_associations_list(group_id, targets, opts) -List the Systems bound to a Policy +List the associations of a Policy Group. -This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -1889,26 +1691,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -policy_id = "policy_id_example" # String | ObjectID of the Command. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +targets = ['targets_example'] # Array | Targets which a \"policy_group\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List the Systems bound to a Policy - result = api_instance.graph_policy_traverse_system(policy_id, content_type, accept, opts) + #List the associations of a Policy Group. + result = api_instance.graph_policy_group_associations_list(group_id, targets, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_policy_traverse_system: #{e}" + puts "Exception when calling GraphApi->graph_policy_group_associations_list: #{e}" end ``` @@ -1916,17 +1712,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **policy_id** | **String**| ObjectID of the Command. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **group_id** | **String**| ObjectID of the Policy Group. | + **targets** | [**Array<String>**](String.md)| Targets which a \"policy_group\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) +[**Array<GraphConnection>**](GraphConnection.md) ### Authorization @@ -1934,17 +1728,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_policy_traverse_system_group** -> Array<GraphObjectWithPaths> graph_policy_traverse_system_group(policy_id, content_type, accept, opts) +# **graph_policy_group_associations_post** +> graph_policy_group_associations_post(group_id, opts) -List the System Groups bound to a Policy +Manage the associations of a Policy Group -This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` ### Example ```ruby @@ -1959,26 +1753,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -policy_id = "policy_id_example" # String | ObjectID of the Command. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the Policy Group. opts = { - limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | - skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + body: JCAPIv2::GraphOperationPolicyGroup.new # GraphOperationPolicyGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List the System Groups bound to a Policy - result = api_instance.graph_policy_traverse_system_group(policy_id, content_type, accept, opts) - p result + #Manage the associations of a Policy Group + api_instance.graph_policy_group_associations_post(group_id, opts) rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_policy_traverse_system_group: #{e}" + puts "Exception when calling GraphApi->graph_policy_group_associations_post: #{e}" end ``` @@ -1986,17 +1771,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **policy_id** | **String**| ObjectID of the Command. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **group_id** | **String**| ObjectID of the Policy Group. | + **body** | [**GraphOperationPolicyGroup**](GraphOperationPolicyGroup.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) +nil (empty response body) ### Authorization @@ -2005,16 +1786,16 @@ Name | Type | Description | Notes ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined -# **graph_radius_server_associations_list** -> Array<GraphConnection> graph_radius_server_associations_list(radiusserver_id, targets, content_type, accept, opts) +# **graph_policy_group_members_list** +> Array<GraphConnection> graph_policy_group_members_list(group_id, opts) -List the associations of a RADIUS Server +List the members of a Policy Group -This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -2029,27 +1810,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -radiusserver_id = "radiusserver_id_example" # String | ObjectID of the Radius Server. - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the Policy Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List the associations of a RADIUS Server - result = api_instance.graph_radius_server_associations_list(radiusserver_id, targets, content_type, accept, opts) + #List the members of a Policy Group + result = api_instance.graph_policy_group_members_list(group_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_radius_server_associations_list: #{e}" + puts "Exception when calling GraphApi->graph_policy_group_members_list: #{e}" end ``` @@ -2057,13 +1830,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **radiusserver_id** | **String**| ObjectID of the Radius Server. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **group_id** | **String**| ObjectID of the Policy Group. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -2075,17 +1845,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_radius_server_associations_post** -> graph_radius_server_associations_post(radiusserver_id, content_type, accept, opts) +# **graph_policy_group_members_post** +> graph_policy_group_members_post(group_id, opts) -Manage the associations of a RADIUS Server +Manage the members of a Policy Group -This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` +This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` ### Example ```ruby @@ -2100,23 +1870,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -radiusserver_id = "radiusserver_id_example" # String | ObjectID of the Radius Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the Policy Group. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationPolicyGroupMember.new # GraphOperationPolicyGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Manage the associations of a RADIUS Server - api_instance.graph_radius_server_associations_post(radiusserver_id, content_type, accept, opts) + #Manage the members of a Policy Group + api_instance.graph_policy_group_members_post(group_id, opts) rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_radius_server_associations_post: #{e}" + puts "Exception when calling GraphApi->graph_policy_group_members_post: #{e}" end ``` @@ -2124,11 +1888,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **radiusserver_id** | **String**| ObjectID of the Radius Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **group_id** | **String**| ObjectID of the Policy Group. | + **body** | [**GraphOperationPolicyGroupMember**](GraphOperationPolicyGroupMember.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -2141,16 +1903,16 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined -# **graph_radius_server_traverse_user** -> Array<GraphObjectWithPaths> graph_radius_server_traverse_user(radiusserver_id, content_type, accept, opts) +# **graph_policy_group_membership** +> Array<GraphObjectWithPaths> graph_policy_group_membership(group_id, opts) -List the Users bound to a RADIUS Server +List the Policy Group's membership -This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -2165,26 +1927,21 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -radiusserver_id = "radiusserver_id_example" # String | ObjectID of the Radius Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the Policy Group. opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List the Users bound to a RADIUS Server - result = api_instance.graph_radius_server_traverse_user(radiusserver_id, content_type, accept, opts) + #List the Policy Group's membership + result = api_instance.graph_policy_group_membership(group_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_radius_server_traverse_user: #{e}" + puts "Exception when calling GraphApi->graph_policy_group_membership: #{e}" end ``` @@ -2192,13 +1949,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **radiusserver_id** | **String**| ObjectID of the Radius Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **group_id** | **String**| ObjectID of the Policy Group. | + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -2210,17 +1966,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_radius_server_traverse_user_group** -> Array<GraphObjectWithPaths> graph_radius_server_traverse_user_group(radiusserver_id, content_type, accept, opts) +# **graph_policy_group_traverse_system** +> Array<GraphObjectWithPaths> graph_policy_group_traverse_system(group_id, opts) -List the User Groups bound to a RADIUS Server +List the Systems bound to a Policy Group -This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -2235,26 +1991,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -radiusserver_id = "radiusserver_id_example" # String | ObjectID of the Radius Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the Policy Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin - #List the User Groups bound to a RADIUS Server - result = api_instance.graph_radius_server_traverse_user_group(radiusserver_id, content_type, accept, opts) + #List the Systems bound to a Policy Group + result = api_instance.graph_policy_group_traverse_system(group_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_radius_server_traverse_user_group: #{e}" + puts "Exception when calling GraphApi->graph_policy_group_traverse_system: #{e}" end ``` @@ -2262,13 +2012,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **radiusserver_id** | **String**| ObjectID of the Radius Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **group_id** | **String**| ObjectID of the Policy Group. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -2280,17 +2028,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_associations_list** -> Array<GraphConnection> graph_system_associations_list(system_id, content_type, accepttargets, opts) +# **graph_policy_group_traverse_system_group** +> Array<GraphObjectWithPaths> graph_policy_group_traverse_system_group(group_id, opts) -List the associations of a System +List the System Groups bound to Policy Groups -This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -2305,29 +2053,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -targets = ["targets_example"] # Array | - +group_id = 'group_id_example' # String | ObjectID of the Policy Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - x_org_id: "" # String | + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin - #List the associations of a System - result = api_instance.graph_system_associations_list(system_id, content_type, accepttargets, opts) + #List the System Groups bound to Policy Groups + result = api_instance.graph_policy_group_traverse_system_group(group_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_system_associations_list: #{e}" + puts "Exception when calling GraphApi->graph_policy_group_traverse_system_group: #{e}" end ``` @@ -2335,19 +2074,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **targets** | [**Array<String>**](String.md)| | + **group_id** | **String**| ObjectID of the Policy Group. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **date** | **String**| Current date header for the System Context API | [optional] - **authorization** | **String**| Authorization header for the System Context API | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type -[**Array<GraphConnection>**](GraphConnection.md) +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) ### Authorization @@ -2355,17 +2090,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_associations_post** -> graph_system_associations_post(system_id, content_type, accept, opts) +# **graph_policy_member_of** +> Array<GraphObjectWithPaths> graph_policy_member_of(policy_id, opts) -Manage associations of a System +List the parent Groups of a Policy -This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` +This endpoint returns all the Policy Groups a Policy is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -2380,25 +2115,23 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +policy_id = 'policy_id_example' # String | ObjectID of the Policy. opts = { - body: JCAPIv2::SystemGraphManagementReq.new, # SystemGraphManagementReq | - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - x_org_id: "" # String | + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Manage associations of a System - api_instance.graph_system_associations_post(system_id, content_type, accept, opts) + #List the parent Groups of a Policy + result = api_instance.graph_policy_member_of(policy_id, opts) + p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_system_associations_post: #{e}" + puts "Exception when calling GraphApi->graph_policy_member_of: #{e}" end ``` @@ -2406,17 +2139,18 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGraphManagementReq**](SystemGraphManagementReq.md)| | [optional] + **policy_id** | **String**| ObjectID of the Policy. | + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -nil (empty response body) +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) ### Authorization @@ -2424,17 +2158,17 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_group_associations_list** -> Array<GraphConnection> graph_system_group_associations_list(group_id, content_type, accepttargets, opts) +# **graph_policy_traverse_system** +> Array<GraphObjectWithPaths> graph_policy_traverse_system(policy_id, opts) -List the associations of a System Group +List the Systems bound to a Policy -This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -2449,27 +2183,632 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Command. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Policy + result = api_instance.graph_policy_traverse_system(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_traverse_system: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **policy_id** | **String**| ObjectID of the Command. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_policy_traverse_system_group** +> Array<GraphObjectWithPaths> graph_policy_traverse_system_group(policy_id, opts) + +List the System Groups bound to a Policy + +This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Command. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a Policy + result = api_instance.graph_policy_traverse_system_group(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_policy_traverse_system_group: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **policy_id** | **String**| ObjectID of the Command. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_radius_server_associations_list** +> Array<GraphConnection> graph_radius_server_associations_list(radiusserver_id, targets, opts) + +List the associations of a RADIUS Server + +This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +targets = ['targets_example'] # Array | Targets which a \"radius_server\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a RADIUS Server + result = api_instance.graph_radius_server_associations_list(radiusserver_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_radius_server_associations_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **radiusserver_id** | **String**| ObjectID of the Radius Server. | + **targets** | [**Array<String>**](String.md)| Targets which a \"radius_server\" can be associated to. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<GraphConnection>**](GraphConnection.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_radius_server_associations_post** +> graph_radius_server_associations_post(radiusserver_id, opts) + +Manage the associations of a RADIUS Server + +This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +opts = { + body: JCAPIv2::GraphOperationRadiusServer.new # GraphOperationRadiusServer | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a RADIUS Server + api_instance.graph_radius_server_associations_post(radiusserver_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_radius_server_associations_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **radiusserver_id** | **String**| ObjectID of the Radius Server. | + **body** | [**GraphOperationRadiusServer**](GraphOperationRadiusServer.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: Not defined + + + +# **graph_radius_server_traverse_user** +> Array<GraphObjectWithPaths> graph_radius_server_traverse_user(radiusserver_id, opts) + +List the Users bound to a RADIUS Server + +This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Users bound to a RADIUS Server + result = api_instance.graph_radius_server_traverse_user(radiusserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_radius_server_traverse_user: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **radiusserver_id** | **String**| ObjectID of the Radius Server. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_radius_server_traverse_user_group** +> Array<GraphObjectWithPaths> graph_radius_server_traverse_user_group(radiusserver_id, opts) + +List the User Groups bound to a RADIUS Server + +This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a RADIUS Server + result = api_instance.graph_radius_server_traverse_user_group(radiusserver_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_radius_server_traverse_user_group: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **radiusserver_id** | **String**| ObjectID of the Radius Server. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_softwareapps_associations_list** +> Array<GraphConnection> graph_softwareapps_associations_list(software_app_id, targets, opts) + +List the associations of a Software Application + +This endpoint will return the _direct_ associations of a Software Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Software Application and System Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +targets = ['targets_example'] # Array | Targets which a \"software_app\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Software Application + result = api_instance.graph_softwareapps_associations_list(software_app_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_softwareapps_associations_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **software_app_id** | **String**| ObjectID of the Software App. | + **targets** | [**Array<String>**](String.md)| Targets which a \"software_app\" can be associated to. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<GraphConnection>**](GraphConnection.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_softwareapps_associations_post** +> graph_softwareapps_associations_post(software_app_id, opts) + +Manage the associations of a software application. + +This endpoint allows you to associate or disassociate a software application to a system or system group. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"id\": \"\", \"op\": \"add\", \"type\": \"system\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + body: JCAPIv2::GraphOperationSoftwareApp.new # GraphOperationSoftwareApp | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a software application. + api_instance.graph_softwareapps_associations_post(software_app_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_softwareapps_associations_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **software_app_id** | **String**| ObjectID of the Software App. | + **body** | [**GraphOperationSoftwareApp**](GraphOperationSoftwareApp.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: Not defined + + + +# **graph_softwareapps_traverse_system** +> Array<GraphObjectWithPaths> graph_softwareapps_traverse_system(software_app_id, opts) + +List the Systems bound to a Software App. + +This endpoint will return all Systems bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Software App. + result = api_instance.graph_softwareapps_traverse_system(software_app_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_softwareapps_traverse_system: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **software_app_id** | **String**| ObjectID of the Software App. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_softwareapps_traverse_system_group** +> Array<GraphObjectWithPaths> graph_softwareapps_traverse_system_group(software_app_id, opts) + +List the System Groups bound to a Software App. + +This endpoint will return all Systems Groups bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::GraphApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a Software App. + result = api_instance.graph_softwareapps_traverse_system_group(software_app_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_softwareapps_traverse_system_group: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **software_app_id** | **String**| ObjectID of the Software App. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | -accept = "application/json" # String | -targets = ["targets_example"] # Array | +# **graph_system_associations_list** +> Array<GraphConnection> graph_system_associations_list(system_id, targets, opts) + +List the associations of a System + +This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +targets = ['targets_example'] # Array | Targets which a \"system\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List the associations of a System Group - result = api_instance.graph_system_group_associations_list(group_id, content_type, accepttargets, opts) + #List the associations of a System + result = api_instance.graph_system_associations_list(system_id, targets, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_system_group_associations_list: #{e}" + puts "Exception when calling GraphApi->graph_system_associations_list: #{e}" end ``` @@ -2477,13 +2816,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **targets** | [**Array<String>**](String.md)| | + **system_id** | **String**| ObjectID of the System. | + **targets** | [**Array<String>**](String.md)| Targets which a \"system\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **date** | **String**| Current date header for the System Context API | [optional] + **authorization** | **String**| Authorization header for the System Context API | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -2495,17 +2834,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_group_associations_post** -> graph_system_group_associations_post(group_id, content_type, accept, opts) +# **graph_system_associations_post** +> graph_system_associations_post(system_id, opts) -Manage the associations of a System Group +Manage associations of a System -This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` ### Example ```ruby @@ -2520,23 +2859,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { - body: JCAPIv2::SystemGroupGraphManagementReq.new, # SystemGroupGraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationSystem.new # GraphOperationSystem | + date: 'date_example' # String | Current date header for the System Context API + authorization: 'authorization_example' # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Manage the associations of a System Group - api_instance.graph_system_group_associations_post(group_id, content_type, accept, opts) + #Manage associations of a System + api_instance.graph_system_associations_post(system_id, opts) rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_system_group_associations_post: #{e}" + puts "Exception when calling GraphApi->graph_system_associations_post: #{e}" end ``` @@ -2544,11 +2879,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGroupGraphManagementReq**](SystemGroupGraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **system_id** | **String**| ObjectID of the System. | + **body** | [**GraphOperationSystem**](GraphOperationSystem.md)| | [optional] + **date** | **String**| Current date header for the System Context API | [optional] + **authorization** | **String**| Authorization header for the System Context API | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -2561,16 +2896,16 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined -# **graph_system_group_member_of** -> Array<GraphObjectWithPaths> graph_system_group_member_of(group_id, content_type, accept, opts) +# **graph_system_group_associations_list** +> Array<GraphConnection> graph_system_group_associations_list(group_id, targets, opts) -List the System Group's parents +List the associations of a System Group -This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. +This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -2585,27 +2920,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. +targets = ['targets_example'] # Array | Targets which a \"system_group\" can be associated to. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List the System Group's parents - result = api_instance.graph_system_group_member_of(group_id, content_type, accept, opts) + #List the associations of a System Group + result = api_instance.graph_system_group_associations_list(group_id, targets, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_system_group_member_of: #{e}" + puts "Exception when calling GraphApi->graph_system_group_associations_list: #{e}" end ``` @@ -2614,17 +2942,14 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **targets** | [**Array<String>**](String.md)| Targets which a \"system_group\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) +[**Array<GraphConnection>**](GraphConnection.md) ### Authorization @@ -2632,17 +2957,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_group_members_list** -> Array<GraphConnection> graph_system_group_members_list(group_id, content_type, accept, opts) +# **graph_system_group_associations_post** +> graph_system_group_associations_post(group_id, opts) -List the members of a System Group +Manage the associations of a System Group -This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` ### Example ```ruby @@ -2657,22 +2982,73 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + body: JCAPIv2::GraphOperationSystemGroup.new # GraphOperationSystemGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a System Group + api_instance.graph_system_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_associations_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the System Group. | + **body** | [**GraphOperationSystemGroup**](GraphOperationSystemGroup.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: Not defined + + + +# **graph_system_group_members_list** +> Array<GraphConnection> graph_system_group_members_list(group_id, opts) -group_id = "group_id_example" # String | ObjectID of the System Group. +List the members of a System Group -content_type = "application/json" # String | +This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` -accept = "application/json" # String | +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the members of a System Group - result = api_instance.graph_system_group_members_list(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_members_list(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_system_group_members_list: #{e}" @@ -2684,11 +3060,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -2700,17 +3074,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_members_post** -> graph_system_group_members_post(group_id, content_type, accept, opts) +> graph_system_group_members_post(group_id, opts) Manage the members of a System Group -This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` +This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` ### Example ```ruby @@ -2725,23 +3099,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { - body: JCAPIv2::SystemGroupMembersReq.new, # SystemGroupMembersReq | - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - x_org_id: "" # String | + body: JCAPIv2::GraphOperationSystemGroupMember.new # GraphOperationSystemGroupMember | + date: 'date_example' # String | Current date header for the System Context API + authorization: 'authorization_example' # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the members of a System Group - api_instance.graph_system_group_members_post(group_id, content_type, accept, opts) + api_instance.graph_system_group_members_post(group_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_system_group_members_post: #{e}" end @@ -2752,12 +3120,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGroupMembersReq**](SystemGroupMembersReq.md)| | [optional] + **body** | [**GraphOperationSystemGroupMember**](GraphOperationSystemGroupMember.md)| | [optional] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -2770,12 +3136,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_system_group_membership** -> Array<GraphObjectWithPaths> graph_system_group_membership(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_group_membership(group_id, opts) List the System Group's membership @@ -2794,24 +3160,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the System Group's membership - result = api_instance.graph_system_group_membership(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_membership(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_system_group_membership: #{e}" @@ -2823,13 +3183,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -2841,13 +3199,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_traverse_command** -> Array<GraphObjectWithPaths> graph_system_group_traverse_command(group_id, content_type, accept, opts) +> Array<CommandsGraphObjectWithPaths> graph_system_group_traverse_command(group_id, opts) List the Commands bound to a System Group @@ -2866,23 +3224,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + details: 'details_example' # String | This will provide detail descriptive response for the request. } begin #List the Commands bound to a System Group - result = api_instance.graph_system_group_traverse_command(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_traverse_command(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_system_group_traverse_command: #{e}" @@ -2894,16 +3247,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **details** | **String**| This will provide detail descriptive response for the request. | [optional] ### Return type -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) +[**Array<CommandsGraphObjectWithPaths>**](CommandsGraphObjectWithPaths.md) ### Authorization @@ -2911,13 +3263,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_traverse_policy** -> Array<GraphObjectWithPaths> graph_system_group_traverse_policy(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_group_traverse_policy(group_id, opts) List the Policies bound to a System Group @@ -2936,26 +3288,82 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policies bound to a System Group + result = api_instance.graph_system_group_traverse_policy(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_traverse_policy: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the System Group. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json -group_id = "group_id_example" # String | ObjectID of the System Group. -content_type = "application/json" # String | -accept = "application/json" # String | +# **graph_system_group_traverse_policy_group** +> Array<GraphObjectWithPaths> graph_system_group_traverse_policy_group(group_id, opts) + +List the Policy Groups bound to a System Group + +This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin - #List the Policies bound to a System Group - result = api_instance.graph_system_group_traverse_policy(group_id, content_type, accept, opts) + #List the Policy Groups bound to a System Group + result = api_instance.graph_system_group_traverse_policy_group(group_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_system_group_traverse_policy: #{e}" + puts "Exception when calling GraphApi->graph_system_group_traverse_policy_group: #{e}" end ``` @@ -2964,12 +3372,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -2981,13 +3387,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_traverse_user** -> Array<GraphObjectWithPaths> graph_system_group_traverse_user(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_group_traverse_user(group_id, opts) List the Users bound to a System Group @@ -3006,23 +3412,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to a System Group - result = api_instance.graph_system_group_traverse_user(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_traverse_user(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_system_group_traverse_user: #{e}" @@ -3034,12 +3434,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -3051,13 +3449,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_traverse_user_group** -> Array<GraphObjectWithPaths> graph_system_group_traverse_user_group(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_group_traverse_user_group(group_id, opts) List the User Groups bound to a System Group @@ -3076,26 +3474,85 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the User Groups bound to a System Group + result = api_instance.graph_system_group_traverse_user_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling GraphApi->graph_system_group_traverse_user_group: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the System Group. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + -group_id = "group_id_example" # String | ObjectID of the System Group. -content_type = "application/json" # String | +# **graph_system_member_of** +> Array<GraphObjectWithPaths> graph_system_member_of(system_id, opts) + +List the parent Groups of a System + +This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` -accept = "application/json" # String | +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::GraphApi.new +system_id = 'system_id_example' # String | ObjectID of the System. opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List the User Groups bound to a System Group - result = api_instance.graph_system_group_traverse_user_group(group_id, content_type, accept, opts) + #List the parent Groups of a System + result = api_instance.graph_system_member_of(system_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_system_group_traverse_user_group: #{e}" + puts "Exception when calling GraphApi->graph_system_member_of: #{e}" end ``` @@ -3103,13 +3560,14 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **system_id** | **String**| ObjectID of the System. | + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **date** | **String**| Current date header for the System Context API | [optional] + **authorization** | **String**| Authorization header for the System Context API | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -3121,17 +3579,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_member_of** -> Array<GraphObjectWithPaths> graph_system_member_of(system_id, content_type, accept, opts) +# **graph_system_traverse_command** +> Array<CommandsGraphObjectWithPaths> graph_system_traverse_command(system_id, opts) -List the parent Groups of a System +List the Commands bound to a System -This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -3146,29 +3604,21 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + details: 'details_example' # String | This will provide detail descriptive response for the request. } begin - #List the parent Groups of a System - result = api_instance.graph_system_member_of(system_id, content_type, accept, opts) + #List the Commands bound to a System + result = api_instance.graph_system_traverse_command(system_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_system_member_of: #{e}" + puts "Exception when calling GraphApi->graph_system_traverse_command: #{e}" end ``` @@ -3177,19 +3627,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **date** | **String**| Current date header for the System Context API | [optional] - **authorization** | **String**| Authorization header for the System Context API | [optional] - **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **details** | **String**| This will provide detail descriptive response for the request. | [optional] ### Return type -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) +[**Array<CommandsGraphObjectWithPaths>**](CommandsGraphObjectWithPaths.md) ### Authorization @@ -3197,17 +3643,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_traverse_command** -> Array<GraphObjectWithPaths> graph_system_traverse_command(system_id, content_type, accept, opts) +# **graph_system_traverse_policy** +> Array<GraphObjectWithPaths> graph_system_traverse_policy(system_id, opts) -List the Commands bound to a System +List the Policies bound to a System -This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -3222,26 +3668,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin - #List the Commands bound to a System - result = api_instance.graph_system_traverse_command(system_id, content_type, accept, opts) + #List the Policies bound to a System + result = api_instance.graph_system_traverse_policy(system_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_system_traverse_command: #{e}" + puts "Exception when calling GraphApi->graph_system_traverse_policy: #{e}" end ``` @@ -3250,12 +3690,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -3267,17 +3705,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_traverse_policy** -> Array<GraphObjectWithPaths> graph_system_traverse_policy(system_id, content_type, accept, opts) +# **graph_system_traverse_policy_group** +> Array<GraphObjectWithPaths> graph_system_traverse_policy_group(system_id, opts) -List the Policies bound to a System +List the Policy Groups bound to a System -This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Policy Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -3292,26 +3730,22 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin - #List the Policies bound to a System - result = api_instance.graph_system_traverse_policy(system_id, content_type, accept, opts) + #List the Policy Groups bound to a System + result = api_instance.graph_system_traverse_policy_group(system_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_system_traverse_policy: #{e}" + puts "Exception when calling GraphApi->graph_system_traverse_policy_group: #{e}" end ``` @@ -3320,12 +3754,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **date** | **String**| Current date header for the System Context API | [optional] + **authorization** | **String**| Authorization header for the System Context API | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -3337,13 +3771,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_traverse_user** -> Array<GraphObjectWithPaths> graph_system_traverse_user(system_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_traverse_user(system_id, opts) List the Users bound to a System @@ -3362,25 +3796,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to a System - result = api_instance.graph_system_traverse_user(system_id, content_type, accept, opts) + result = api_instance.graph_system_traverse_user(system_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_system_traverse_user: #{e}" @@ -3392,14 +3820,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -3411,13 +3837,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_traverse_user_group** -> Array<GraphObjectWithPaths> graph_system_traverse_user_group(system_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_traverse_user_group(system_id, opts) List the User Groups bound to a System @@ -3436,25 +3862,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to a System - result = api_instance.graph_system_traverse_user_group(system_id, content_type, accept, opts) + result = api_instance.graph_system_traverse_user_group(system_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_system_traverse_user_group: #{e}" @@ -3466,14 +3886,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -3485,13 +3903,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_associations_list** -> Array<GraphConnection> graph_user_associations_list(user_id, content_type, accepttargets, opts) +> Array<GraphConnection> graph_user_associations_list(user_id, targets, opts) List the associations of a User @@ -3510,24 +3928,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -targets = ["targets_example"] # Array | - +user_id = 'user_id_example' # String | ObjectID of the User. +targets = ['targets_example'] # Array | Targets which a \"user\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a User - result = api_instance.graph_user_associations_list(user_id, content_type, accepttargets, opts) + result = api_instance.graph_user_associations_list(user_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_associations_list: #{e}" @@ -3539,12 +3950,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **targets** | [**Array<String>**](String.md)| | + **targets** | [**Array<String>**](String.md)| Targets which a \"user\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -3556,17 +3965,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_associations_post** -> graph_user_associations_post(user_id, content_type, accept, opts) +> graph_user_associations_post(user_id, opts) Manage the associations of a User -This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' +This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' ``` ### Example ```ruby @@ -3581,21 +3990,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { - body: JCAPIv2::UserGraphManagementReq.new, # UserGraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationUser.new # GraphOperationUser | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a User - api_instance.graph_user_associations_post(user_id, content_type, accept, opts) + api_instance.graph_user_associations_post(user_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_associations_post: #{e}" end @@ -3606,10 +4009,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**UserGraphManagementReq**](UserGraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationUser**](GraphOperationUser.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -3622,12 +4023,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_user_group_associations_list** -> Array<GraphConnection> graph_user_group_associations_list(group_id, content_type, accepttargets, opts) +> Array<GraphConnection> graph_user_group_associations_list(group_id, targets, opts) List the associations of a User Group. @@ -3646,24 +4047,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -targets = ["targets_example"] # Array | - +group_id = 'group_id_example' # String | ObjectID of the User Group. +targets = ['targets_example'] # Array | Targets which a \"user_group\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a User Group. - result = api_instance.graph_user_group_associations_list(group_id, content_type, accepttargets, opts) + result = api_instance.graph_user_group_associations_list(group_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_associations_list: #{e}" @@ -3675,12 +4069,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **targets** | [**Array<String>**](String.md)| | + **targets** | [**Array<String>**](String.md)| Targets which a \"user_group\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -3692,17 +4084,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_associations_post** -> graph_user_group_associations_post(group_id, content_type, accept, opts) +> graph_user_group_associations_post(group_id, opts) Manage the associations of a User Group -This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` +This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` ### Example ```ruby @@ -3717,21 +4109,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { - body: JCAPIv2::UserGroupGraphManagementReq.new, # UserGroupGraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationUserGroup.new # GraphOperationUserGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a User Group - api_instance.graph_user_group_associations_post(group_id, content_type, accept, opts) + api_instance.graph_user_group_associations_post(group_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_associations_post: #{e}" end @@ -3742,10 +4128,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**UserGroupGraphManagementReq**](UserGroupGraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationUserGroup**](GraphOperationUserGroup.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -3758,84 +4142,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json - - - -# **graph_user_group_member_of** -> Array<GraphObjectWithPaths> graph_user_group_member_of(group_id, content_type, accept, opts) - -List the User Group's parents - -This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | -} - -begin - #List the User Group's parents - result = api_instance.graph_user_group_member_of(group_id, content_type, accept, opts) - p result -rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->graph_user_group_member_of: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] - -### Return type - -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_user_group_members_list** -> Array<GraphConnection> graph_user_group_members_list(group_id, content_type, accept, opts) +> Array<GraphConnection> graph_user_group_members_list(group_id, opts) List the members of a User Group @@ -3854,22 +4166,16 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the members of a User Group - result = api_instance.graph_user_group_members_list(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_members_list(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_members_list: #{e}" @@ -3881,11 +4187,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -3897,17 +4201,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_members_post** -> graph_user_group_members_post(group_id, content_type, accept, opts) +> graph_user_group_members_post(group_id, opts) Manage the members of a User Group -This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` +This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` ### Example ```ruby @@ -3922,21 +4226,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { - body: JCAPIv2::UserGroupMembersReq.new, # UserGroupMembersReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationUserGroupMember.new # GraphOperationUserGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the members of a User Group - api_instance.graph_user_group_members_post(group_id, content_type, accept, opts) + api_instance.graph_user_group_members_post(group_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_members_post: #{e}" end @@ -3947,10 +4245,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**UserGroupMembersReq**](UserGroupMembersReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationUserGroupMember**](GraphOperationUserGroupMember.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -3963,12 +4259,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_user_group_membership** -> Array<GraphObjectWithPaths> graph_user_group_membership(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_membership(group_id, opts) List the User Group's membership @@ -3987,24 +4283,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the User Group's membership - result = api_instance.graph_user_group_membership(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_membership(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_membership: #{e}" @@ -4016,13 +4306,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -4034,13 +4322,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_active_directory** -> Array<GraphObjectWithPaths> graph_user_group_traverse_active_directory(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_active_directory(group_id, opts) List the Active Directories bound to a User Group @@ -4059,23 +4347,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Active Directories bound to a User Group - result = api_instance.graph_user_group_traverse_active_directory(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_active_directory(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_traverse_active_directory: #{e}" @@ -4087,12 +4369,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4104,13 +4384,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_application** -> Array<GraphObjectWithPaths> graph_user_group_traverse_application(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_application(group_id, opts) List the Applications bound to a User Group @@ -4129,23 +4409,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Applications bound to a User Group - result = api_instance.graph_user_group_traverse_application(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_application(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_traverse_application: #{e}" @@ -4157,12 +4431,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4174,13 +4446,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_directory** -> Array<GraphObjectWithPaths> graph_user_group_traverse_directory(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_directory(group_id, opts) List the Directories bound to a User Group @@ -4199,23 +4471,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Directories bound to a User Group - result = api_instance.graph_user_group_traverse_directory(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_directory(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_traverse_directory: #{e}" @@ -4227,12 +4493,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4244,13 +4508,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_g_suite** -> Array<GraphObjectWithPaths> graph_user_group_traverse_g_suite(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_g_suite(group_id, opts) List the G Suite instances bound to a User Group @@ -4269,23 +4533,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the G Suite instances bound to a User Group - result = api_instance.graph_user_group_traverse_g_suite(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_g_suite(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_traverse_g_suite: #{e}" @@ -4297,12 +4555,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4314,13 +4570,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_ldap_server** -> Array<GraphObjectWithPaths> graph_user_group_traverse_ldap_server(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_ldap_server(group_id, opts) List the LDAP Servers bound to a User Group @@ -4339,23 +4595,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the LDAP Servers bound to a User Group - result = api_instance.graph_user_group_traverse_ldap_server(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_ldap_server(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_traverse_ldap_server: #{e}" @@ -4367,12 +4617,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4384,13 +4632,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_office365** -> Array<GraphObjectWithPaths> graph_user_group_traverse_office365(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_office365(group_id, opts) List the Office 365 instances bound to a User Group @@ -4409,23 +4657,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Office 365 instances bound to a User Group - result = api_instance.graph_user_group_traverse_office365(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_office365(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_traverse_office365: #{e}" @@ -4437,12 +4679,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4454,13 +4694,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_radius_server** -> Array<GraphObjectWithPaths> graph_user_group_traverse_radius_server(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_radius_server(group_id, opts) List the RADIUS Servers bound to a User Group @@ -4479,23 +4719,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the RADIUS Servers bound to a User Group - result = api_instance.graph_user_group_traverse_radius_server(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_radius_server(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_traverse_radius_server: #{e}" @@ -4507,12 +4741,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4524,13 +4756,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_system** -> Array<GraphObjectWithPaths> graph_user_group_traverse_system(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_system(group_id, opts) List the Systems bound to a User Group @@ -4549,23 +4781,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Systems bound to a User Group - result = api_instance.graph_user_group_traverse_system(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_system(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_traverse_system: #{e}" @@ -4577,12 +4803,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4594,13 +4818,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_system_group** -> Array<GraphObjectWithPaths> graph_user_group_traverse_system_group(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_system_group(group_id, opts) List the System Groups bound to User Groups @@ -4619,23 +4843,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the System Groups bound to User Groups - result = api_instance.graph_user_group_traverse_system_group(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_system_group(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_group_traverse_system_group: #{e}" @@ -4647,12 +4865,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4664,13 +4880,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_member_of** -> Array<GraphObjectWithPaths> graph_user_member_of(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_member_of(user_id, opts) List the parent Groups of a User @@ -4689,24 +4905,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the parent Groups of a User - result = api_instance.graph_user_member_of(user_id, content_type, accept, opts) + result = api_instance.graph_user_member_of(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_member_of: #{e}" @@ -4718,13 +4928,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -4736,13 +4944,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_active_directory** -> Array<GraphObjectWithPaths> graph_user_traverse_active_directory(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_active_directory(user_id, opts) List the Active Directory instances bound to a User @@ -4761,23 +4969,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | - skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0 # Integer | The offset into the records to return. } begin #List the Active Directory instances bound to a User - result = api_instance.graph_user_traverse_active_directory(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_active_directory(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_traverse_active_directory: #{e}" @@ -4789,11 +4991,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] ### Return type @@ -4806,13 +5006,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_application** -> Array<GraphObjectWithPaths> graph_user_traverse_application(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_application(user_id, opts) List the Applications bound to a User @@ -4831,23 +5031,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Applications bound to a User - result = api_instance.graph_user_traverse_application(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_application(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_traverse_application: #{e}" @@ -4859,12 +5053,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4876,13 +5068,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_directory** -> Array<GraphObjectWithPaths> graph_user_traverse_directory(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_directory(user_id, opts) List the Directories bound to a User @@ -4901,23 +5093,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Directories bound to a User - result = api_instance.graph_user_traverse_directory(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_directory(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_traverse_directory: #{e}" @@ -4929,12 +5115,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -4946,13 +5130,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_g_suite** -> Array<GraphObjectWithPaths> graph_user_traverse_g_suite(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_g_suite(user_id, opts) List the G Suite instances bound to a User @@ -4971,23 +5155,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the G Suite instances bound to a User - result = api_instance.graph_user_traverse_g_suite(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_g_suite(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_traverse_g_suite: #{e}" @@ -4999,12 +5177,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -5016,13 +5192,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_ldap_server** -> Array<GraphObjectWithPaths> graph_user_traverse_ldap_server(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_ldap_server(user_id, opts) List the LDAP servers bound to a User @@ -5041,23 +5217,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the LDAP servers bound to a User - result = api_instance.graph_user_traverse_ldap_server(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_ldap_server(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_traverse_ldap_server: #{e}" @@ -5069,12 +5239,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -5086,13 +5254,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_office365** -> Array<GraphObjectWithPaths> graph_user_traverse_office365(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_office365(user_id, opts) List the Office 365 instances bound to a User @@ -5111,23 +5279,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Office 365 instances bound to a User - result = api_instance.graph_user_traverse_office365(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_office365(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_traverse_office365: #{e}" @@ -5139,12 +5301,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -5156,13 +5316,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_radius_server** -> Array<GraphObjectWithPaths> graph_user_traverse_radius_server(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_radius_server(user_id, opts) List the RADIUS Servers bound to a User @@ -5181,23 +5341,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the RADIUS Servers bound to a User - result = api_instance.graph_user_traverse_radius_server(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_radius_server(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_traverse_radius_server: #{e}" @@ -5209,12 +5363,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -5226,13 +5378,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_system** -> Array<GraphObjectWithPaths> graph_user_traverse_system(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_system(user_id, opts) List the Systems bound to a User @@ -5251,23 +5403,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Systems bound to a User - result = api_instance.graph_user_traverse_system(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_system(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_traverse_system: #{e}" @@ -5279,12 +5425,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -5296,13 +5440,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_system_group** -> Array<GraphObjectWithPaths> graph_user_traverse_system_group(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_system_group(user_id, opts) List the System Groups bound to a User @@ -5321,23 +5465,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the System Groups bound to a User - result = api_instance.graph_user_traverse_system_group(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_system_group(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GraphApi->graph_user_traverse_system_group: #{e}" @@ -5349,12 +5487,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -5366,13 +5502,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **policystatuses_list** -> Array<PolicyResult> policystatuses_list(system_id, content_type, accept, opts) +# **policystatuses_systems_list** +> Array<PolicyResult> policystatuses_systems_list(system_id, opts) List the policy statuses for a system @@ -5391,28 +5527,22 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GraphApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the policy statuses for a system - result = api_instance.policystatuses_list(system_id, content_type, accept, opts) + result = api_instance.policystatuses_systems_list(system_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling GraphApi->policystatuses_list: #{e}" + puts "Exception when calling GraphApi->policystatuses_systems_list: #{e}" end ``` @@ -5421,14 +5551,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -5440,7 +5568,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/GraphAttributeLdapGroups.md b/jcapiv2/docs/GraphAttributeLdapGroups.md new file mode 100644 index 0000000..4612825 --- /dev/null +++ b/jcapiv2/docs/GraphAttributeLdapGroups.md @@ -0,0 +1,7 @@ +# JCAPIv2::GraphAttributeLdapGroups + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**ldap_groups** | [**Array<LdapGroup>**](LdapGroup.md) | | [optional] + diff --git a/jcapiv2/docs/GraphAttributePosixGroups.md b/jcapiv2/docs/GraphAttributePosixGroups.md new file mode 100644 index 0000000..a7cd7f4 --- /dev/null +++ b/jcapiv2/docs/GraphAttributePosixGroups.md @@ -0,0 +1,7 @@ +# JCAPIv2::GraphAttributePosixGroups + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**posix_groups** | [**Array<GraphAttributePosixGroupsPosixGroups>**](GraphAttributePosixGroupsPosixGroups.md) | | [optional] + diff --git a/jcapiv2/docs/GraphAttributePosixGroupsPosixGroups.md b/jcapiv2/docs/GraphAttributePosixGroupsPosixGroups.md new file mode 100644 index 0000000..4a9bbf4 --- /dev/null +++ b/jcapiv2/docs/GraphAttributePosixGroupsPosixGroups.md @@ -0,0 +1,8 @@ +# JCAPIv2::GraphAttributePosixGroupsPosixGroups + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **Integer** | | +**name** | **String** | | + diff --git a/jcapiv2/docs/GraphAttributeRadius.md b/jcapiv2/docs/GraphAttributeRadius.md new file mode 100644 index 0000000..c695521 --- /dev/null +++ b/jcapiv2/docs/GraphAttributeRadius.md @@ -0,0 +1,7 @@ +# JCAPIv2::GraphAttributeRadius + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**radius** | [**GraphAttributeRadiusRadius**](GraphAttributeRadiusRadius.md) | | [optional] + diff --git a/jcapiv2/docs/GraphAttributeRadiusRadius.md b/jcapiv2/docs/GraphAttributeRadiusRadius.md new file mode 100644 index 0000000..f9204fb --- /dev/null +++ b/jcapiv2/docs/GraphAttributeRadiusRadius.md @@ -0,0 +1,7 @@ +# JCAPIv2::GraphAttributeRadiusRadius + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**reply** | [**Array<GraphAttributeRadiusRadiusReply>**](GraphAttributeRadiusRadiusReply.md) | | [optional] + diff --git a/jcapiv2/docs/GraphAttributeRadiusRadiusReply.md b/jcapiv2/docs/GraphAttributeRadiusRadiusReply.md new file mode 100644 index 0000000..2e73e58 --- /dev/null +++ b/jcapiv2/docs/GraphAttributeRadiusRadiusReply.md @@ -0,0 +1,8 @@ +# JCAPIv2::GraphAttributeRadiusRadiusReply + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | | +**value** | **String** | | + diff --git a/jcapiv2/docs/GraphAttributeSambaEnabled.md b/jcapiv2/docs/GraphAttributeSambaEnabled.md new file mode 100644 index 0000000..4ab19f7 --- /dev/null +++ b/jcapiv2/docs/GraphAttributeSambaEnabled.md @@ -0,0 +1,7 @@ +# JCAPIv2::GraphAttributeSambaEnabled + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**samba_enabled** | **BOOLEAN** | | [optional] + diff --git a/jcapiv2/docs/GraphAttributeSudo.md b/jcapiv2/docs/GraphAttributeSudo.md new file mode 100644 index 0000000..5182b15 --- /dev/null +++ b/jcapiv2/docs/GraphAttributeSudo.md @@ -0,0 +1,7 @@ +# JCAPIv2::GraphAttributeSudo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**sudo** | [**GraphAttributeSudoSudo**](GraphAttributeSudoSudo.md) | | [optional] + diff --git a/jcapiv2/docs/GraphAttributeSudoSudo.md b/jcapiv2/docs/GraphAttributeSudoSudo.md new file mode 100644 index 0000000..eef48d1 --- /dev/null +++ b/jcapiv2/docs/GraphAttributeSudoSudo.md @@ -0,0 +1,8 @@ +# JCAPIv2::GraphAttributeSudoSudo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**enabled** | **BOOLEAN** | Enables sudo | +**without_password** | **BOOLEAN** | Enable sudo without password (requires 'enabled' to be true) | + diff --git a/jcapiv2/docs/GraphAttributes.md b/jcapiv2/docs/GraphAttributes.md new file mode 100644 index 0000000..03ebadb --- /dev/null +++ b/jcapiv2/docs/GraphAttributes.md @@ -0,0 +1,6 @@ +# JCAPIv2::GraphAttributes + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/GraphConnection.md b/jcapiv2/docs/GraphConnection.md index af63147..b5e3db3 100644 --- a/jcapiv2/docs/GraphConnection.md +++ b/jcapiv2/docs/GraphConnection.md @@ -3,7 +3,7 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] **from** | [**GraphObject**](GraphObject.md) | | [optional] **to** | [**GraphObject**](GraphObject.md) | | - diff --git a/jcapiv2/docs/GraphObject.md b/jcapiv2/docs/GraphObject.md index dda7798..23d1272 100644 --- a/jcapiv2/docs/GraphObject.md +++ b/jcapiv2/docs/GraphObject.md @@ -3,7 +3,7 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] **id** | **String** | The ObjectID of the graph object. | **type** | **String** | The type of graph object. | - diff --git a/jcapiv2/docs/GraphObjectWithPaths.md b/jcapiv2/docs/GraphObjectWithPaths.md index e998e94..ed81272 100644 --- a/jcapiv2/docs/GraphObjectWithPaths.md +++ b/jcapiv2/docs/GraphObjectWithPaths.md @@ -3,8 +3,8 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**compiled_attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] **id** | **String** | Object ID of this graph object. | **paths** | **Array<Array<GraphConnection>>** | A path through the graph between two graph objects. | **type** | [**GraphType**](GraphType.md) | | - diff --git a/jcapiv2/docs/SystemGroupGraphManagementReq.md b/jcapiv2/docs/GraphOperation.md similarity index 79% rename from jcapiv2/docs/SystemGroupGraphManagementReq.md rename to jcapiv2/docs/GraphOperation.md index a059b2a..f098088 100644 --- a/jcapiv2/docs/SystemGroupGraphManagementReq.md +++ b/jcapiv2/docs/GraphOperation.md @@ -1,10 +1,8 @@ -# JCAPIv2::SystemGroupGraphManagementReq +# JCAPIv2::GraphOperation ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **id** | **String** | The ObjectID of graph object being added or removed as an association. | **op** | **String** | How to modify the graph connection. | -**type** | **String** | | - diff --git a/jcapiv2/docs/GraphOperationActiveDirectory.md b/jcapiv2/docs/GraphOperationActiveDirectory.md new file mode 100644 index 0000000..faa8448 --- /dev/null +++ b/jcapiv2/docs/GraphOperationActiveDirectory.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationActiveDirectory + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"active_directory\" can be associated to. | + diff --git a/jcapiv2/docs/GraphOperationApplication.md b/jcapiv2/docs/GraphOperationApplication.md new file mode 100644 index 0000000..0e44d70 --- /dev/null +++ b/jcapiv2/docs/GraphOperationApplication.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationApplication + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"application\" can be associated to. | + diff --git a/jcapiv2/docs/GraphOperationCommand.md b/jcapiv2/docs/GraphOperationCommand.md new file mode 100644 index 0000000..afd4528 --- /dev/null +++ b/jcapiv2/docs/GraphOperationCommand.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationCommand + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"command\" can be associated to. | + diff --git a/jcapiv2/docs/GraphOperationGSuite.md b/jcapiv2/docs/GraphOperationGSuite.md new file mode 100644 index 0000000..9dbe038 --- /dev/null +++ b/jcapiv2/docs/GraphOperationGSuite.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationGSuite + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"g_suite\" can be associated to. | + diff --git a/jcapiv2/docs/GraphOperationLdapServer.md b/jcapiv2/docs/GraphOperationLdapServer.md new file mode 100644 index 0000000..845395d --- /dev/null +++ b/jcapiv2/docs/GraphOperationLdapServer.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationLdapServer + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"ldap_server\" can be associated to. | + diff --git a/jcapiv2/docs/GraphOperationOffice365.md b/jcapiv2/docs/GraphOperationOffice365.md new file mode 100644 index 0000000..fc5ca94 --- /dev/null +++ b/jcapiv2/docs/GraphOperationOffice365.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationOffice365 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"office_365\" can be associated to. | + diff --git a/jcapiv2/docs/SystemGraphManagementReq.md b/jcapiv2/docs/GraphOperationPolicy.md similarity index 58% rename from jcapiv2/docs/SystemGraphManagementReq.md rename to jcapiv2/docs/GraphOperationPolicy.md index f127c60..03b6e60 100644 --- a/jcapiv2/docs/SystemGraphManagementReq.md +++ b/jcapiv2/docs/GraphOperationPolicy.md @@ -1,11 +1,10 @@ -# JCAPIv2::SystemGraphManagementReq +# JCAPIv2::GraphOperationPolicy ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**attributes** | [**SystemGraphManagementReqAttributes**](SystemGraphManagementReqAttributes.md) | | [optional] **id** | **String** | The ObjectID of graph object being added or removed as an association. | **op** | **String** | How to modify the graph connection. | -**type** | **String** | | - +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"policy\" can be associated to. | diff --git a/jcapiv2/docs/GraphOperationPolicyGroup.md b/jcapiv2/docs/GraphOperationPolicyGroup.md new file mode 100644 index 0000000..1e94048 --- /dev/null +++ b/jcapiv2/docs/GraphOperationPolicyGroup.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationPolicyGroup + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"policy_group\" can be associated to. | + diff --git a/jcapiv2/docs/UserGraphManagementReq.md b/jcapiv2/docs/GraphOperationPolicyGroupMember.md similarity index 60% rename from jcapiv2/docs/UserGraphManagementReq.md rename to jcapiv2/docs/GraphOperationPolicyGroupMember.md index e55b71a..b846f0d 100644 --- a/jcapiv2/docs/UserGraphManagementReq.md +++ b/jcapiv2/docs/GraphOperationPolicyGroupMember.md @@ -1,11 +1,10 @@ -# JCAPIv2::UserGraphManagementReq +# JCAPIv2::GraphOperationPolicyGroupMember ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**attributes** | [**SystemGraphManagementReqAttributes**](SystemGraphManagementReqAttributes.md) | | [optional] **id** | **String** | The ObjectID of graph object being added or removed as an association. | **op** | **String** | How to modify the graph connection. | -**type** | **String** | | - +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | The member type. | diff --git a/jcapiv2/docs/GraphOperationRadiusServer.md b/jcapiv2/docs/GraphOperationRadiusServer.md new file mode 100644 index 0000000..33cae61 --- /dev/null +++ b/jcapiv2/docs/GraphOperationRadiusServer.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationRadiusServer + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"radius_server\" can be associated to. | + diff --git a/jcapiv2/docs/GraphOperationSoftwareApp.md b/jcapiv2/docs/GraphOperationSoftwareApp.md new file mode 100644 index 0000000..6e993ba --- /dev/null +++ b/jcapiv2/docs/GraphOperationSoftwareApp.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationSoftwareApp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"software_app\" can be associated to. | + diff --git a/jcapiv2/docs/GraphOperationSystem.md b/jcapiv2/docs/GraphOperationSystem.md new file mode 100644 index 0000000..76b5ab7 --- /dev/null +++ b/jcapiv2/docs/GraphOperationSystem.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationSystem + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | **Object** | | [optional] +**type** | **String** | Targets which a \"system\" can be associated to. | + diff --git a/jcapiv2/docs/GraphOperationSystemGroup.md b/jcapiv2/docs/GraphOperationSystemGroup.md new file mode 100644 index 0000000..e8cfc7d --- /dev/null +++ b/jcapiv2/docs/GraphOperationSystemGroup.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationSystemGroup + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"system_group\" can be associated to. | + diff --git a/jcapiv2/docs/GraphOperationSystemGroupMember.md b/jcapiv2/docs/GraphOperationSystemGroupMember.md new file mode 100644 index 0000000..7ea0161 --- /dev/null +++ b/jcapiv2/docs/GraphOperationSystemGroupMember.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationSystemGroupMember + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | The member type. | + diff --git a/jcapiv2/docs/GraphManagementReq.md b/jcapiv2/docs/GraphOperationUser.md similarity index 62% rename from jcapiv2/docs/GraphManagementReq.md rename to jcapiv2/docs/GraphOperationUser.md index 8f268ff..9498b43 100644 --- a/jcapiv2/docs/GraphManagementReq.md +++ b/jcapiv2/docs/GraphOperationUser.md @@ -1,10 +1,10 @@ -# JCAPIv2::GraphManagementReq +# JCAPIv2::GraphOperationUser ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **id** | **String** | The ObjectID of graph object being added or removed as an association. | **op** | **String** | How to modify the graph connection. | -**type** | [**GraphType**](GraphType.md) | | - +**attributes** | **Object** | | [optional] +**type** | **String** | Targets which a \"user\" can be associated to. | diff --git a/jcapiv2/docs/GraphOperationUserGroup.md b/jcapiv2/docs/GraphOperationUserGroup.md new file mode 100644 index 0000000..a63c076 --- /dev/null +++ b/jcapiv2/docs/GraphOperationUserGroup.md @@ -0,0 +1,10 @@ +# JCAPIv2::GraphOperationUserGroup + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The ObjectID of graph object being added or removed as an association. | +**op** | **String** | How to modify the graph connection. | +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | Targets which a \"user_group\" can be associated to. | + diff --git a/jcapiv2/docs/UserGroupGraphManagementReq.md b/jcapiv2/docs/GraphOperationUserGroupMember.md similarity index 62% rename from jcapiv2/docs/UserGroupGraphManagementReq.md rename to jcapiv2/docs/GraphOperationUserGroupMember.md index 60a5999..3fc65bc 100644 --- a/jcapiv2/docs/UserGroupGraphManagementReq.md +++ b/jcapiv2/docs/GraphOperationUserGroupMember.md @@ -1,10 +1,10 @@ -# JCAPIv2::UserGroupGraphManagementReq +# JCAPIv2::GraphOperationUserGroupMember ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **id** | **String** | The ObjectID of graph object being added or removed as an association. | **op** | **String** | How to modify the graph connection. | -**type** | **String** | The graph type | - +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**type** | **String** | The member type. | diff --git a/jcapiv2/docs/GraphType.md b/jcapiv2/docs/GraphType.md index af91e3e..cc93c18 100644 --- a/jcapiv2/docs/GraphType.md +++ b/jcapiv2/docs/GraphType.md @@ -4,4 +4,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- - diff --git a/jcapiv2/docs/Group.md b/jcapiv2/docs/Group.md index 37d26dd..7a4cbe1 100644 --- a/jcapiv2/docs/Group.md +++ b/jcapiv2/docs/Group.md @@ -3,8 +3,10 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**description** | **String** | Description of a Group | [optional] +**email** | **String** | E-mail address associated with a Group | [optional] **id** | **String** | ObjectId uniquely identifying a Group. | [optional] **name** | **String** | Display name of a Group. | [optional] **type** | [**GroupType**](GroupType.md) | | [optional] - diff --git a/jcapiv2/docs/GroupAttributesUserGroup.md b/jcapiv2/docs/GroupAttributesUserGroup.md new file mode 100644 index 0000000..3ece8dc --- /dev/null +++ b/jcapiv2/docs/GroupAttributesUserGroup.md @@ -0,0 +1,11 @@ +# JCAPIv2::GroupAttributesUserGroup + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**sudo** | [**GraphAttributeSudoSudo**](GraphAttributeSudoSudo.md) | | [optional] +**ldap_groups** | [**Array<LdapGroup>**](LdapGroup.md) | | [optional] +**posix_groups** | [**Array<GraphAttributePosixGroupsPosixGroups>**](GraphAttributePosixGroupsPosixGroups.md) | | [optional] +**radius** | [**GraphAttributeRadiusRadius**](GraphAttributeRadiusRadius.md) | | [optional] +**samba_enabled** | **BOOLEAN** | | [optional] + diff --git a/jcapiv2/docs/GroupIdSuggestionsBody.md b/jcapiv2/docs/GroupIdSuggestionsBody.md new file mode 100644 index 0000000..55216d4 --- /dev/null +++ b/jcapiv2/docs/GroupIdSuggestionsBody.md @@ -0,0 +1,7 @@ +# JCAPIv2::GroupIdSuggestionsBody + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**object_ids** | **Array<String>** | | [optional] + diff --git a/jcapiv2/docs/GroupIdSuggestionsBody1.md b/jcapiv2/docs/GroupIdSuggestionsBody1.md new file mode 100644 index 0000000..69d6c2d --- /dev/null +++ b/jcapiv2/docs/GroupIdSuggestionsBody1.md @@ -0,0 +1,7 @@ +# JCAPIv2::GroupIdSuggestionsBody1 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**user_ids** | **Array<String>** | | [optional] + diff --git a/jcapiv2/docs/GroupMembershipMethodType.md b/jcapiv2/docs/GroupMembershipMethodType.md new file mode 100644 index 0000000..ca35c54 --- /dev/null +++ b/jcapiv2/docs/GroupMembershipMethodType.md @@ -0,0 +1,6 @@ +# JCAPIv2::GroupMembershipMethodType + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/GroupPwm.md b/jcapiv2/docs/GroupPwm.md new file mode 100644 index 0000000..bf1b854 --- /dev/null +++ b/jcapiv2/docs/GroupPwm.md @@ -0,0 +1,13 @@ +# JCAPIv2::GroupPwm + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**access_level_id** | **String** | | +**access_level_name** | **String** | | +**description** | **String** | | [optional] +**external_id** | **String** | | [optional] +**id** | **String** | | +**name** | **String** | | +**users_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/GroupType.md b/jcapiv2/docs/GroupType.md index 92cc884..a3a667c 100644 --- a/jcapiv2/docs/GroupType.md +++ b/jcapiv2/docs/GroupType.md @@ -4,4 +4,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- - diff --git a/jcapiv2/docs/Groups.md b/jcapiv2/docs/Groups.md new file mode 100644 index 0000000..4c0cab0 --- /dev/null +++ b/jcapiv2/docs/Groups.md @@ -0,0 +1,6 @@ +# JCAPIv2::Groups + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/GroupsApi.md b/jcapiv2/docs/GroupsApi.md index d00d868..4f62aea 100644 --- a/jcapiv2/docs/GroupsApi.md +++ b/jcapiv2/docs/GroupsApi.md @@ -6,9 +6,8 @@ Method | HTTP request | Description ------------- | ------------- | ------------- [**groups_list**](GroupsApi.md#groups_list) | **GET** /groups | List All Groups - # **groups_list** -> Array<Group> groups_list(content_type, accept, opts) +> Array<Group> groups_list(opts) List All Groups @@ -27,23 +26,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::GroupsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + x_unfiltered_total_count: 56 # Integer | If provided in the request with any non-empty value, this header will be returned on the response populated with the total count of objects without filters taken into account } begin #List All Groups - result = api_instance.groups_list(content_type, accept, opts) + result = api_instance.groups_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling GroupsApi->groups_list: #{e}" @@ -54,14 +49,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **x_unfiltered_total_count** | **Integer**| If provided in the request with any non-empty value, this header will be returned on the response populated with the total count of objects without filters taken into account | [optional] ### Return type @@ -73,7 +67,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/GroupsInner.md b/jcapiv2/docs/GroupsInner.md new file mode 100644 index 0000000..b2be85d --- /dev/null +++ b/jcapiv2/docs/GroupsInner.md @@ -0,0 +1,8 @@ +# JCAPIv2::GroupsInner + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | +**name** | **String** | | + diff --git a/jcapiv2/docs/GsuiteOutput.md b/jcapiv2/docs/Gsuite.md similarity index 59% rename from jcapiv2/docs/GsuiteOutput.md rename to jcapiv2/docs/Gsuite.md index 3ed0d83..66b878d 100644 --- a/jcapiv2/docs/GsuiteOutput.md +++ b/jcapiv2/docs/Gsuite.md @@ -1,10 +1,12 @@ -# JCAPIv2::GsuiteOutput +# JCAPIv2::Gsuite ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**default_domain** | [**DefaultDomain**](DefaultDomain.md) | | [optional] +**groups_enabled** | **BOOLEAN** | | [optional] **id** | **String** | | [optional] +**name** | **String** | | [optional] **user_lockout_action** | **String** | | [optional] **user_password_expiration_action** | **String** | | [optional] - diff --git a/jcapiv2/docs/JcEnrollmentProfile.md b/jcapiv2/docs/IPList.md similarity index 50% rename from jcapiv2/docs/JcEnrollmentProfile.md rename to jcapiv2/docs/IPList.md index cdf144e..916da38 100644 --- a/jcapiv2/docs/JcEnrollmentProfile.md +++ b/jcapiv2/docs/IPList.md @@ -1,12 +1,10 @@ -# JCAPIv2::JcEnrollmentProfile +# JCAPIv2::IPList ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**groups** | **Array<String>** | | [optional] +**description** | **String** | | [optional] **id** | **String** | | [optional] +**ips** | **Array<String>** | | [optional] **name** | **String** | | [optional] -**organization** | **String** | | [optional] -**users** | **Array<String>** | | [optional] - diff --git a/jcapiv2/docs/IPListRequest.md b/jcapiv2/docs/IPListRequest.md new file mode 100644 index 0000000..0889e96 --- /dev/null +++ b/jcapiv2/docs/IPListRequest.md @@ -0,0 +1,9 @@ +# JCAPIv2::IPListRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**description** | **String** | | [optional] +**ips** | **Array<String>** | | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/IPListsApi.md b/jcapiv2/docs/IPListsApi.md new file mode 100644 index 0000000..c99256e --- /dev/null +++ b/jcapiv2/docs/IPListsApi.md @@ -0,0 +1,361 @@ +# JCAPIv2::IPListsApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**iplists_delete**](IPListsApi.md#iplists_delete) | **DELETE** /iplists/{id} | Delete an IP list +[**iplists_get**](IPListsApi.md#iplists_get) | **GET** /iplists/{id} | Get an IP list +[**iplists_list**](IPListsApi.md#iplists_list) | **GET** /iplists | List IP Lists +[**iplists_patch**](IPListsApi.md#iplists_patch) | **PATCH** /iplists/{id} | Update an IP list +[**iplists_post**](IPListsApi.md#iplists_post) | **POST** /iplists | Create IP List +[**iplists_put**](IPListsApi.md#iplists_put) | **PUT** /iplists/{id} | Replace an IP list + +# **iplists_delete** +> IPList iplists_delete(id, opts) + +Delete an IP list + +Delete a specific IP list. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete an IP list + result = api_instance.iplists_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**IPList**](IPList.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **iplists_get** +> IPList iplists_get(id, opts) + +Get an IP list + +Return a specific IP list. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Get an IP list + result = api_instance.iplists_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**IPList**](IPList.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **iplists_list** +> Array<IPList> iplists_list(opts) + +List IP Lists + +Retrieve all IP lists. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/iplists \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + x_total_count: 56, # Integer | + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List IP Lists + result = api_instance.iplists_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **x_total_count** | **Integer**| | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**Array<IPList>**](IPList.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **iplists_patch** +> IPList iplists_patch(id, opts) + +Update an IP list + +Update a specific IP list. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"name\": \"New IP List Name\"}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::IPListRequest.new # IPListRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update an IP list + result = api_instance.iplists_patch(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_patch: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**IPListRequest**](IPListRequest.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**IPList**](IPList.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **iplists_post** +> IPList iplists_post(opts) + +Create IP List + +Create an IP list. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/iplists \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample IP List\", \"ips\": [ \"192.168.10.12\", \"192.168.10.20 - 192.168.10.30\", \"123.225.10.0/32\" ] }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +opts = { + body: JCAPIv2::IPListRequest.new # IPListRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create IP List + result = api_instance.iplists_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**IPListRequest**](IPListRequest.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**IPList**](IPList.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **iplists_put** +> IPList iplists_put(id, opts) + +Replace an IP list + +Replace a specific IP list. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample IP List\", \"ips\": [ \"192.168.10.10\" ] }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::IPListsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::IPListRequest.new # IPListRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Replace an IP list + result = api_instance.iplists_put(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling IPListsApi->iplists_put: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**IPListRequest**](IPListRequest.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**IPList**](IPList.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/ImageApi.md b/jcapiv2/docs/ImageApi.md new file mode 100644 index 0000000..08c554d --- /dev/null +++ b/jcapiv2/docs/ImageApi.md @@ -0,0 +1,63 @@ +# JCAPIv2::ImageApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**applications_delete_logo**](ImageApi.md#applications_delete_logo) | **DELETE** /applications/{application_id}/logo | Delete application image + +# **applications_delete_logo** +> applications_delete_logo(application_id, opts) + +Delete application image + +Deletes the specified image from an application + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ImageApi.new +application_id = 'application_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete application image + api_instance.applications_delete_logo(application_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ImageApi->applications_delete_logo: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **application_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/ImportOperation.md b/jcapiv2/docs/ImportOperation.md new file mode 100644 index 0000000..49871fb --- /dev/null +++ b/jcapiv2/docs/ImportOperation.md @@ -0,0 +1,6 @@ +# JCAPIv2::ImportOperation + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/ImportUser.md b/jcapiv2/docs/ImportUser.md new file mode 100644 index 0000000..c670a4b --- /dev/null +++ b/jcapiv2/docs/ImportUser.md @@ -0,0 +1,24 @@ +# JCAPIv2::ImportUser + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**addresses** | [**Array<ImportUserAddress>**](ImportUserAddress.md) | | [optional] +**alternate_email** | **String** | | [optional] +**company** | **String** | | [optional] +**cost_center** | **String** | | [optional] +**department** | **String** | | [optional] +**displayname** | **String** | | [optional] +**email** | **String** | | [optional] +**employee_identifier** | **String** | | [optional] +**employee_type** | **String** | | [optional] +**firstname** | **String** | | [optional] +**id** | **String** | | [optional] +**job_title** | **String** | | [optional] +**lastname** | **String** | | [optional] +**location** | **String** | | [optional] +**manager** | **String** | | [optional] +**middlename** | **String** | | [optional] +**phone_numbers** | [**Array<ImportUserPhoneNumber>**](ImportUserPhoneNumber.md) | | [optional] +**username** | **String** | | [optional] + diff --git a/jcapiv2/docs/ImportUserAddress.md b/jcapiv2/docs/ImportUserAddress.md new file mode 100644 index 0000000..0f1ce91 --- /dev/null +++ b/jcapiv2/docs/ImportUserAddress.md @@ -0,0 +1,12 @@ +# JCAPIv2::ImportUserAddress + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**country** | **String** | | [optional] +**locality** | **String** | | [optional] +**postal_code** | **String** | | [optional] +**region** | **String** | | [optional] +**street_address** | **String** | | [optional] +**type** | **String** | | [optional] + diff --git a/jcapiv2/docs/ImportUserPhoneNumber.md b/jcapiv2/docs/ImportUserPhoneNumber.md new file mode 100644 index 0000000..c1364ed --- /dev/null +++ b/jcapiv2/docs/ImportUserPhoneNumber.md @@ -0,0 +1,8 @@ +# JCAPIv2::ImportUserPhoneNumber + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**type** | **String** | | [optional] +**value** | **String** | | [optional] + diff --git a/jcapiv2/docs/ImportUsersRequest.md b/jcapiv2/docs/ImportUsersRequest.md new file mode 100644 index 0000000..07698d7 --- /dev/null +++ b/jcapiv2/docs/ImportUsersRequest.md @@ -0,0 +1,9 @@ +# JCAPIv2::ImportUsersRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**allow_user_reactivation** | **BOOLEAN** | A boolean value to allow the reactivation of suspended users | [optional] [default to true] +**operations** | [**Array<ImportOperation>**](ImportOperation.md) | Operations to be performed on the user list returned from the application | [optional] +**query_string** | **String** | Query string to filter and sort the user list returned from the application. The supported filtering and sorting varies by application. If no value is sent, all users are returned. **Example:** \"location=Chicago&department=IT\"Query string used to retrieve users from service | [optional] [default to ''] + diff --git a/jcapiv2/docs/ImportUsersResponse.md b/jcapiv2/docs/ImportUsersResponse.md new file mode 100644 index 0000000..1087f7a --- /dev/null +++ b/jcapiv2/docs/ImportUsersResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::ImportUsersResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**total_count** | [**BigDecimal**](BigDecimal.md) | | [optional] +**users** | [**Array<ImportUser>**](ImportUser.md) | | [optional] + diff --git a/jcapiv2/docs/InlineResponse200.md b/jcapiv2/docs/InlineResponse200.md index ca7e8f1..4204f83 100644 --- a/jcapiv2/docs/InlineResponse200.md +++ b/jcapiv2/docs/InlineResponse200.md @@ -3,9 +3,6 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**id** | **String** | | [optional] -**name** | **String** | | [optional] -**user_lockout_action** | [**LdapServerAction**](LdapServerAction.md) | | [optional] -**user_password_expiration_action** | [**LdapServerAction**](LdapServerAction.md) | | [optional] - +**events_count** | **Integer** | The total number of ACTIVATED and SUSPENDED events to a max depth of 1 for all of the users in the query. A value larger than the limit specified on the query indicates that additional calls are needed, using a skip greater than 0, to retrieve the full set of results. | [optional] +**results** | [**Array<ScheduledUserstateResult>**](ScheduledUserstateResult.md) | | [optional] diff --git a/jcapiv2/docs/InlineResponse2001.md b/jcapiv2/docs/InlineResponse2001.md index d888779..d9bbb6e 100644 --- a/jcapiv2/docs/InlineResponse2001.md +++ b/jcapiv2/docs/InlineResponse2001.md @@ -3,7 +3,6 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**results** | [**Array<Administrator>**](Administrator.md) | | [optional] -**total_count** | **Integer** | | [optional] - +**next_page_token** | **String** | | [optional] +**users** | [**Array<User>**](User.md) | | [optional] diff --git a/jcapiv2/docs/InlineResponse20010.md b/jcapiv2/docs/InlineResponse20010.md new file mode 100644 index 0000000..93a53c1 --- /dev/null +++ b/jcapiv2/docs/InlineResponse20010.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse20010 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<SyncroMappingResponse>**](SyncroMappingResponse.md) | | [optional] +**total_count** | [**BigDecimal**](BigDecimal.md) | | [optional] + diff --git a/jcapiv2/docs/InlineResponse20011.md b/jcapiv2/docs/InlineResponse20011.md new file mode 100644 index 0000000..3e250fe --- /dev/null +++ b/jcapiv2/docs/InlineResponse20011.md @@ -0,0 +1,10 @@ +# JCAPIv2::InlineResponse20011 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | [optional] +**name** | **String** | | [optional] +**user_lockout_action** | [**LdapServerAction**](LdapServerAction.md) | | [optional] +**user_password_expiration_action** | [**LdapServerAction**](LdapServerAction.md) | | [optional] + diff --git a/jcapiv2/docs/InlineResponse20012.md b/jcapiv2/docs/InlineResponse20012.md new file mode 100644 index 0000000..2e7f406 --- /dev/null +++ b/jcapiv2/docs/InlineResponse20012.md @@ -0,0 +1,9 @@ +# JCAPIv2::InlineResponse20012 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**skip_token** | **String** | | [optional] +**top** | **Integer** | | [optional] +**users** | [**Array<InlineResponse20012Users>**](InlineResponse20012Users.md) | | [optional] + diff --git a/jcapiv2/docs/InlineResponse20012Users.md b/jcapiv2/docs/InlineResponse20012Users.md new file mode 100644 index 0000000..4918037 --- /dev/null +++ b/jcapiv2/docs/InlineResponse20012Users.md @@ -0,0 +1,10 @@ +# JCAPIv2::InlineResponse20012Users + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**given_name** | **String** | | [optional] +**id** | **String** | | [optional] +**surname** | **String** | | [optional] +**user_principal_name** | **String** | | [optional] + diff --git a/jcapiv2/docs/InlineResponse20013.md b/jcapiv2/docs/InlineResponse20013.md new file mode 100644 index 0000000..35d71a3 --- /dev/null +++ b/jcapiv2/docs/InlineResponse20013.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse20013 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<Administrator>**](Administrator.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/InlineResponse20014.md b/jcapiv2/docs/InlineResponse20014.md new file mode 100644 index 0000000..fe289e3 --- /dev/null +++ b/jcapiv2/docs/InlineResponse20014.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse20014 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**ConfiguredPolicyTemplate**](ConfiguredPolicyTemplate.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/InlineResponse20015.md b/jcapiv2/docs/InlineResponse20015.md new file mode 100644 index 0000000..da46276 --- /dev/null +++ b/jcapiv2/docs/InlineResponse20015.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse20015 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<Organization>**](Organization.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/InlineResponse2002.md b/jcapiv2/docs/InlineResponse2002.md new file mode 100644 index 0000000..5663a83 --- /dev/null +++ b/jcapiv2/docs/InlineResponse2002.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse2002 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**next_page_token** | **String** | | [optional] +**users** | [**Array<InlineResponse2002Users>**](InlineResponse2002Users.md) | | [optional] + diff --git a/jcapiv2/docs/InlineResponse2002Users.md b/jcapiv2/docs/InlineResponse2002Users.md new file mode 100644 index 0000000..ce50144 --- /dev/null +++ b/jcapiv2/docs/InlineResponse2002Users.md @@ -0,0 +1,11 @@ +# JCAPIv2::InlineResponse2002Users + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**family_name** | **String** | | [optional] +**given_name** | **String** | | [optional] +**id** | **String** | | [optional] +**primary_email** | **String** | | [optional] +**thumbnail_photo_url** | **String** | | [optional] + diff --git a/jcapiv2/docs/InlineResponse2003.md b/jcapiv2/docs/InlineResponse2003.md new file mode 100644 index 0000000..ea93cdc --- /dev/null +++ b/jcapiv2/docs/InlineResponse2003.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse2003 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<AutotaskContract>**](AutotaskContract.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/InlineResponse2004.md b/jcapiv2/docs/InlineResponse2004.md new file mode 100644 index 0000000..c009049 --- /dev/null +++ b/jcapiv2/docs/InlineResponse2004.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse2004 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<AutotaskContractField>**](AutotaskContractField.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/InlineResponse2005.md b/jcapiv2/docs/InlineResponse2005.md new file mode 100644 index 0000000..ec8afa8 --- /dev/null +++ b/jcapiv2/docs/InlineResponse2005.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse2005 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<AutotaskService>**](AutotaskService.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/InlineResponse2006.md b/jcapiv2/docs/InlineResponse2006.md new file mode 100644 index 0000000..7270b51 --- /dev/null +++ b/jcapiv2/docs/InlineResponse2006.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse2006 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<AutotaskMappingResponse>**](AutotaskMappingResponse.md) | | [optional] +**total_count** | [**BigDecimal**](BigDecimal.md) | | [optional] + diff --git a/jcapiv2/docs/InlineResponse2007.md b/jcapiv2/docs/InlineResponse2007.md new file mode 100644 index 0000000..7b2af36 --- /dev/null +++ b/jcapiv2/docs/InlineResponse2007.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse2007 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<ConnectwiseAgreement>**](ConnectwiseAgreement.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/InlineResponse2008.md b/jcapiv2/docs/InlineResponse2008.md new file mode 100644 index 0000000..6f1f296 --- /dev/null +++ b/jcapiv2/docs/InlineResponse2008.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse2008 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<ConnectwiseAddition>**](ConnectwiseAddition.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/InlineResponse2009.md b/jcapiv2/docs/InlineResponse2009.md new file mode 100644 index 0000000..4cd0f7b --- /dev/null +++ b/jcapiv2/docs/InlineResponse2009.md @@ -0,0 +1,8 @@ +# JCAPIv2::InlineResponse2009 + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<ConnectWiseMappingResponse>**](ConnectWiseMappingResponse.md) | | [optional] +**total_count** | [**BigDecimal**](BigDecimal.md) | | [optional] + diff --git a/jcapiv2/docs/InlineResponse201.md b/jcapiv2/docs/InlineResponse201.md index be2df5b..61e0dd5 100644 --- a/jcapiv2/docs/InlineResponse201.md +++ b/jcapiv2/docs/InlineResponse201.md @@ -3,7 +3,5 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**apple_mdm** | [**AppleMDM**](AppleMDM.md) | | [optional] -**signed_csr_plist** | **String** | | [optional] - +**integration_id** | **String** | The identifier of the created integration | diff --git a/jcapiv2/docs/InlineResponse400.md b/jcapiv2/docs/InlineResponse400.md index 5f5caed..a9d9357 100644 --- a/jcapiv2/docs/InlineResponse400.md +++ b/jcapiv2/docs/InlineResponse400.md @@ -5,4 +5,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **message** | **String** | | [optional] - diff --git a/jcapiv2/docs/InstallActionType.md b/jcapiv2/docs/InstallActionType.md new file mode 100644 index 0000000..9244b16 --- /dev/null +++ b/jcapiv2/docs/InstallActionType.md @@ -0,0 +1,6 @@ +# JCAPIv2::InstallActionType + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/Integration.md b/jcapiv2/docs/Integration.md new file mode 100644 index 0000000..0e30a74 --- /dev/null +++ b/jcapiv2/docs/Integration.md @@ -0,0 +1,8 @@ +# JCAPIv2::Integration + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**integration_id** | **String** | Unique identifier for this integration | [optional] +**type** | [**IntegrationType**](IntegrationType.md) | | [optional] + diff --git a/jcapiv2/docs/IntegrationSyncError.md b/jcapiv2/docs/IntegrationSyncError.md new file mode 100644 index 0000000..913a3fc --- /dev/null +++ b/jcapiv2/docs/IntegrationSyncError.md @@ -0,0 +1,10 @@ +# JCAPIv2::IntegrationSyncError + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**error_type** | **String** | | +**message** | **String** | | +**org_id** | **String** | | +**timestamp** | **String** | | + diff --git a/jcapiv2/docs/IntegrationSyncErrorResp.md b/jcapiv2/docs/IntegrationSyncErrorResp.md new file mode 100644 index 0000000..7e6c607 --- /dev/null +++ b/jcapiv2/docs/IntegrationSyncErrorResp.md @@ -0,0 +1,8 @@ +# JCAPIv2::IntegrationSyncErrorResp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<IntegrationSyncError>**](IntegrationSyncError.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/IntegrationType.md b/jcapiv2/docs/IntegrationType.md new file mode 100644 index 0000000..989ba7a --- /dev/null +++ b/jcapiv2/docs/IntegrationType.md @@ -0,0 +1,6 @@ +# JCAPIv2::IntegrationType + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/IntegrationsResponse.md b/jcapiv2/docs/IntegrationsResponse.md new file mode 100644 index 0000000..a53b1cb --- /dev/null +++ b/jcapiv2/docs/IntegrationsResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::IntegrationsResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<Integration>**](Integration.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/JobDetails.md b/jcapiv2/docs/JobDetails.md deleted file mode 100644 index 30a90ca..0000000 --- a/jcapiv2/docs/JobDetails.md +++ /dev/null @@ -1,15 +0,0 @@ -# JCAPIv2::JobDetails - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**admin_id** | **String** | | [optional] -**id** | **String** | | [optional] -**meta** | **Object** | | [optional] -**name** | **String** | | [optional] -**persisted_fields** | **Array<String>** | | [optional] -**status** | **String** | | [optional] -**updated_at** | **String** | | [optional] -**work_units_count** | **Integer** | | [optional] - - diff --git a/jcapiv2/docs/JobId.md b/jcapiv2/docs/JobId.md index 5a9ef30..b77525f 100644 --- a/jcapiv2/docs/JobId.md +++ b/jcapiv2/docs/JobId.md @@ -5,4 +5,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **job_id** | **String** | | [optional] - diff --git a/jcapiv2/docs/JobWorkresult.md b/jcapiv2/docs/JobWorkresult.md index dc37367..18166c8 100644 --- a/jcapiv2/docs/JobWorkresult.md +++ b/jcapiv2/docs/JobWorkresult.md @@ -3,6 +3,11 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**created_at** | **String** | | [optional] +**id** | **String** | | [optional] **meta** | **Object** | | [optional] - +**persisted_fields** | **Object** | | [optional] +**status** | **String** | | [optional] +**status_msg** | **String** | | [optional] +**updated_at** | **String** | | [optional] diff --git a/jcapiv2/docs/JumpcloudGappsDomain.md b/jcapiv2/docs/JumpcloudGappsDomain.md new file mode 100644 index 0000000..e189161 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGappsDomain.md @@ -0,0 +1,10 @@ +# JCAPIv2::JumpcloudGappsDomain + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**account_object_id** | **String** | Unique identifier of the GSuite. | [optional] +**default** | **BOOLEAN** | Suggests if the domain is default | [optional] +**domain** | **String** | name of the domain | [optional] +**object_id** | **String** | Unique identifier of the Domain. | [optional] + diff --git a/jcapiv2/docs/JumpcloudGappsDomainListResponse.md b/jcapiv2/docs/JumpcloudGappsDomainListResponse.md new file mode 100644 index 0000000..6b4335c --- /dev/null +++ b/jcapiv2/docs/JumpcloudGappsDomainListResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::JumpcloudGappsDomainListResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**domains** | [**Array<JumpcloudGappsDomain>**](JumpcloudGappsDomain.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGappsDomainResponse.md b/jcapiv2/docs/JumpcloudGappsDomainResponse.md new file mode 100644 index 0000000..e0a6a36 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGappsDomainResponse.md @@ -0,0 +1,7 @@ +# JCAPIv2::JumpcloudGappsDomainResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**domain** | [**JumpcloudGappsDomain**](JumpcloudGappsDomain.md) | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmAllowPersonalUsage.md b/jcapiv2/docs/JumpcloudGoogleEmmAllowPersonalUsage.md new file mode 100644 index 0000000..b08072d --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmAllowPersonalUsage.md @@ -0,0 +1,6 @@ +# JCAPIv2::JumpcloudGoogleEmmAllowPersonalUsage + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmCommandResponse.md b/jcapiv2/docs/JumpcloudGoogleEmmCommandResponse.md new file mode 100644 index 0000000..01d2457 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmCommandResponse.md @@ -0,0 +1,6 @@ +# JCAPIv2::JumpcloudGoogleEmmCommandResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmCommonCriteriaModeInfo.md b/jcapiv2/docs/JumpcloudGoogleEmmCommonCriteriaModeInfo.md new file mode 100644 index 0000000..bc94bb3 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmCommonCriteriaModeInfo.md @@ -0,0 +1,7 @@ +# JCAPIv2::JumpcloudGoogleEmmCommonCriteriaModeInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**common_criteria_mode_status** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmConnectionStatus.md b/jcapiv2/docs/JumpcloudGoogleEmmConnectionStatus.md new file mode 100644 index 0000000..4b7fb01 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmConnectionStatus.md @@ -0,0 +1,9 @@ +# JCAPIv2::JumpcloudGoogleEmmConnectionStatus + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**enterprise_id** | **String** | | [optional] +**is_connected** | **BOOLEAN** | | [optional] +**organization_object_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmCreateEnrollmentTokenRequest.md b/jcapiv2/docs/JumpcloudGoogleEmmCreateEnrollmentTokenRequest.md new file mode 100644 index 0000000..f7470e8 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmCreateEnrollmentTokenRequest.md @@ -0,0 +1,11 @@ +# JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**allow_personal_usage** | [**JumpcloudGoogleEmmAllowPersonalUsage**](JumpcloudGoogleEmmAllowPersonalUsage.md) | | [optional] +**enterprise_object_id** | **String** | | [optional] +**one_time_only** | **BOOLEAN** | | [optional] +**user_object_id** | **String** | | [optional] +**zero_touch** | **BOOLEAN** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmCreateEnrollmentTokenResponse.md b/jcapiv2/docs/JumpcloudGoogleEmmCreateEnrollmentTokenResponse.md new file mode 100644 index 0000000..0c1ff0b --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmCreateEnrollmentTokenResponse.md @@ -0,0 +1,12 @@ +# JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**enrollment_link** | **String** | | [optional] +**expiration_time** | **String** | | [optional] +**metadata** | **String** | | [optional] +**name** | **String** | | [optional] +**qr_code_image** | **String** | | [optional] +**value** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmCreateEnterpriseRequest.md b/jcapiv2/docs/JumpcloudGoogleEmmCreateEnterpriseRequest.md new file mode 100644 index 0000000..1985eda --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmCreateEnterpriseRequest.md @@ -0,0 +1,8 @@ +# JCAPIv2::JumpcloudGoogleEmmCreateEnterpriseRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**enrollment_token** | **String** | | [optional] +**signup_url_name** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmCreateWebTokenRequest.md b/jcapiv2/docs/JumpcloudGoogleEmmCreateWebTokenRequest.md new file mode 100644 index 0000000..c3786dc --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmCreateWebTokenRequest.md @@ -0,0 +1,9 @@ +# JCAPIv2::JumpcloudGoogleEmmCreateWebTokenRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**enterprise_object_id** | **String** | | [optional] +**iframe_feature** | [**JumpcloudGoogleEmmFeature**](JumpcloudGoogleEmmFeature.md) | | [optional] +**parent_frame_url** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmDevice.md b/jcapiv2/docs/JumpcloudGoogleEmmDevice.md new file mode 100644 index 0000000..930f5cc --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmDevice.md @@ -0,0 +1,9 @@ +# JCAPIv2::JumpcloudGoogleEmmDevice + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**device_id** | **String** | | [optional] +**device_information** | [**JumpcloudGoogleEmmDeviceInformation**](JumpcloudGoogleEmmDeviceInformation.md) | | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmDeviceAndroidPolicy.md b/jcapiv2/docs/JumpcloudGoogleEmmDeviceAndroidPolicy.md new file mode 100644 index 0000000..a874b2e --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmDeviceAndroidPolicy.md @@ -0,0 +1,7 @@ +# JCAPIv2::JumpcloudGoogleEmmDeviceAndroidPolicy + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**policy** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmDeviceData.md b/jcapiv2/docs/JumpcloudGoogleEmmDeviceData.md new file mode 100644 index 0000000..28a0860 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmDeviceData.md @@ -0,0 +1,8 @@ +# JCAPIv2::JumpcloudGoogleEmmDeviceData + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**device_id** | **String** | | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmDeviceInformation.md b/jcapiv2/docs/JumpcloudGoogleEmmDeviceInformation.md new file mode 100644 index 0000000..39aed56 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmDeviceInformation.md @@ -0,0 +1,12 @@ +# JCAPIv2::JumpcloudGoogleEmmDeviceInformation + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**device_state_info** | [**JumpcloudGoogleEmmDeviceStateInfo**](JumpcloudGoogleEmmDeviceStateInfo.md) | | [optional] +**emm_enrollment_info** | [**JumpcloudGoogleEmmEMMEnrollmentInfo**](JumpcloudGoogleEmmEMMEnrollmentInfo.md) | | [optional] +**hardware_info** | [**JumpcloudGoogleEmmHardwareInfo**](JumpcloudGoogleEmmHardwareInfo.md) | | [optional] +**memory_info** | [**JumpcloudGoogleEmmMemoryInfo**](JumpcloudGoogleEmmMemoryInfo.md) | | [optional] +**network_info** | [**JumpcloudGoogleEmmNetworkInfo**](JumpcloudGoogleEmmNetworkInfo.md) | | [optional] +**software_info** | [**JumpcloudGoogleEmmSoftwareInfo**](JumpcloudGoogleEmmSoftwareInfo.md) | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmDeviceSettings.md b/jcapiv2/docs/JumpcloudGoogleEmmDeviceSettings.md new file mode 100644 index 0000000..e0ae774 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmDeviceSettings.md @@ -0,0 +1,13 @@ +# JCAPIv2::JumpcloudGoogleEmmDeviceSettings + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**adb_enabled** | **BOOLEAN** | | [optional] +**development_settings_enabled** | **BOOLEAN** | | [optional] +**encryption_status** | **String** | | [optional] +**is_device_secure** | **BOOLEAN** | | [optional] +**is_encrypted** | **BOOLEAN** | | [optional] +**unknown_sources_enabled** | **BOOLEAN** | | [optional] +**verify_apps_enabled** | **BOOLEAN** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmDeviceStateInfo.md b/jcapiv2/docs/JumpcloudGoogleEmmDeviceStateInfo.md new file mode 100644 index 0000000..1de8b78 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmDeviceStateInfo.md @@ -0,0 +1,15 @@ +# JCAPIv2::JumpcloudGoogleEmmDeviceStateInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**applied_device_state** | **String** | | [optional] +**common_criteria_mode_info** | [**JumpcloudGoogleEmmCommonCriteriaModeInfo**](JumpcloudGoogleEmmCommonCriteriaModeInfo.md) | | [optional] +**device_settings** | [**JumpcloudGoogleEmmDeviceSettings**](JumpcloudGoogleEmmDeviceSettings.md) | | [optional] +**device_state** | **String** | | [optional] +**disabled_reason** | **String** | | [optional] +**last_policy_sync_time** | **String** | | [optional] +**last_status_report_time** | **String** | | [optional] +**policy_compliant** | **BOOLEAN** | | [optional] +**security_posture** | [**JumpcloudGoogleEmmSecurityPosture**](JumpcloudGoogleEmmSecurityPosture.md) | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmEMMEnrollmentInfo.md b/jcapiv2/docs/JumpcloudGoogleEmmEMMEnrollmentInfo.md new file mode 100644 index 0000000..c5ae8af --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmEMMEnrollmentInfo.md @@ -0,0 +1,13 @@ +# JCAPIv2::JumpcloudGoogleEmmEMMEnrollmentInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**applied_policy_name** | **String** | | [optional] +**applied_policy_version** | **Integer** | | [optional] +**enrollment_time** | **String** | | [optional] +**enrollment_type** | **String** | | [optional] +**management_mode** | **String** | | [optional] +**ownership** | **String** | | [optional] +**policy_name** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmEnterprise.md b/jcapiv2/docs/JumpcloudGoogleEmmEnterprise.md new file mode 100644 index 0000000..139caee --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmEnterprise.md @@ -0,0 +1,14 @@ +# JCAPIv2::JumpcloudGoogleEmmEnterprise + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**allow_device_enrollment** | **BOOLEAN** | | [optional] +**contact_email** | **String** | not logging because it contains PII non-sensitive information. | [optional] +**created_at** | **DateTime** | | [optional] +**device_group_id** | **String** | | [optional] +**display_name** | **String** | | [optional] +**name** | **String** | | [optional] +**object_id** | **String** | | [optional] +**organization_object_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmFeature.md b/jcapiv2/docs/JumpcloudGoogleEmmFeature.md new file mode 100644 index 0000000..d403147 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmFeature.md @@ -0,0 +1,6 @@ +# JCAPIv2::JumpcloudGoogleEmmFeature + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmHardwareInfo.md b/jcapiv2/docs/JumpcloudGoogleEmmHardwareInfo.md new file mode 100644 index 0000000..8a5a844 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmHardwareInfo.md @@ -0,0 +1,12 @@ +# JCAPIv2::JumpcloudGoogleEmmHardwareInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**brand** | **String** | | [optional] +**device_base_band_version** | **String** | | [optional] +**hardware** | **String** | | [optional] +**manufacturer** | **String** | | [optional] +**model** | **String** | | [optional] +**serial_number** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmListDevicesResponse.md b/jcapiv2/docs/JumpcloudGoogleEmmListDevicesResponse.md new file mode 100644 index 0000000..fb92cf3 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmListDevicesResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::JumpcloudGoogleEmmListDevicesResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**count** | **Integer** | | [optional] +**devices** | [**Array<JumpcloudGoogleEmmDeviceData>**](JumpcloudGoogleEmmDeviceData.md) | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmListEnterprisesResponse.md b/jcapiv2/docs/JumpcloudGoogleEmmListEnterprisesResponse.md new file mode 100644 index 0000000..bb2de56 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmListEnterprisesResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::JumpcloudGoogleEmmListEnterprisesResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**count** | **Integer** | | [optional] +**enterprises** | [**Array<JumpcloudGoogleEmmEnterprise>**](JumpcloudGoogleEmmEnterprise.md) | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmMemoryInfo.md b/jcapiv2/docs/JumpcloudGoogleEmmMemoryInfo.md new file mode 100644 index 0000000..e315647 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmMemoryInfo.md @@ -0,0 +1,8 @@ +# JCAPIv2::JumpcloudGoogleEmmMemoryInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**total_internal_storage** | **Integer** | | [optional] +**total_ram** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmNetworkInfo.md b/jcapiv2/docs/JumpcloudGoogleEmmNetworkInfo.md new file mode 100644 index 0000000..f749005 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmNetworkInfo.md @@ -0,0 +1,10 @@ +# JCAPIv2::JumpcloudGoogleEmmNetworkInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**imei** | **String** | Not logging as it contains sensitive information. | [optional] +**meid** | **String** | Not logging as it contains sensitive information. | [optional] +**telephony_info** | [**Array<JumpcloudGoogleEmmTelephonyInfo>**](JumpcloudGoogleEmmTelephonyInfo.md) | | [optional] +**wifi_mac_address** | **String** | Not logging as it contains sensitive information. | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmSecurityPosture.md b/jcapiv2/docs/JumpcloudGoogleEmmSecurityPosture.md new file mode 100644 index 0000000..415beaf --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmSecurityPosture.md @@ -0,0 +1,7 @@ +# JCAPIv2::JumpcloudGoogleEmmSecurityPosture + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**device_posture** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmSignupURL.md b/jcapiv2/docs/JumpcloudGoogleEmmSignupURL.md new file mode 100644 index 0000000..24399d6 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmSignupURL.md @@ -0,0 +1,8 @@ +# JCAPIv2::JumpcloudGoogleEmmSignupURL + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | | [optional] +**url** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmSoftwareInfo.md b/jcapiv2/docs/JumpcloudGoogleEmmSoftwareInfo.md new file mode 100644 index 0000000..de96c95 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmSoftwareInfo.md @@ -0,0 +1,16 @@ +# JCAPIv2::JumpcloudGoogleEmmSoftwareInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**android_build_number** | **String** | | [optional] +**android_build_time** | **String** | | [optional] +**android_device_policy_version_code** | **Integer** | | [optional] +**android_version** | **String** | | [optional] +**bootloader_version** | **String** | | [optional] +**device_build_signature** | **String** | | [optional] +**device_kernel_version** | **String** | | [optional] +**primary_language_code** | **String** | | [optional] +**security_patch_level** | **String** | | [optional] +**system_update_info** | [**JumpcloudGoogleEmmSystemUpdateInfo**](JumpcloudGoogleEmmSystemUpdateInfo.md) | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmSystemUpdateInfo.md b/jcapiv2/docs/JumpcloudGoogleEmmSystemUpdateInfo.md new file mode 100644 index 0000000..340b7f0 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmSystemUpdateInfo.md @@ -0,0 +1,8 @@ +# JCAPIv2::JumpcloudGoogleEmmSystemUpdateInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**update_received_time** | **String** | | [optional] +**update_status** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmTelephonyInfo.md b/jcapiv2/docs/JumpcloudGoogleEmmTelephonyInfo.md new file mode 100644 index 0000000..ecd8627 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmTelephonyInfo.md @@ -0,0 +1,8 @@ +# JCAPIv2::JumpcloudGoogleEmmTelephonyInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**carrier_name** | **String** | Not logging as it contains sensitive information. | [optional] +**phone_number** | **String** | Not logging as it contains sensitive information. | [optional] + diff --git a/jcapiv2/docs/JumpcloudGoogleEmmWebToken.md b/jcapiv2/docs/JumpcloudGoogleEmmWebToken.md new file mode 100644 index 0000000..6731af3 --- /dev/null +++ b/jcapiv2/docs/JumpcloudGoogleEmmWebToken.md @@ -0,0 +1,8 @@ +# JCAPIv2::JumpcloudGoogleEmmWebToken + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | | [optional] +**value** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudMspGetDetailsResponse.md b/jcapiv2/docs/JumpcloudMspGetDetailsResponse.md new file mode 100644 index 0000000..b87dc35 --- /dev/null +++ b/jcapiv2/docs/JumpcloudMspGetDetailsResponse.md @@ -0,0 +1,10 @@ +# JCAPIv2::JumpcloudMspGetDetailsResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**assigned_licenses** | **Integer** | | [optional] +**contract_type** | **String** | | [optional] +**has_contract** | **BOOLEAN** | | [optional] +**products** | [**Array<JumpcloudMspProduct>**](JumpcloudMspProduct.md) | | [optional] + diff --git a/jcapiv2/docs/JumpcloudMspProduct.md b/jcapiv2/docs/JumpcloudMspProduct.md new file mode 100644 index 0000000..55ed09c --- /dev/null +++ b/jcapiv2/docs/JumpcloudMspProduct.md @@ -0,0 +1,10 @@ +# JCAPIv2::JumpcloudMspProduct + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**capabilities** | **Array<String>** | | [optional] +**included_licenses** | **Integer** | | [optional] +**name** | **String** | | [optional] +**purchased_licenses** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudPackageValidatorApplePackageDetails.md b/jcapiv2/docs/JumpcloudPackageValidatorApplePackageDetails.md new file mode 100644 index 0000000..986f765 --- /dev/null +++ b/jcapiv2/docs/JumpcloudPackageValidatorApplePackageDetails.md @@ -0,0 +1,15 @@ +# JCAPIv2::JumpcloudPackageValidatorApplePackageDetails + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**asset_kind** | **String** | | [optional] +**asset_sha256_size** | **Integer** | | [optional] +**asset_sha256_strings** | **Array<String>** | | [optional] +**asset_url** | **String** | | [optional] +**bundle_identifier** | **String** | | [optional] +**bundle_version** | **String** | | [optional] +**package_kind** | **String** | | [optional] +**subtitle** | **String** | | [optional] +**title** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudPackageValidatorValidateApplicationInstallPackageRequest.md b/jcapiv2/docs/JumpcloudPackageValidatorValidateApplicationInstallPackageRequest.md new file mode 100644 index 0000000..a38cb09 --- /dev/null +++ b/jcapiv2/docs/JumpcloudPackageValidatorValidateApplicationInstallPackageRequest.md @@ -0,0 +1,7 @@ +# JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**url** | **String** | | [optional] + diff --git a/jcapiv2/docs/JumpcloudPackageValidatorValidateApplicationInstallPackageResponse.md b/jcapiv2/docs/JumpcloudPackageValidatorValidateApplicationInstallPackageResponse.md new file mode 100644 index 0000000..7a471a4 --- /dev/null +++ b/jcapiv2/docs/JumpcloudPackageValidatorValidateApplicationInstallPackageResponse.md @@ -0,0 +1,7 @@ +# JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**apple_package_details** | [**JumpcloudPackageValidatorApplePackageDetails**](JumpcloudPackageValidatorApplePackageDetails.md) | | [optional] + diff --git a/jcapiv2/docs/KnowledgeApi.md b/jcapiv2/docs/KnowledgeApi.md deleted file mode 100644 index de18efd..0000000 --- a/jcapiv2/docs/KnowledgeApi.md +++ /dev/null @@ -1,72 +0,0 @@ -# JCAPIv2::KnowledgeApi - -All URIs are relative to *https://console.jumpcloud.com/api/v2* - -Method | HTTP request | Description -------------- | ------------- | ------------- -[**knowledge_salesforce_list**](KnowledgeApi.md#knowledge_salesforce_list) | **GET** /knowledge/salesforce | List Knowledge Articles - - -# **knowledge_salesforce_list** -> SalesforceKnowledgeListOutput knowledge_salesforce_list(opts) - -List Knowledge Articles - -This endpoint returns a list of knowledge articles hosted in salesforce. ``` Sample Request curl -X GET https://console.jumpcloud.com/api/v2/knowledge/salesforce \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::KnowledgeApi.new - -opts = { - fields: ["fields_example"], # Array | - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. -} - -begin - #List Knowledge Articles - result = api_instance.knowledge_salesforce_list(opts) - p result -rescue JCAPIv2::ApiError => e - puts "Exception when calling KnowledgeApi->knowledge_salesforce_list: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **fields** | [**Array<String>**](String.md)| | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - -### Return type - -[**SalesforceKnowledgeListOutput**](SalesforceKnowledgeListOutput.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - diff --git a/jcapiv2/docs/LDAPServersApi.md b/jcapiv2/docs/LDAPServersApi.md index 78cb111..b1ae63f 100644 --- a/jcapiv2/docs/LDAPServersApi.md +++ b/jcapiv2/docs/LDAPServersApi.md @@ -12,9 +12,8 @@ Method | HTTP request | Description [**ldapservers_list**](LDAPServersApi.md#ldapservers_list) | **GET** /ldapservers | List LDAP Servers [**ldapservers_patch**](LDAPServersApi.md#ldapservers_patch) | **PATCH** /ldapservers/{id} | Update existing LDAP server - # **graph_ldap_server_associations_list** -> Array<GraphConnection> graph_ldap_server_associations_list(ldapserver_id, targets, content_type, accept, opts) +> Array<GraphConnection> graph_ldap_server_associations_list(ldapserver_id, targets, opts) List the associations of a LDAP Server @@ -33,24 +32,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::LDAPServersApi.new - -ldapserver_id = "ldapserver_id_example" # String | ObjectID of the LDAP Server. - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. +targets = ['targets_example'] # Array | Targets which a \"ldap_server\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a LDAP Server - result = api_instance.graph_ldap_server_associations_list(ldapserver_id, targets, content_type, accept, opts) + result = api_instance.graph_ldap_server_associations_list(ldapserver_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling LDAPServersApi->graph_ldap_server_associations_list: #{e}" @@ -62,12 +54,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| ObjectID of the LDAP Server. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"ldap_server\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -79,17 +69,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_ldap_server_associations_post** -> graph_ldap_server_associations_post(ldapserver_id, content_type, accept, opts) +> graph_ldap_server_associations_post(ldapserver_id, opts) Manage the associations of a LDAP Server -This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` ### Example ```ruby @@ -104,21 +94,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::LDAPServersApi.new - -ldapserver_id = "ldapserver_id_example" # String | ObjectID of the LDAP Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationLdapServer.new # GraphOperationLdapServer | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a LDAP Server - api_instance.graph_ldap_server_associations_post(ldapserver_id, content_type, accept, opts) + api_instance.graph_ldap_server_associations_post(ldapserver_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling LDAPServersApi->graph_ldap_server_associations_post: #{e}" end @@ -129,10 +113,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| ObjectID of the LDAP Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationLdapServer**](GraphOperationLdapServer.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -145,12 +127,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_ldap_server_traverse_user** -> Array<GraphObjectWithPaths> graph_ldap_server_traverse_user(ldapserver_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_ldap_server_traverse_user(ldapserver_id, opts) List the Users bound to a LDAP Server @@ -169,23 +151,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::LDAPServersApi.new - -ldapserver_id = "ldapserver_id_example" # String | ObjectID of the LDAP Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to a LDAP Server - result = api_instance.graph_ldap_server_traverse_user(ldapserver_id, content_type, accept, opts) + result = api_instance.graph_ldap_server_traverse_user(ldapserver_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling LDAPServersApi->graph_ldap_server_traverse_user: #{e}" @@ -197,12 +173,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| ObjectID of the LDAP Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -214,13 +188,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_ldap_server_traverse_user_group** -> Array<GraphObjectWithPaths> graph_ldap_server_traverse_user_group(ldapserver_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_ldap_server_traverse_user_group(ldapserver_id, opts) List the User Groups bound to a LDAP Server @@ -239,23 +213,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::LDAPServersApi.new - -ldapserver_id = "ldapserver_id_example" # String | ObjectID of the LDAP Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +ldapserver_id = 'ldapserver_id_example' # String | ObjectID of the LDAP Server. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to a LDAP Server - result = api_instance.graph_ldap_server_traverse_user_group(ldapserver_id, content_type, accept, opts) + result = api_instance.graph_ldap_server_traverse_user_group(ldapserver_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling LDAPServersApi->graph_ldap_server_traverse_user_group: #{e}" @@ -267,12 +235,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| ObjectID of the LDAP Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -284,13 +250,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **ldapservers_get** -> LdapServerOutput ldapservers_get(id, content_type, accept, opts) +> LdapServer ldapservers_get(id, opts) Get LDAP Server @@ -309,20 +275,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::LDAPServersApi.new - -id = "id_example" # String | Unique identifier of the LDAP server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | Unique identifier of the LDAP server. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Get LDAP Server - result = api_instance.ldapservers_get(id, content_type, accept, opts) + result = api_instance.ldapservers_get(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling LDAPServersApi->ldapservers_get: #{e}" @@ -334,13 +294,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| Unique identifier of the LDAP server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**LdapServerOutput**](LdapServerOutput.md) +[**LdapServer**](LdapServer.md) ### Authorization @@ -348,13 +306,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **ldapservers_list** -> Array<LdapServerOutput> ldapservers_list(content_type, accept, opts) +> Array<LdapServer> ldapservers_list(opts) List LDAP Servers @@ -373,23 +331,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::LDAPServersApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List LDAP Servers - result = api_instance.ldapservers_list(content_type, accept, opts) + result = api_instance.ldapservers_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling LDAPServersApi->ldapservers_list: #{e}" @@ -400,18 +353,16 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<LdapServerOutput>**](LdapServerOutput.md) +[**Array<LdapServer>**](LdapServer.md) ### Authorization @@ -419,13 +370,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **ldapservers_patch** -> InlineResponse200 ldapservers_patch(id, content_type, accept, opts) +> InlineResponse20011 ldapservers_patch(id, opts) Update existing LDAP server @@ -444,22 +395,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::LDAPServersApi.new - -id = "id_example" # String | Unique identifier of the LDAP server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | Unique identifier of the LDAP server. opts = { - body: JCAPIv2::Body3.new, # Body3 | - x_api_key: "x_api_key_example", # String | - x_org_id: "x_org_id_example" # String | + body: JCAPIv2::LdapserversIdBody.new # LdapserversIdBody | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Update existing LDAP server - result = api_instance.ldapservers_patch(id, content_type, accept, opts) + result = api_instance.ldapservers_patch(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling LDAPServersApi->ldapservers_patch: #{e}" @@ -471,15 +415,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| Unique identifier of the LDAP server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Body3**](Body3.md)| | [optional] - **x_api_key** | **String**| | [optional] - **x_org_id** | **String**| | [optional] + **body** | [**LdapserversIdBody**](LdapserversIdBody.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**InlineResponse200**](InlineResponse200.md) +[**InlineResponse20011**](InlineResponse20011.md) ### Authorization diff --git a/jcapiv2/docs/ProviderContact.md b/jcapiv2/docs/LdapGroup.md similarity index 68% rename from jcapiv2/docs/ProviderContact.md rename to jcapiv2/docs/LdapGroup.md index 3b12ae1..9bb001c 100644 --- a/jcapiv2/docs/ProviderContact.md +++ b/jcapiv2/docs/LdapGroup.md @@ -1,9 +1,7 @@ -# JCAPIv2::ProviderContact +# JCAPIv2::LdapGroup ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**email** | **String** | | [optional] **name** | **String** | | [optional] - diff --git a/jcapiv2/docs/LdapServerOutput.md b/jcapiv2/docs/LdapServer.md similarity index 58% rename from jcapiv2/docs/LdapServerOutput.md rename to jcapiv2/docs/LdapServer.md index af1630d..4cfc7b4 100644 --- a/jcapiv2/docs/LdapServerOutput.md +++ b/jcapiv2/docs/LdapServer.md @@ -1,11 +1,10 @@ -# JCAPIv2::LdapServerOutput +# JCAPIv2::LdapServer ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**id** | **String** | Unique identifier of this LDAP server | [optional] **name** | **String** | The name of this LDAP server | [optional] -**user_lockout_action** | **String** | action to take; one of 'remove' or 'disable' | [optional] -**user_password_expiration_action** | **String** | action to take; one of 'remove' or 'disable' | [optional] -**id** | **String** | Unique identifier of this LDAP server | - +**user_lockout_action** | **String** | action to take; one of 'remove' or 'disable' | [optional] +**user_password_expiration_action** | **String** | action to take; one of 'remove' or 'disable' | [optional] diff --git a/jcapiv2/docs/LdapServerAction.md b/jcapiv2/docs/LdapServerAction.md index 864ef6c..874b0c3 100644 --- a/jcapiv2/docs/LdapServerAction.md +++ b/jcapiv2/docs/LdapServerAction.md @@ -4,4 +4,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- - diff --git a/jcapiv2/docs/LdapServerInput.md b/jcapiv2/docs/LdapServerInput.md deleted file mode 100644 index b459611..0000000 --- a/jcapiv2/docs/LdapServerInput.md +++ /dev/null @@ -1,10 +0,0 @@ -# JCAPIv2::LdapServerInput - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**name** | **String** | The name of this LDAP server | [optional] -**user_lockout_action** | **String** | action to take; one of 'remove' or 'disable' | [optional] -**user_password_expiration_action** | **String** | action to take; one of 'remove' or 'disable' | [optional] - - diff --git a/jcapiv2/docs/Body3.md b/jcapiv2/docs/LdapserversIdBody.md similarity index 92% rename from jcapiv2/docs/Body3.md rename to jcapiv2/docs/LdapserversIdBody.md index dcee172..40fcbc2 100644 --- a/jcapiv2/docs/Body3.md +++ b/jcapiv2/docs/LdapserversIdBody.md @@ -1,4 +1,4 @@ -# JCAPIv2::Body3 +# JCAPIv2::LdapserversIdBody ## Properties Name | Type | Description | Notes @@ -7,4 +7,3 @@ Name | Type | Description | Notes **user_lockout_action** | [**LdapServerAction**](LdapServerAction.md) | | [optional] **user_password_expiration_action** | [**LdapServerAction**](LdapServerAction.md) | | [optional] - diff --git a/jcapiv2/docs/LogosApi.md b/jcapiv2/docs/LogosApi.md new file mode 100644 index 0000000..7d41283 --- /dev/null +++ b/jcapiv2/docs/LogosApi.md @@ -0,0 +1,54 @@ +# JCAPIv2::LogosApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**logos_get**](LogosApi.md#logos_get) | **GET** /logos/{id} | Get the logo associated with the specified id + +# **logos_get** +> String logos_get(id) + +Get the logo associated with the specified id + +Return the logo image associated with the specified id + +### Example +```ruby +# load the gem +require 'jcapiv2' + +api_instance = JCAPIv2::LogosApi.new +id = 'id_example' # String | + + +begin + #Get the logo associated with the specified id + result = api_instance.logos_get(id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling LogosApi->logos_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + +### Return type + +**String** + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: image/gif, image/jpeg, image/png + + + diff --git a/jcapiv2/docs/ManagedServiceProviderApi.md b/jcapiv2/docs/ManagedServiceProviderApi.md new file mode 100644 index 0000000..d7eb4c4 --- /dev/null +++ b/jcapiv2/docs/ManagedServiceProviderApi.md @@ -0,0 +1,1141 @@ +# JCAPIv2::ManagedServiceProviderApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**administrator_organizations_create_by_administrator**](ManagedServiceProviderApi.md#administrator_organizations_create_by_administrator) | **POST** /administrators/{id}/organizationlinks | Allow Adminstrator access to an Organization. +[**administrator_organizations_list_by_administrator**](ManagedServiceProviderApi.md#administrator_organizations_list_by_administrator) | **GET** /administrators/{id}/organizationlinks | List the association links between an Administrator and Organizations. +[**administrator_organizations_list_by_organization**](ManagedServiceProviderApi.md#administrator_organizations_list_by_organization) | **GET** /organizations/{id}/administratorlinks | List the association links between an Organization and Administrators. +[**administrator_organizations_remove_by_administrator**](ManagedServiceProviderApi.md#administrator_organizations_remove_by_administrator) | **DELETE** /administrators/{administrator_id}/organizationlinks/{id} | Remove association between an Administrator and an Organization. +[**policy_group_templates_delete**](ManagedServiceProviderApi.md#policy_group_templates_delete) | **DELETE** /providers/{provider_id}/policygrouptemplates/{id} | Deletes policy group template. +[**policy_group_templates_get**](ManagedServiceProviderApi.md#policy_group_templates_get) | **GET** /providers/{provider_id}/policygrouptemplates/{id} | Gets a provider's policy group template. +[**policy_group_templates_get_configured_policy_template**](ManagedServiceProviderApi.md#policy_group_templates_get_configured_policy_template) | **GET** /providers/{provider_id}/configuredpolicytemplates/{id} | Retrieve a configured policy template by id. +[**policy_group_templates_list**](ManagedServiceProviderApi.md#policy_group_templates_list) | **GET** /providers/{provider_id}/policygrouptemplates | List a provider's policy group templates. +[**policy_group_templates_list_configured_policy_templates**](ManagedServiceProviderApi.md#policy_group_templates_list_configured_policy_templates) | **GET** /providers/{provider_id}/configuredpolicytemplates | List a provider's configured policy templates. +[**policy_group_templates_list_members**](ManagedServiceProviderApi.md#policy_group_templates_list_members) | **GET** /providers/{provider_id}/policygrouptemplates/{id}/members | Gets the list of members from a policy group template. +[**provider_organizations_create_org**](ManagedServiceProviderApi.md#provider_organizations_create_org) | **POST** /providers/{provider_id}/organizations | Create Provider Organization +[**provider_organizations_update_org**](ManagedServiceProviderApi.md#provider_organizations_update_org) | **PUT** /providers/{provider_id}/organizations/{id} | Update Provider Organization +[**providers_get_provider**](ManagedServiceProviderApi.md#providers_get_provider) | **GET** /providers/{provider_id} | Retrieve Provider +[**providers_list_administrators**](ManagedServiceProviderApi.md#providers_list_administrators) | **GET** /providers/{provider_id}/administrators | List Provider Administrators +[**providers_list_organizations**](ManagedServiceProviderApi.md#providers_list_organizations) | **GET** /providers/{provider_id}/organizations | List Provider Organizations +[**providers_post_admins**](ManagedServiceProviderApi.md#providers_post_admins) | **POST** /providers/{provider_id}/administrators | Create a new Provider Administrator +[**providers_provider_list_case**](ManagedServiceProviderApi.md#providers_provider_list_case) | **GET** /providers/{provider_id}/cases | Get all cases (Support/Feature requests) for provider +[**providers_retrieve_invoice**](ManagedServiceProviderApi.md#providers_retrieve_invoice) | **GET** /providers/{provider_id}/invoices/{ID} | Download a provider's invoice. +[**providers_retrieve_invoices**](ManagedServiceProviderApi.md#providers_retrieve_invoices) | **GET** /providers/{provider_id}/invoices | List a provider's invoices. + +# **administrator_organizations_create_by_administrator** +> AdministratorOrganizationLink administrator_organizations_create_by_administrator(id, opts) + +Allow Adminstrator access to an Organization. + +This endpoint allows you to grant Administrator access to an Organization. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::AdministratorOrganizationLinkReq.new # AdministratorOrganizationLinkReq | +} + +begin + #Allow Adminstrator access to an Organization. + result = api_instance.administrator_organizations_create_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->administrator_organizations_create_by_administrator: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**AdministratorOrganizationLinkReq**](AdministratorOrganizationLinkReq.md)| | [optional] + +### Return type + +[**AdministratorOrganizationLink**](AdministratorOrganizationLink.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **administrator_organizations_list_by_administrator** +> Array<AdministratorOrganizationLink> administrator_organizations_list_by_administrator(id, opts) + +List the association links between an Administrator and Organizations. + +This endpoint returns the association links between an Administrator and Organizations. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Administrator and Organizations. + result = api_instance.administrator_organizations_list_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->administrator_organizations_list_by_administrator: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**Array<AdministratorOrganizationLink>**](AdministratorOrganizationLink.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **administrator_organizations_list_by_organization** +> Array<AdministratorOrganizationLink> administrator_organizations_list_by_organization(id, opts) + +List the association links between an Organization and Administrators. + +This endpoint returns the association links between an Organization and Administrators. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Organization and Administrators. + result = api_instance.administrator_organizations_list_by_organization(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->administrator_organizations_list_by_organization: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**Array<AdministratorOrganizationLink>**](AdministratorOrganizationLink.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **administrator_organizations_remove_by_administrator** +> administrator_organizations_remove_by_administrator(administrator_id, id) + +Remove association between an Administrator and an Organization. + +This endpoint removes the association link between an Administrator and an Organization. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +administrator_id = 'administrator_id_example' # String | +id = 'id_example' # String | + + +begin + #Remove association between an Administrator and an Organization. + api_instance.administrator_organizations_remove_by_administrator(administrator_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->administrator_organizations_remove_by_administrator: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **administrator_id** | **String**| | + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_delete** +> policy_group_templates_delete(provider_id, id) + +Deletes policy group template. + +Deletes a Policy Group Template. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Deletes policy group template. + api_instance.policy_group_templates_delete(provider_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_get** +> PolicyGroupTemplate policy_group_templates_get(provider_id, id) + +Gets a provider's policy group template. + +Retrieves a Policy Group Template for this provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Gets a provider's policy group template. + result = api_instance.policy_group_templates_get(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +[**PolicyGroupTemplate**](PolicyGroupTemplate.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_get_configured_policy_template** +> ConfiguredPolicyTemplate policy_group_templates_get_configured_policy_template(provider_id, id) + +Retrieve a configured policy template by id. + +Retrieves a Configured Policy Templates for this provider and Id. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Retrieve a configured policy template by id. + result = api_instance.policy_group_templates_get_configured_policy_template(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_get_configured_policy_template: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +[**ConfiguredPolicyTemplate**](ConfiguredPolicyTemplate.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_list** +> PolicyGroupTemplates policy_group_templates_list(provider_id, opts) + +List a provider's policy group templates. + +Retrieves a list of Policy Group Templates for this provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's policy group templates. + result = api_instance.policy_group_templates_list(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**PolicyGroupTemplates**](PolicyGroupTemplates.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_list_configured_policy_templates** +> InlineResponse20014 policy_group_templates_list_configured_policy_templates(provider_id, opts) + +List a provider's configured policy templates. + +Retrieves a list of Configured Policy Templates for this provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's configured policy templates. + result = api_instance.policy_group_templates_list_configured_policy_templates(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_list_configured_policy_templates: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**InlineResponse20014**](InlineResponse20014.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_list_members** +> PolicyGroupTemplateMembers policy_group_templates_list_members(provider_id, id, opts) + +Gets the list of members from a policy group template. + +Retrieves a Policy Group Template's Members. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Gets the list of members from a policy group template. + result = api_instance.policy_group_templates_list_members(provider_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->policy_group_templates_list_members: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**PolicyGroupTemplateMembers**](PolicyGroupTemplateMembers.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **provider_organizations_create_org** +> Organization provider_organizations_create_org(provider_id, opts) + +Create Provider Organization + +This endpoint creates a new organization under the provider + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::CreateOrganization.new # CreateOrganization | +} + +begin + #Create Provider Organization + result = api_instance.provider_organizations_create_org(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->provider_organizations_create_org: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **body** | [**CreateOrganization**](CreateOrganization.md)| | [optional] + +### Return type + +[**Organization**](Organization.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **provider_organizations_update_org** +> Organization provider_organizations_update_org(provider_idid, opts) + +Update Provider Organization + +This endpoint updates a provider's organization + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | +opts = { + body: JCAPIv2::Organization.new # Organization | +} + +begin + #Update Provider Organization + result = api_instance.provider_organizations_update_org(provider_idid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->provider_organizations_update_org: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + **body** | [**Organization**](Organization.md)| | [optional] + +### Return type + +[**Organization**](Organization.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **providers_get_provider** +> Provider providers_get_provider(provider_id, opts) + +Retrieve Provider + +This endpoint returns details about a provider + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'] # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. +} + +begin + #Retrieve Provider + result = api_instance.providers_get_provider(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_get_provider: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + +### Return type + +[**Provider**](Provider.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **providers_list_administrators** +> InlineResponse20013 providers_list_administrators(provider_id, opts) + +List Provider Administrators + +This endpoint returns a list of the Administrators associated with the Provider. You must be associated with the provider to use this route. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort_ignore_case: ['sort_ignore_case_example'] # Array | The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List Provider Administrators + result = api_instance.providers_list_administrators(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_list_administrators: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **sort_ignore_case** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse20013**](InlineResponse20013.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **providers_list_organizations** +> InlineResponse20015 providers_list_organizations(provider_id, opts) + +List Provider Organizations + +This endpoint returns a list of the Organizations associated with the Provider. You must be associated with the provider to use this route. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort_ignore_case: ['sort_ignore_case_example'] # Array | The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List Provider Organizations + result = api_instance.providers_list_organizations(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_list_organizations: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **sort_ignore_case** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse20015**](InlineResponse20015.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **providers_post_admins** +> Administrator providers_post_admins(provider_id, opts) + +Create a new Provider Administrator + +This endpoint allows you to create a provider administrator. You must be associated with the provider to use this route. You must provide either `role` or `roleName`. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::ProviderAdminReq.new # ProviderAdminReq | +} + +begin + #Create a new Provider Administrator + result = api_instance.providers_post_admins(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_post_admins: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **body** | [**ProviderAdminReq**](ProviderAdminReq.md)| | [optional] + +### Return type + +[**Administrator**](Administrator.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **providers_provider_list_case** +> CasesResponse providers_provider_list_case(provider_id, opts) + +Get all cases (Support/Feature requests) for provider + +This endpoint returns the cases (Support/Feature requests) for the provider + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Get all cases (Support/Feature requests) for provider + result = api_instance.providers_provider_list_case(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_provider_list_case: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**CasesResponse**](CasesResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **providers_retrieve_invoice** +> String providers_retrieve_invoice(provider_id, id) + +Download a provider's invoice. + +Retrieves an invoice for this provider. You must be associated to the provider to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Download a provider's invoice. + result = api_instance.providers_retrieve_invoice(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_retrieve_invoice: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +**String** + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/pdf + + + +# **providers_retrieve_invoices** +> ProviderInvoiceResponse providers_retrieve_invoices(provider_id, opts) + +List a provider's invoices. + +Retrieves a list of invoices for this provider. You must be associated to the provider to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ManagedServiceProviderApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10 # Integer | The number of records to return at once. Limited to 100. +} + +begin + #List a provider's invoices. + result = api_instance.providers_retrieve_invoices(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ManagedServiceProviderApi->providers_retrieve_invoices: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + +### Return type + +[**ProviderInvoiceResponse**](ProviderInvoiceResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/MemberSuggestion.md b/jcapiv2/docs/MemberSuggestion.md new file mode 100644 index 0000000..af1e99e --- /dev/null +++ b/jcapiv2/docs/MemberSuggestion.md @@ -0,0 +1,8 @@ +# JCAPIv2::MemberSuggestion + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**object** | [**GraphObject**](GraphObject.md) | | [optional] +**op** | **String** | How to modify group membership. | [optional] + diff --git a/jcapiv2/docs/MemberSuggestionsPostResult.md b/jcapiv2/docs/MemberSuggestionsPostResult.md new file mode 100644 index 0000000..3041645 --- /dev/null +++ b/jcapiv2/docs/MemberSuggestionsPostResult.md @@ -0,0 +1,8 @@ +# JCAPIv2::MemberSuggestionsPostResult + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**suggestions_found** | **Array<String>** | | [optional] +**suggestions_not_found** | **Array<String>** | | [optional] + diff --git a/jcapiv2/docs/Mobileconfig.md b/jcapiv2/docs/Mobileconfig.md index 75b4b1c..8919bc1 100644 --- a/jcapiv2/docs/Mobileconfig.md +++ b/jcapiv2/docs/Mobileconfig.md @@ -4,4 +4,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- - diff --git a/jcapiv2/docs/ModelCase.md b/jcapiv2/docs/ModelCase.md new file mode 100644 index 0000000..f1f9910 --- /dev/null +++ b/jcapiv2/docs/ModelCase.md @@ -0,0 +1,15 @@ +# JCAPIv2::ModelCase + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**case_number** | **String** | | [optional] +**date** | **String** | | [optional] +**description** | **String** | | [optional] +**label** | **String** | | [optional] +**organization** | **String** | | [optional] +**reporter** | **String** | | [optional] +**reporter_email** | **String** | | [optional] +**status** | **String** | | [optional] +**subject** | **String** | | [optional] + diff --git a/jcapiv2/docs/O365Domain.md b/jcapiv2/docs/O365Domain.md new file mode 100644 index 0000000..454f408 --- /dev/null +++ b/jcapiv2/docs/O365Domain.md @@ -0,0 +1,10 @@ +# JCAPIv2::O365Domain + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**default** | **BOOLEAN** | | [optional] +**domain** | **String** | | [optional] +**object_id** | **String** | | [optional] +**resource_object_id** | **String** | ObjectID of the Office 365 suite. | [optional] + diff --git a/jcapiv2/docs/O365DomainResponse.md b/jcapiv2/docs/O365DomainResponse.md new file mode 100644 index 0000000..cf3264a --- /dev/null +++ b/jcapiv2/docs/O365DomainResponse.md @@ -0,0 +1,7 @@ +# JCAPIv2::O365DomainResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**domain** | [**O365Domain**](O365Domain.md) | | [optional] + diff --git a/jcapiv2/docs/O365DomainsListResponse.md b/jcapiv2/docs/O365DomainsListResponse.md new file mode 100644 index 0000000..7f758c2 --- /dev/null +++ b/jcapiv2/docs/O365DomainsListResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::O365DomainsListResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**domains** | [**Array<O365Domain>**](O365Domain.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/OSRestriction.md b/jcapiv2/docs/OSRestriction.md new file mode 100644 index 0000000..a82509a --- /dev/null +++ b/jcapiv2/docs/OSRestriction.md @@ -0,0 +1,11 @@ +# JCAPIv2::OSRestriction + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**apple_restrictions** | [**OSRestrictionAppleRestrictions**](OSRestrictionAppleRestrictions.md) | | [optional] +**deprecated_version** | **String** | The version of the OS in which the policy was deprecated | [optional] +**earliest_version** | **String** | The earliest version of the OS in which the policy can be applied | [optional] +**os_name** | **String** | The name of the OS in which this restriction applies | [optional] +**supported_enrollment_types** | **Array<String>** | This field is deprecated and will be ignored. Use appleRestrictions.supportedEnrollmentTypes instead | [optional] + diff --git a/jcapiv2/docs/OSRestrictionAppleRestrictions.md b/jcapiv2/docs/OSRestrictionAppleRestrictions.md new file mode 100644 index 0000000..31aa879 --- /dev/null +++ b/jcapiv2/docs/OSRestrictionAppleRestrictions.md @@ -0,0 +1,8 @@ +# JCAPIv2::OSRestrictionAppleRestrictions + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**requires_supervision** | **BOOLEAN** | Boolean representing if the policy requires the Apple devices to be MDM supervised | [optional] +**supported_enrollment_types** | **Array<String>** | The supported Apple enrollment types for this policy | [optional] + diff --git a/jcapiv2/docs/ObjectStorageItem.md b/jcapiv2/docs/ObjectStorageItem.md new file mode 100644 index 0000000..079deca --- /dev/null +++ b/jcapiv2/docs/ObjectStorageItem.md @@ -0,0 +1,8 @@ +# JCAPIv2::ObjectStorageItem + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**object_id** | **String** | | [optional] +**versions** | [**Array<ObjectStorageVersion>**](ObjectStorageVersion.md) | | [optional] + diff --git a/jcapiv2/docs/ObjectStorageVersion.md b/jcapiv2/docs/ObjectStorageVersion.md new file mode 100644 index 0000000..3beb7bc --- /dev/null +++ b/jcapiv2/docs/ObjectStorageVersion.md @@ -0,0 +1,13 @@ +# JCAPIv2::ObjectStorageVersion + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**metadata** | **Object** | | [optional] +**name** | **String** | | [optional] +**rejected_reason** | **String** | | [optional] +**sha256sum** | **String** | | [optional] +**size** | **Integer** | | [optional] +**status** | **String** | | [optional] +**version** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/GsuitePatchInput.md b/jcapiv2/docs/Office365.md similarity index 50% rename from jcapiv2/docs/GsuitePatchInput.md rename to jcapiv2/docs/Office365.md index adc47f8..d3acfd2 100644 --- a/jcapiv2/docs/GsuitePatchInput.md +++ b/jcapiv2/docs/Office365.md @@ -1,9 +1,12 @@ -# JCAPIv2::GsuitePatchInput +# JCAPIv2::Office365 ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**default_domain** | [**DefaultDomain**](DefaultDomain.md) | | [optional] +**groups_enabled** | **BOOLEAN** | | [optional] +**id** | **String** | | [optional] +**name** | **String** | | [optional] **user_lockout_action** | **String** | | [optional] **user_password_expiration_action** | **String** | | [optional] - diff --git a/jcapiv2/docs/Office365Api.md b/jcapiv2/docs/Office365Api.md index 1eeae32..4f3e86c 100644 --- a/jcapiv2/docs/Office365Api.md +++ b/jcapiv2/docs/Office365Api.md @@ -4,22 +4,82 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- +[**domains_delete**](Office365Api.md#domains_delete) | **DELETE** /office365s/{office365_id}/domains/{domain_id} | Delete a domain from an Office 365 instance +[**domains_insert**](Office365Api.md#domains_insert) | **POST** /office365s/{office365_id}/domains | Add a domain to an Office 365 instance +[**domains_list**](Office365Api.md#domains_list) | **GET** /office365s/{office365_id}/domains | List all domains configured for an Office 365 instance [**graph_office365_associations_list**](Office365Api.md#graph_office365_associations_list) | **GET** /office365s/{office365_id}/associations | List the associations of an Office 365 instance [**graph_office365_associations_post**](Office365Api.md#graph_office365_associations_post) | **POST** /office365s/{office365_id}/associations | Manage the associations of an Office 365 instance [**graph_office365_traverse_user**](Office365Api.md#graph_office365_traverse_user) | **GET** /office365s/{office365_id}/users | List the Users bound to an Office 365 instance [**graph_office365_traverse_user_group**](Office365Api.md#graph_office365_traverse_user_group) | **GET** /office365s/{office365_id}/usergroups | List the User Groups bound to an Office 365 instance +[**office365s_get**](Office365Api.md#office365s_get) | **GET** /office365s/{office365_id} | Get Office 365 instance +[**office365s_list_import_users**](Office365Api.md#office365s_list_import_users) | **GET** /office365s/{office365_id}/import/users | Get a list of users to import from an Office 365 instance +[**office365s_patch**](Office365Api.md#office365s_patch) | **PATCH** /office365s/{office365_id} | Update existing Office 365 instance. [**translation_rules_office365_delete**](Office365Api.md#translation_rules_office365_delete) | **DELETE** /office365s/{office365_id}/translationrules/{id} | Deletes a Office 365 translation rule [**translation_rules_office365_get**](Office365Api.md#translation_rules_office365_get) | **GET** /office365s/{office365_id}/translationrules/{id} | Gets a specific Office 365 translation rule [**translation_rules_office365_list**](Office365Api.md#translation_rules_office365_list) | **GET** /office365s/{office365_id}/translationrules | List all the Office 365 Translation Rules [**translation_rules_office365_post**](Office365Api.md#translation_rules_office365_post) | **POST** /office365s/{office365_id}/translationrules | Create a new Office 365 Translation Rule +# **domains_delete** +> O365DomainResponse domains_delete(office365_id, domain_id) -# **graph_office365_associations_list** -> Array<GraphConnection> graph_office365_associations_list(office365_id, targets, content_type, accept, opts) +Delete a domain from an Office 365 instance -List the associations of an Office 365 instance +Delete a domain from a specific M365/Azure AD directory sync integration instance. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains/{DOMAIN_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'B' # String | Id for the specific M365/Azure AD directory sync integration instance. +domain_id = 'B' # String | ObjectID of the domain to be deleted. + + +begin + #Delete a domain from an Office 365 instance + result = api_instance.domains_delete(office365_id, domain_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->domains_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **office365_id** | **String**| Id for the specific M365/Azure AD directory sync integration instance. | + **domain_id** | **String**| ObjectID of the domain to be deleted. | + +### Return type + +[**O365DomainResponse**](O365DomainResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers -This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **domains_insert** +> O365DomainResponse domains_insert(bodyoffice365_id) + +Add a domain to an Office 365 instance + +Add a domain to a specific M365/Azure AD directory sync integration instance. The domain must be a verified domain in M365/Azure AD. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"domain\": \"{domain name}\"}' ``` ### Example ```ruby @@ -34,24 +94,130 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::Office365Api.new +body = JCAPIv2::Office365IdDomainsBody.new # Office365IdDomainsBody | +office365_id = 'B' # String | Id for the specific M365/Azure AD directory sync integration instance. -office365_id = "office365_id_example" # String | ObjectID of the Office 365 instance. -targets = ["targets_example"] # Array | +begin + #Add a domain to an Office 365 instance + result = api_instance.domains_insert(bodyoffice365_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->domains_insert: #{e}" +end +``` + +### Parameters -content_type = "application/json" # String | +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**Office365IdDomainsBody**](Office365IdDomainsBody.md)| | + **office365_id** | **String**| Id for the specific M365/Azure AD directory sync integration instance. | -accept = "application/json" # String | +### Return type + +[**O365DomainResponse**](O365DomainResponse.md) + +### Authorization +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **domains_list** +> O365DomainsListResponse domains_list(office365_id, opts) + +List all domains configured for an Office 365 instance + +List the domains configured for a specific M365/Azure AD directory sync integration instance. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'B' # String | Id for the specific M365/Azure AD directory sync integration instance. +opts = { + limit: '100', # String | The number of records to return at once. Limited to 100. + skip: '0' # String | The offset into the records to return. +} + +begin + #List all domains configured for an Office 365 instance + result = api_instance.domains_list(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->domains_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **office365_id** | **String**| Id for the specific M365/Azure AD directory sync integration instance. | + **limit** | **String**| The number of records to return at once. Limited to 100. | [optional] [default to 100] + **skip** | **String**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**O365DomainsListResponse**](O365DomainsListResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_office365_associations_list** +> Array<GraphConnection> graph_office365_associations_list(office365_id, targets, opts) + +List the associations of an Office 365 instance + +This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations?targets=user_group' \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. +targets = ['targets_example'] # Array | Targets which a \"office_365\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of an Office 365 instance - result = api_instance.graph_office365_associations_list(office365_id, targets, content_type, accept, opts) + result = api_instance.graph_office365_associations_list(office365_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling Office365Api->graph_office365_associations_list: #{e}" @@ -63,12 +229,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| ObjectID of the Office 365 instance. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"office_365\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -80,17 +244,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_office365_associations_post** -> graph_office365_associations_post(office365_id, content_type, accept, opts) +> graph_office365_associations_post(office365_id, opts) Manage the associations of an Office 365 instance -This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` ### Example ```ruby @@ -105,21 +269,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::Office365Api.new - -office365_id = "office365_id_example" # String | ObjectID of the Office 365 instance. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationOffice365.new # GraphOperationOffice365 | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of an Office 365 instance - api_instance.graph_office365_associations_post(office365_id, content_type, accept, opts) + api_instance.graph_office365_associations_post(office365_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling Office365Api->graph_office365_associations_post: #{e}" end @@ -130,10 +288,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| ObjectID of the Office 365 instance. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationOffice365**](GraphOperationOffice365.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -146,16 +302,16 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_office365_traverse_user** -> Array<GraphObjectWithPaths> graph_office365_traverse_user(office365_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_office365_traverse_user(office365_id, opts) List the Users bound to an Office 365 instance -This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -170,23 +326,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::Office365Api.new - -office365_id = "office365_id_example" # String | ObjectID of the Office 365 suite. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 suite. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to an Office 365 instance - result = api_instance.graph_office365_traverse_user(office365_id, content_type, accept, opts) + result = api_instance.graph_office365_traverse_user(office365_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling Office365Api->graph_office365_traverse_user: #{e}" @@ -198,12 +348,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| ObjectID of the Office 365 suite. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -215,17 +363,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_office365_traverse_user_group** -> Array<GraphObjectWithPaths> graph_office365_traverse_user_group(office365_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_office365_traverse_user_group(office365_id, opts) List the User Groups bound to an Office 365 instance -This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -240,23 +388,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::Office365Api.new - -office365_id = "office365_id_example" # String | ObjectID of the Office 365 suite. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 suite. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to an Office 365 instance - result = api_instance.graph_office365_traverse_user_group(office365_id, content_type, accept, opts) + result = api_instance.graph_office365_traverse_user_group(office365_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling Office365Api->graph_office365_traverse_user_group: #{e}" @@ -268,12 +410,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| ObjectID of the Office 365 suite. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -285,17 +425,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **translation_rules_office365_delete** -> translation_rules_office365_delete(office365_id, id, content_type, accept) +# **office365s_get** +> Office365 office365s_get(office365_id, opts) -Deletes a Office 365 translation rule +Get Office 365 instance -This endpoint allows you to delete a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns a specific Office 365 instance. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -310,19 +450,195 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} -office365_id = "office365_id_example" # String | +begin + #Get Office 365 instance + result = api_instance.office365s_get(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->office365s_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **office365_id** | **String**| ObjectID of the Office 365 instance. | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Office365**](Office365.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **office365s_list_import_users** +> InlineResponse20012 office365s_list_import_users(office365_id, opts) + +Get a list of users to import from an Office 365 instance + +Lists Office 365 users available for import. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | +opts = { + consistency_level: 'consistency_level_example', # String | Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers + top: 56, # Integer | Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. + skip_token: 'skip_token_example', # String | Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. + filter: 'filter_example', # String | Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + search: 'search_example', # String | Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + orderby: 'orderby_example', # String | Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + count: true # BOOLEAN | Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. +} + +begin + #Get a list of users to import from an Office 365 instance + result = api_instance.office365s_list_import_users(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->office365s_list_import_users: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **office365_id** | **String**| | + **consistency_level** | **String**| Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers | [optional] + **top** | **Integer**| Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. | [optional] + **skip_token** | **String**| Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. | [optional] + **filter** | **String**| Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. | [optional] + **search** | **String**| Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. | [optional] + **orderby** | **String**| Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. | [optional] + **count** | **BOOLEAN**| Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. | [optional] + +### Return type + +[**InlineResponse20012**](InlineResponse20012.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **office365s_patch** +> Office365 office365s_patch(office365_id, opts) + +Update existing Office 365 instance. + +This endpoint allows updating some attributes of an Office 365 instance. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"maintain\", \"userPasswordExpirationAction\": \"suspend\", }' ``` Sample Request, set a default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": { \"id\": \"{domainObjectID}\" } }' ``` Sample Request, unset the default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": {} }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end -id = "id_example" # String | +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | ObjectID of the Office 365 instance. +opts = { + body: JCAPIv2::Office365.new # Office365 | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} -content_type = "application/json" # String | +begin + #Update existing Office 365 instance. + result = api_instance.office365s_patch(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365Api->office365s_patch: #{e}" +end +``` -accept = "application/json" # String | +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **office365_id** | **String**| ObjectID of the Office 365 instance. | + **body** | [**Office365**](Office365.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Office365**](Office365.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **translation_rules_office365_delete** +> translation_rules_office365_delete(office365_id, id) + +Deletes a Office 365 translation rule + +This endpoint allows you to delete a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365Api.new +office365_id = 'office365_id_example' # String | +id = 'id_example' # String | begin #Deletes a Office 365 translation rule - api_instance.translation_rules_office365_delete(office365_id, id, content_type, accept) + api_instance.translation_rules_office365_delete(office365_id, id) rescue JCAPIv2::ApiError => e puts "Exception when calling Office365Api->translation_rules_office365_delete: #{e}" end @@ -334,8 +650,6 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| | **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] ### Return type @@ -347,13 +661,13 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json - - **Accept**: application/json + - **Content-Type**: Not defined + - **Accept**: Not defined # **translation_rules_office365_get** -> Office365TranslationRule translation_rules_office365_get(office365_id, id, content_type, accept) +> Office365TranslationRule translation_rules_office365_get(office365_id, id) Gets a specific Office 365 translation rule @@ -372,19 +686,13 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::Office365Api.new - -office365_id = "office365_id_example" # String | - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | +office365_id = 'office365_id_example' # String | +id = 'id_example' # String | begin #Gets a specific Office 365 translation rule - result = api_instance.translation_rules_office365_get(office365_id, id, content_type, accept) + result = api_instance.translation_rules_office365_get(office365_id, id) p result rescue JCAPIv2::ApiError => e puts "Exception when calling Office365Api->translation_rules_office365_get: #{e}" @@ -397,8 +705,6 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| | **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] ### Return type @@ -410,13 +716,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **translation_rules_office365_list** -> Array<Office365TranslationRule> translation_rules_office365_list(office365_id, content_type, accept, opts) +> Array<Office365TranslationRule> translation_rules_office365_list(office365_id, opts) List all the Office 365 Translation Rules @@ -435,24 +741,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::Office365Api.new - -office365_id = "office365_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +office365_id = 'office365_id_example' # String | opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. } begin #List all the Office 365 Translation Rules - result = api_instance.translation_rules_office365_list(office365_id, content_type, accept, opts) + result = api_instance.translation_rules_office365_list(office365_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling Office365Api->translation_rules_office365_list: #{e}" @@ -464,10 +764,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] @@ -482,17 +780,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **translation_rules_office365_post** -> Office365TranslationRule translation_rules_office365_post(office365_id, content_type, accept, opts) +> Office365TranslationRule translation_rules_office365_post(office365_id, opts) Create a new Office 365 Translation Rule -This endpoint allows you to create a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` +This endpoint allows you to create a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` ### Example ```ruby @@ -507,20 +805,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::Office365Api.new - -office365_id = "office365_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +office365_id = 'office365_id_example' # String | opts = { body: JCAPIv2::Office365TranslationRuleRequest.new # Office365TranslationRuleRequest | } begin #Create a new Office 365 Translation Rule - result = api_instance.translation_rules_office365_post(office365_id, content_type, accept, opts) + result = api_instance.translation_rules_office365_post(office365_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling Office365Api->translation_rules_office365_post: #{e}" @@ -532,8 +824,6 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **office365_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Office365TranslationRuleRequest**](Office365TranslationRuleRequest.md)| | [optional] ### Return type diff --git a/jcapiv2/docs/Office365BuiltinTranslation.md b/jcapiv2/docs/Office365BuiltinTranslation.md index ad58824..046f737 100644 --- a/jcapiv2/docs/Office365BuiltinTranslation.md +++ b/jcapiv2/docs/Office365BuiltinTranslation.md @@ -4,4 +4,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- - diff --git a/jcapiv2/docs/Office365DirectionTranslation.md b/jcapiv2/docs/Office365DirectionTranslation.md new file mode 100644 index 0000000..fa39c1e --- /dev/null +++ b/jcapiv2/docs/Office365DirectionTranslation.md @@ -0,0 +1,6 @@ +# JCAPIv2::Office365DirectionTranslation + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/Office365IdDomainsBody.md b/jcapiv2/docs/Office365IdDomainsBody.md new file mode 100644 index 0000000..c70d41a --- /dev/null +++ b/jcapiv2/docs/Office365IdDomainsBody.md @@ -0,0 +1,7 @@ +# JCAPIv2::Office365IdDomainsBody + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**domain** | **String** | | [optional] + diff --git a/jcapiv2/docs/Office365ImportApi.md b/jcapiv2/docs/Office365ImportApi.md new file mode 100644 index 0000000..743b185 --- /dev/null +++ b/jcapiv2/docs/Office365ImportApi.md @@ -0,0 +1,76 @@ +# JCAPIv2::Office365ImportApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**office365s_list_import_users**](Office365ImportApi.md#office365s_list_import_users) | **GET** /office365s/{office365_id}/import/users | Get a list of users to import from an Office 365 instance + +# **office365s_list_import_users** +> InlineResponse20012 office365s_list_import_users(office365_id, opts) + +Get a list of users to import from an Office 365 instance + +Lists Office 365 users available for import. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::Office365ImportApi.new +office365_id = 'office365_id_example' # String | +opts = { + consistency_level: 'consistency_level_example', # String | Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers + top: 56, # Integer | Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. + skip_token: 'skip_token_example', # String | Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. + filter: 'filter_example', # String | Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + search: 'search_example', # String | Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + orderby: 'orderby_example', # String | Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + count: true # BOOLEAN | Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. +} + +begin + #Get a list of users to import from an Office 365 instance + result = api_instance.office365s_list_import_users(office365_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling Office365ImportApi->office365s_list_import_users: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **office365_id** | **String**| | + **consistency_level** | **String**| Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers | [optional] + **top** | **Integer**| Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. | [optional] + **skip_token** | **String**| Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. | [optional] + **filter** | **String**| Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. | [optional] + **search** | **String**| Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. | [optional] + **orderby** | **String**| Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. | [optional] + **count** | **BOOLEAN**| Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. | [optional] + +### Return type + +[**InlineResponse20012**](InlineResponse20012.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/Office365TranslationRule.md b/jcapiv2/docs/Office365TranslationRule.md index e9abd30..f74766f 100644 --- a/jcapiv2/docs/Office365TranslationRule.md +++ b/jcapiv2/docs/Office365TranslationRule.md @@ -4,6 +4,6 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **built_in** | [**Office365BuiltinTranslation**](Office365BuiltinTranslation.md) | | [optional] +**direction** | [**Office365DirectionTranslation**](Office365DirectionTranslation.md) | | [optional] **id** | **String** | ObjectId uniquely identifying a Translation Rule. | [optional] - diff --git a/jcapiv2/docs/Office365TranslationRuleRequest.md b/jcapiv2/docs/Office365TranslationRuleRequest.md index 6a62853..d5c7564 100644 --- a/jcapiv2/docs/Office365TranslationRuleRequest.md +++ b/jcapiv2/docs/Office365TranslationRuleRequest.md @@ -4,5 +4,5 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **built_in** | [**Office365BuiltinTranslation**](Office365BuiltinTranslation.md) | | [optional] - +**direction** | [**Office365DirectionTranslation**](Office365DirectionTranslation.md) | | [optional] diff --git a/jcapiv2/docs/OrgCryptoSettings.md b/jcapiv2/docs/OrgCryptoSettings.md deleted file mode 100644 index 3ab0cb6..0000000 --- a/jcapiv2/docs/OrgCryptoSettings.md +++ /dev/null @@ -1,8 +0,0 @@ -# JCAPIv2::OrgCryptoSettings - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**ssh_keys** | [**OrgcryptosettingsSshKeys**](OrgcryptosettingsSshKeys.md) | | [optional] - - diff --git a/jcapiv2/docs/Organization.md b/jcapiv2/docs/Organization.md new file mode 100644 index 0000000..a70eecf --- /dev/null +++ b/jcapiv2/docs/Organization.md @@ -0,0 +1,9 @@ +# JCAPIv2::Organization + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | | [optional] +**max_system_users** | **Integer** | The maximum number of users allowed in this organization. Requires organizations.billing scope to modify. | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/OrganizationsApi.md b/jcapiv2/docs/OrganizationsApi.md index 44ca5f5..a4caf90 100644 --- a/jcapiv2/docs/OrganizationsApi.md +++ b/jcapiv2/docs/OrganizationsApi.md @@ -4,14 +4,18 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- -[**org_crypto_get**](OrganizationsApi.md#org_crypto_get) | **GET** /organizations/{id}/crypto | Get Crypto Settings -[**org_crypto_put**](OrganizationsApi.md#org_crypto_put) | **PUT** /organizations/{id}/crypto | Edit Crypto Settings +[**administrator_organizations_create_by_administrator**](OrganizationsApi.md#administrator_organizations_create_by_administrator) | **POST** /administrators/{id}/organizationlinks | Allow Adminstrator access to an Organization. +[**administrator_organizations_list_by_administrator**](OrganizationsApi.md#administrator_organizations_list_by_administrator) | **GET** /administrators/{id}/organizationlinks | List the association links between an Administrator and Organizations. +[**administrator_organizations_list_by_organization**](OrganizationsApi.md#administrator_organizations_list_by_organization) | **GET** /organizations/{id}/administratorlinks | List the association links between an Organization and Administrators. +[**administrator_organizations_remove_by_administrator**](OrganizationsApi.md#administrator_organizations_remove_by_administrator) | **DELETE** /administrators/{administrator_id}/organizationlinks/{id} | Remove association between an Administrator and an Organization. +[**organizations_org_list_cases**](OrganizationsApi.md#organizations_org_list_cases) | **GET** /organizations/cases | Get all cases (Support/Feature requests) for organization +# **administrator_organizations_create_by_administrator** +> AdministratorOrganizationLink administrator_organizations_create_by_administrator(id, opts) -# **org_crypto_get** -> OrgCryptoSettings org_crypto_get(id, content_type, accept, opts) +Allow Adminstrator access to an Organization. -Get Crypto Settings +This endpoint allows you to grant Administrator access to an Organization. ### Example ```ruby @@ -26,28 +30,74 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::OrganizationsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::AdministratorOrganizationLinkReq.new # AdministratorOrganizationLinkReq | +} -id = "id_example" # String | +begin + #Allow Adminstrator access to an Organization. + result = api_instance.administrator_organizations_create_by_administrator(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling OrganizationsApi->administrator_organizations_create_by_administrator: #{e}" +end +``` + +### Parameters -content_type = "application/json" # String | +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**AdministratorOrganizationLinkReq**](AdministratorOrganizationLinkReq.md)| | [optional] + +### Return type + +[**AdministratorOrganizationLink**](AdministratorOrganizationLink.md) + +### Authorization -accept = "application/json" # String | +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **administrator_organizations_list_by_administrator** +> Array<AdministratorOrganizationLink> administrator_organizations_list_by_administrator(id, opts) + +List the association links between an Administrator and Organizations. + +This endpoint returns the association links between an Administrator and Organizations. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::OrganizationsApi.new +id = 'id_example' # String | opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - x_org_id: "" # String | - skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. } begin - #Get Crypto Settings - result = api_instance.org_crypto_get(id, content_type, accept, opts) + #List the association links between an Administrator and Organizations. + result = api_instance.administrator_organizations_list_by_administrator(id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling OrganizationsApi->org_crypto_get: #{e}" + puts "Exception when calling OrganizationsApi->administrator_organizations_list_by_administrator: #{e}" end ``` @@ -56,18 +106,70 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**Array<AdministratorOrganizationLink>**](AdministratorOrganizationLink.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **administrator_organizations_list_by_organization** +> Array<AdministratorOrganizationLink> administrator_organizations_list_by_organization(id, opts) + +List the association links between an Organization and Administrators. + +This endpoint returns the association links between an Organization and Administrators. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::OrganizationsApi.new +id = 'id_example' # String | +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the association links between an Organization and Administrators. + result = api_instance.administrator_organizations_list_by_organization(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling OrganizationsApi->administrator_organizations_list_by_organization: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] ### Return type -[**OrgCryptoSettings**](OrgCryptoSettings.md) +[**Array<AdministratorOrganizationLink>**](AdministratorOrganizationLink.md) ### Authorization @@ -75,15 +177,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **org_crypto_put** -> Object org_crypto_put(id, content_type, accept, opts) +# **administrator_organizations_remove_by_administrator** +> administrator_organizations_remove_by_administrator(administrator_id, id) -Edit Crypto Settings +Remove association between an Administrator and an Organization. + +This endpoint removes the association link between an Administrator and an Organization. ### Example ```ruby @@ -98,29 +202,73 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::OrganizationsApi.new +administrator_id = 'administrator_id_example' # String | +id = 'id_example' # String | + + +begin + #Remove association between an Administrator and an Organization. + api_instance.administrator_organizations_remove_by_administrator(administrator_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling OrganizationsApi->administrator_organizations_remove_by_administrator: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **administrator_id** | **String**| | + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + -id = "id_example" # String | -content_type = "application/json" # String | +# **organizations_org_list_cases** +> CasesResponse organizations_org_list_cases(opts) -accept = "application/json" # String | +Get all cases (Support/Feature requests) for organization +This endpoint returns the cases (Support/Feature requests) for the organization + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::OrganizationsApi.new opts = { - body: JCAPIv2::OrgCryptoSettings.new, # OrgCryptoSettings | - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin - #Edit Crypto Settings - result = api_instance.org_crypto_put(id, content_type, accept, opts) + #Get all cases (Support/Feature requests) for organization + result = api_instance.organizations_org_list_cases(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling OrganizationsApi->org_crypto_put: #{e}" + puts "Exception when calling OrganizationsApi->organizations_org_list_cases: #{e}" end ``` @@ -128,20 +276,14 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**OrgCryptoSettings**](OrgCryptoSettings.md)| | [optional] - **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type -**Object** +[**CasesResponse**](CasesResponse.md) ### Authorization @@ -149,7 +291,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/OrgcryptosettingsSshKeys.md b/jcapiv2/docs/OrgcryptosettingsSshKeys.md deleted file mode 100644 index be2af8c..0000000 --- a/jcapiv2/docs/OrgcryptosettingsSshKeys.md +++ /dev/null @@ -1,10 +0,0 @@ -# JCAPIv2::OrgcryptosettingsSshKeys - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**key_size** | **Integer** | | [optional] -**validate** | **BOOLEAN** | | [optional] -**validate_key_size** | **BOOLEAN** | | [optional] - - diff --git a/jcapiv2/docs/PasswordManagerApi.md b/jcapiv2/docs/PasswordManagerApi.md new file mode 100644 index 0000000..1b0588d --- /dev/null +++ b/jcapiv2/docs/PasswordManagerApi.md @@ -0,0 +1,122 @@ +# JCAPIv2::PasswordManagerApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**device_service_get_device**](PasswordManagerApi.md#device_service_get_device) | **GET** /passwordmanager/devices/{UUID} | +[**device_service_list_devices**](PasswordManagerApi.md#device_service_list_devices) | **GET** /passwordmanager/devices | + +# **device_service_get_device** +> DevicePackageV1Device device_service_get_device(uuid) + + + +Get Device + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PasswordManagerApi.new +uuid = 'uuid_example' # String | + + +begin + result = api_instance.device_service_get_device(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PasswordManagerApi->device_service_get_device: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +[**DevicePackageV1Device**](DevicePackageV1Device.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **device_service_list_devices** +> DevicePackageV1ListDevicesResponse device_service_list_devices(opts) + + + +List Devices + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PasswordManagerApi.new +opts = { + limit: 56, # Integer | + skip: 56, # Integer | + sort: 'sort_example', # String | + fields: ['fields_example'], # Array | + filter: ['filter_example'] # Array | +} + +begin + result = api_instance.device_service_list_devices(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PasswordManagerApi->device_service_list_devices: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **limit** | **Integer**| | [optional] + **skip** | **Integer**| | [optional] + **sort** | **String**| | [optional] + **fields** | [**Array<String>**](String.md)| | [optional] + **filter** | [**Array<String>**](String.md)| | [optional] + +### Return type + +[**DevicePackageV1ListDevicesResponse**](DevicePackageV1ListDevicesResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/PasswordsSecurity.md b/jcapiv2/docs/PasswordsSecurity.md new file mode 100644 index 0000000..2fe1744 --- /dev/null +++ b/jcapiv2/docs/PasswordsSecurity.md @@ -0,0 +1,10 @@ +# JCAPIv2::PasswordsSecurity + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**compromised_passwords** | **Integer** | | [optional] +**old_passwords** | **Integer** | | [optional] +**reused_passwords** | **Integer** | | [optional] +**weak_passwords** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/SystemuserputpostPhoneNumbers.md b/jcapiv2/docs/PhoneNumber.md similarity index 76% rename from jcapiv2/docs/SystemuserputpostPhoneNumbers.md rename to jcapiv2/docs/PhoneNumber.md index d00df54..a029b60 100644 --- a/jcapiv2/docs/SystemuserputpostPhoneNumbers.md +++ b/jcapiv2/docs/PhoneNumber.md @@ -1,9 +1,9 @@ -# JCAPIv2::SystemuserputpostPhoneNumbers +# JCAPIv2::PhoneNumber ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**id** | **String** | | [optional] **number** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv2/docs/PoliciesApi.md b/jcapiv2/docs/PoliciesApi.md index 2ea031a..a58dd87 100644 --- a/jcapiv2/docs/PoliciesApi.md +++ b/jcapiv2/docs/PoliciesApi.md @@ -6,6 +6,7 @@ Method | HTTP request | Description ------------- | ------------- | ------------- [**graph_policy_associations_list**](PoliciesApi.md#graph_policy_associations_list) | **GET** /policies/{policy_id}/associations | List the associations of a Policy [**graph_policy_associations_post**](PoliciesApi.md#graph_policy_associations_post) | **POST** /policies/{policy_id}/associations | Manage the associations of a Policy +[**graph_policy_member_of**](PoliciesApi.md#graph_policy_member_of) | **GET** /policies/{policy_id}/memberof | List the parent Groups of a Policy [**graph_policy_traverse_system**](PoliciesApi.md#graph_policy_traverse_system) | **GET** /policies/{policy_id}/systems | List the Systems bound to a Policy [**graph_policy_traverse_system_group**](PoliciesApi.md#graph_policy_traverse_system_group) | **GET** /policies/{policy_id}/systemgroups | List the System Groups bound to a Policy [**policies_delete**](PoliciesApi.md#policies_delete) | **DELETE** /policies/{id} | Deletes a Policy @@ -15,15 +16,14 @@ Method | HTTP request | Description [**policies_put**](PoliciesApi.md#policies_put) | **PUT** /policies/{id} | Update an existing Policy [**policyresults_get**](PoliciesApi.md#policyresults_get) | **GET** /policyresults/{id} | Get a specific Policy Result. [**policyresults_list**](PoliciesApi.md#policyresults_list) | **GET** /policies/{policy_id}/policyresults | Lists all the policy results of a policy. -[**policyresults_org_list**](PoliciesApi.md#policyresults_org_list) | **GET** /policyresults | Lists all the policy results for an organization. -[**policystatuses_list**](PoliciesApi.md#policystatuses_list) | **GET** /policies/{policy_id}/policystatuses | Lists the latest policy results of a policy. -[**policystatuses_list_0**](PoliciesApi.md#policystatuses_list_0) | **GET** /systems/{system_id}/policystatuses | List the policy statuses for a system +[**policyresults_org_list**](PoliciesApi.md#policyresults_org_list) | **GET** /policyresults | Lists all of the policy results for an organization. +[**policystatuses_policies_list**](PoliciesApi.md#policystatuses_policies_list) | **GET** /policies/{policy_id}/policystatuses | Lists the latest policy results of a policy. +[**policystatuses_systems_list**](PoliciesApi.md#policystatuses_systems_list) | **GET** /systems/{system_id}/policystatuses | List the policy statuses for a system [**policytemplates_get**](PoliciesApi.md#policytemplates_get) | **GET** /policytemplates/{id} | Get a specific Policy Template [**policytemplates_list**](PoliciesApi.md#policytemplates_list) | **GET** /policytemplates | Lists all of the Policy Templates - # **graph_policy_associations_list** -> Array<GraphConnection> graph_policy_associations_list(policy_id, targets, content_type, accept, opts) +> Array<GraphConnection> graph_policy_associations_list(policy_id, targets, opts) List the associations of a Policy @@ -42,24 +42,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -policy_id = "policy_id_example" # String | ObjectID of the Policy. - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +policy_id = 'policy_id_example' # String | ObjectID of the Policy. +targets = ['targets_example'] # Array | Targets which a \"policy\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a Policy - result = api_instance.graph_policy_associations_list(policy_id, targets, content_type, accept, opts) + result = api_instance.graph_policy_associations_list(policy_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->graph_policy_associations_list: #{e}" @@ -71,12 +64,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **policy_id** | **String**| ObjectID of the Policy. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"policy\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -88,17 +79,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_policy_associations_post** -> graph_policy_associations_post(policy_id, content_type, accept, opts) +> graph_policy_associations_post(policy_id, opts) Manage the associations of a Policy -This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` ### Example ```ruby @@ -113,21 +104,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -policy_id = "policy_id_example" # String | ObjectID of the Policy. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +policy_id = 'policy_id_example' # String | ObjectID of the Policy. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationPolicy.new # GraphOperationPolicy | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a Policy - api_instance.graph_policy_associations_post(policy_id, content_type, accept, opts) + api_instance.graph_policy_associations_post(policy_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->graph_policy_associations_post: #{e}" end @@ -138,10 +123,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **policy_id** | **String**| ObjectID of the Policy. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationPolicy**](GraphOperationPolicy.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -154,16 +137,16 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined -# **graph_policy_traverse_system** -> Array<GraphObjectWithPaths> graph_policy_traverse_system(policy_id, content_type, accept, opts) +# **graph_policy_member_of** +> Array<GraphObjectWithPaths> graph_policy_member_of(policy_id, opts) -List the Systems bound to a Policy +List the parent Groups of a Policy -This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns all the Policy Groups a Policy is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -178,23 +161,85 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Policy. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the parent Groups of a Policy + result = api_instance.graph_policy_member_of(policy_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PoliciesApi->graph_policy_member_of: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **policy_id** | **String**| ObjectID of the Policy. | + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **date** | **String**| Current date header for the System Context API | [optional] + **authorization** | **String**| Authorization header for the System Context API | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json -policy_id = "policy_id_example" # String | ObjectID of the Command. -content_type = "application/json" # String | -accept = "application/json" # String | +# **graph_policy_traverse_system** +> Array<GraphObjectWithPaths> graph_policy_traverse_system(policy_id, opts) +List the Systems bound to a Policy + +This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PoliciesApi.new +policy_id = 'policy_id_example' # String | ObjectID of the Command. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Systems bound to a Policy - result = api_instance.graph_policy_traverse_system(policy_id, content_type, accept, opts) + result = api_instance.graph_policy_traverse_system(policy_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->graph_policy_traverse_system: #{e}" @@ -206,12 +251,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **policy_id** | **String**| ObjectID of the Command. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -223,13 +266,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_policy_traverse_system_group** -> Array<GraphObjectWithPaths> graph_policy_traverse_system_group(policy_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_policy_traverse_system_group(policy_id, opts) List the System Groups bound to a Policy @@ -248,23 +291,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -policy_id = "policy_id_example" # String | ObjectID of the Command. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +policy_id = 'policy_id_example' # String | ObjectID of the Command. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the System Groups bound to a Policy - result = api_instance.graph_policy_traverse_system_group(policy_id, content_type, accept, opts) + result = api_instance.graph_policy_traverse_system_group(policy_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->graph_policy_traverse_system_group: #{e}" @@ -276,12 +313,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **policy_id** | **String**| ObjectID of the Command. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -293,13 +328,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **policies_delete** -> policies_delete(id, content_type, accept, opts) +> policies_delete(id, opts) Deletes a Policy @@ -318,20 +353,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -id = "id_example" # String | ObjectID of the Policy object. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the Policy object. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Deletes a Policy - api_instance.policies_delete(id, content_type, accept, opts) + api_instance.policies_delete(id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->policies_delete: #{e}" end @@ -342,9 +371,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the Policy object. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -356,13 +383,13 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json - - **Accept**: application/json + - **Content-Type**: Not defined + - **Accept**: Not defined # **policies_get** -> PolicyWithDetails policies_get(id, content_type, accept, opts) +> PolicyWithDetails policies_get(id, opts) Gets a specific Policy. @@ -381,20 +408,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -id = "id_example" # String | ObjectID of the Policy object. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the Policy object. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Gets a specific Policy. - result = api_instance.policies_get(id, content_type, accept, opts) + result = api_instance.policies_get(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->policies_get: #{e}" @@ -406,9 +427,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the Policy object. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -420,13 +439,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **policies_list** -> Array<Policy> policies_list(content_type, accept, opts) +> Array<Policy> policies_list(opts) Lists all the Policies @@ -445,23 +464,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Lists all the Policies - result = api_instance.policies_list(content_type, accept, opts) + result = api_instance.policies_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->policies_list: #{e}" @@ -472,14 +486,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -491,17 +503,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **policies_post** -> PolicyWithDetails policies_post(content_type, accept, opts) +> PolicyWithDetails policies_post(opts) Create a new Policy -This endpoint allows you to create a policy. Given the amount of configurable parameters required to create a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` +This endpoint allows you to create a policy. Given the amount of configurable parameters required to create a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` ### Example ```ruby @@ -516,19 +528,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - body: JCAPIv2::PolicyRequest.new, # PolicyRequest | - x_org_id: "" # String | + body: JCAPIv2::PolicyRequest.new # PolicyRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Create a new Policy - result = api_instance.policies_post(content_type, accept, opts) + result = api_instance.policies_post(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->policies_post: #{e}" @@ -539,10 +546,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**PolicyRequest**](PolicyRequest.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -560,11 +565,11 @@ Name | Type | Description | Notes # **policies_put** -> Policy policies_put(id, , opts) +> Policy policies_put(id, opts) Update an existing Policy -This endpoint allows you to update a policy. Given the amount of configurable parameters required to update a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policies/59fced45c9118022172547ff \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY' \\ -d '{ {Policy_Parameters} }' ``` +This endpoint allows you to update a policy. Given the amount of configurable parameters required to update a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policies/59fced45c9118022172547ff \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` ### Example ```ruby @@ -579,17 +584,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -id = "id_example" # String | ObjectID of the Policy object. - +id = 'id_example' # String | ObjectID of the Policy object. opts = { - body: JCAPIv2::PolicyRequest.new, # PolicyRequest | - x_org_id: "" # String | + body: JCAPIv2::PolicyRequest.new # PolicyRequest | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Update an existing Policy - result = api_instance.policies_put(id, , opts) + result = api_instance.policies_put(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->policies_put: #{e}" @@ -602,7 +605,7 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the Policy object. | **body** | [**PolicyRequest**](PolicyRequest.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -620,7 +623,7 @@ Name | Type | Description | Notes # **policyresults_get** -> PolicyResult policyresults_get(id, content_type, accept, opts) +> PolicyResult policyresults_get(id, opts) Get a specific Policy Result. @@ -639,20 +642,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -id = "id_example" # String | ObjectID of the Policy Result. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the Policy Result. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Get a specific Policy Result. - result = api_instance.policyresults_get(id, content_type, accept, opts) + result = api_instance.policyresults_get(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->policyresults_get: #{e}" @@ -664,9 +661,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the Policy Result. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -678,13 +673,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **policyresults_list** -> Array<PolicyResult> policyresults_list(policy_id, content_type, accept, opts) +> Array<PolicyResult> policyresults_list(policy_id, opts) Lists all the policy results of a policy. @@ -703,25 +698,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -policy_id = "policy_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +policy_id = 'policy_id_example' # String | opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. } begin #Lists all the policy results of a policy. - result = api_instance.policyresults_list(policy_id, content_type, accept, opts) + result = api_instance.policyresults_list(policy_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->policyresults_list: #{e}" @@ -733,12 +722,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **policy_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] @@ -752,17 +739,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **policyresults_org_list** -> Array<PolicyResult> policyresults_org_list(content_type, accept, opts) +> Array<PolicyResult> policyresults_org_list(opts) -Lists all the policy results for an organization. +Lists all of the policy results for an organization. -This endpoint returns all policies results for an organization. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns all policy results for an organization. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -777,23 +764,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. } begin - #Lists all the policy results for an organization. - result = api_instance.policyresults_org_list(content_type, accept, opts) + #Lists all of the policy results for an organization. + result = api_instance.policyresults_org_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->policyresults_org_list: #{e}" @@ -804,12 +786,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] @@ -823,17 +803,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **policystatuses_list** -> Array<PolicyResult> policystatuses_list(policy_id, content_type, accept, opts) +# **policystatuses_policies_list** +> Array<PolicyResult> policystatuses_policies_list(policy_id, opts) Lists the latest policy results of a policy. -This endpoint returns the latest policies results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns the latest policy results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -848,28 +828,22 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -policy_id = "policy_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +policy_id = 'policy_id_example' # String | opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Lists the latest policy results of a policy. - result = api_instance.policystatuses_list(policy_id, content_type, accept, opts) + result = api_instance.policystatuses_policies_list(policy_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling PoliciesApi->policystatuses_list: #{e}" + puts "Exception when calling PoliciesApi->policystatuses_policies_list: #{e}" end ``` @@ -878,14 +852,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **policy_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -897,13 +869,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **policystatuses_list_0** -> Array<PolicyResult> policystatuses_list_0(system_id, content_type, accept, opts) +# **policystatuses_systems_list** +> Array<PolicyResult> policystatuses_systems_list(system_id, opts) List the policy statuses for a system @@ -922,28 +894,22 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the policy statuses for a system - result = api_instance.policystatuses_list_0(system_id, content_type, accept, opts) + result = api_instance.policystatuses_systems_list(system_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling PoliciesApi->policystatuses_list_0: #{e}" + puts "Exception when calling PoliciesApi->policystatuses_systems_list: #{e}" end ``` @@ -952,14 +918,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -971,17 +935,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **policytemplates_get** -> PolicyTemplateWithDetails policytemplates_get(id, content_type, accept, opts) +> PolicyTemplateWithDetails policytemplates_get(id, opts) Get a specific Policy Template -This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates/{Policy_Template_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -996,20 +960,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -id = "id_example" # String | ObjectID of the Policy Template. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the Policy Template. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Get a specific Policy Template - result = api_instance.policytemplates_get(id, content_type, accept, opts) + result = api_instance.policytemplates_get(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->policytemplates_get: #{e}" @@ -1021,9 +979,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the Policy Template. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1035,13 +991,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **policytemplates_list** -> Array<PolicyTemplate> policytemplates_list(content_type, accept, opts) +> Array<PolicyTemplate> policytemplates_list(opts) Lists all of the Policy Templates @@ -1060,23 +1016,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PoliciesApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Lists all of the Policy Templates - result = api_instance.policytemplates_list(content_type, accept, opts) + result = api_instance.policytemplates_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PoliciesApi->policytemplates_list: #{e}" @@ -1087,14 +1038,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1106,7 +1055,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/Policy.md b/jcapiv2/docs/Policy.md index c78365d..5c36cfc 100644 --- a/jcapiv2/docs/Policy.md +++ b/jcapiv2/docs/Policy.md @@ -7,4 +7,3 @@ Name | Type | Description | Notes **name** | **String** | The description for this specific Policy. | [optional] **template** | [**PolicyTemplate**](PolicyTemplate.md) | | [optional] - diff --git a/jcapiv2/docs/PolicyGroup.md b/jcapiv2/docs/PolicyGroup.md new file mode 100644 index 0000000..51780b1 --- /dev/null +++ b/jcapiv2/docs/PolicyGroup.md @@ -0,0 +1,12 @@ +# JCAPIv2::PolicyGroup + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**description** | **String** | Description of a Policy Group | [optional] +**email** | **String** | E-mail address associated with a Policy Group | [optional] +**id** | **String** | ObjectId uniquely identifying a Policy Group. | [optional] +**name** | **String** | Display name of a Policy Group. | [optional] +**type** | **String** | The type of the group; always 'policy' for a Policy Group. | [optional] + diff --git a/jcapiv2/docs/PolicyGroupAssociationsApi.md b/jcapiv2/docs/PolicyGroupAssociationsApi.md new file mode 100644 index 0000000..b094067 --- /dev/null +++ b/jcapiv2/docs/PolicyGroupAssociationsApi.md @@ -0,0 +1,254 @@ +# JCAPIv2::PolicyGroupAssociationsApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**graph_policy_group_associations_list**](PolicyGroupAssociationsApi.md#graph_policy_group_associations_list) | **GET** /policygroups/{group_id}/associations | List the associations of a Policy Group. +[**graph_policy_group_associations_post**](PolicyGroupAssociationsApi.md#graph_policy_group_associations_post) | **POST** /policygroups/{group_id}/associations | Manage the associations of a Policy Group +[**graph_policy_group_traverse_system**](PolicyGroupAssociationsApi.md#graph_policy_group_traverse_system) | **GET** /policygroups/{group_id}/systems | List the Systems bound to a Policy Group +[**graph_policy_group_traverse_system_group**](PolicyGroupAssociationsApi.md#graph_policy_group_traverse_system_group) | **GET** /policygroups/{group_id}/systemgroups | List the System Groups bound to Policy Groups + +# **graph_policy_group_associations_list** +> Array<GraphConnection> graph_policy_group_associations_list(group_id, targets, opts) + +List the associations of a Policy Group. + +This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +targets = ['targets_example'] # Array | Targets which a \"policy_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Policy Group. + result = api_instance.graph_policy_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupAssociationsApi->graph_policy_group_associations_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **targets** | [**Array<String>**](String.md)| Targets which a \"policy_group\" can be associated to. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<GraphConnection>**](GraphConnection.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_policy_group_associations_post** +> graph_policy_group_associations_post(group_id, opts) + +Manage the associations of a Policy Group + +This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::GraphOperationPolicyGroup.new # GraphOperationPolicyGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a Policy Group + api_instance.graph_policy_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupAssociationsApi->graph_policy_group_associations_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **body** | [**GraphOperationPolicyGroup**](GraphOperationPolicyGroup.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: Not defined + + + +# **graph_policy_group_traverse_system** +> Array<GraphObjectWithPaths> graph_policy_group_traverse_system(group_id, opts) + +List the Systems bound to a Policy Group + +This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Policy Group + result = api_instance.graph_policy_group_traverse_system(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupAssociationsApi->graph_policy_group_traverse_system: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_policy_group_traverse_system_group** +> Array<GraphObjectWithPaths> graph_policy_group_traverse_system_group(group_id, opts) + +List the System Groups bound to Policy Groups + +This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to Policy Groups + result = api_instance.graph_policy_group_traverse_system_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupAssociationsApi->graph_policy_group_traverse_system_group: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/PolicyGroupData.md b/jcapiv2/docs/PolicyGroupData.md new file mode 100644 index 0000000..8271978 --- /dev/null +++ b/jcapiv2/docs/PolicyGroupData.md @@ -0,0 +1,7 @@ +# JCAPIv2::PolicyGroupData + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | Display name of a Policy Group. | + diff --git a/jcapiv2/docs/PolicyGroupMembersMembershipApi.md b/jcapiv2/docs/PolicyGroupMembersMembershipApi.md new file mode 100644 index 0000000..3ea9fce --- /dev/null +++ b/jcapiv2/docs/PolicyGroupMembersMembershipApi.md @@ -0,0 +1,191 @@ +# JCAPIv2::PolicyGroupMembersMembershipApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**graph_policy_group_members_list**](PolicyGroupMembersMembershipApi.md#graph_policy_group_members_list) | **GET** /policygroups/{group_id}/members | List the members of a Policy Group +[**graph_policy_group_members_post**](PolicyGroupMembersMembershipApi.md#graph_policy_group_members_post) | **POST** /policygroups/{group_id}/members | Manage the members of a Policy Group +[**graph_policy_group_membership**](PolicyGroupMembersMembershipApi.md#graph_policy_group_membership) | **GET** /policygroups/{group_id}/membership | List the Policy Group's membership + +# **graph_policy_group_members_list** +> Array<GraphConnection> graph_policy_group_members_list(group_id, opts) + +List the members of a Policy Group + +This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a Policy Group + result = api_instance.graph_policy_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupMembersMembershipApi->graph_policy_group_members_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<GraphConnection>**](GraphConnection.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_policy_group_members_post** +> graph_policy_group_members_post(group_id, opts) + +Manage the members of a Policy Group + +This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::GraphOperationPolicyGroupMember.new # GraphOperationPolicyGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a Policy Group + api_instance.graph_policy_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupMembersMembershipApi->graph_policy_group_members_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **body** | [**GraphOperationPolicyGroupMember**](GraphOperationPolicyGroupMember.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: Not defined + + + +# **graph_policy_group_membership** +> Array<GraphObjectWithPaths> graph_policy_group_membership(group_id, opts) + +List the Policy Group's membership + +This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupMembersMembershipApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the Policy Group's membership + result = api_instance.graph_policy_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupMembersMembershipApi->graph_policy_group_membership: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/PolicyGroupTemplate.md b/jcapiv2/docs/PolicyGroupTemplate.md new file mode 100644 index 0000000..f4a833d --- /dev/null +++ b/jcapiv2/docs/PolicyGroupTemplate.md @@ -0,0 +1,10 @@ +# JCAPIv2::PolicyGroupTemplate + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**description** | **String** | | [optional] +**id** | **String** | | [optional] +**members** | [**Array<PolicyGroupTemplateMember>**](PolicyGroupTemplateMember.md) | | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/Body1.md b/jcapiv2/docs/PolicyGroupTemplateMember.md similarity index 54% rename from jcapiv2/docs/Body1.md rename to jcapiv2/docs/PolicyGroupTemplateMember.md index 51f2b56..341060b 100644 --- a/jcapiv2/docs/Body1.md +++ b/jcapiv2/docs/PolicyGroupTemplateMember.md @@ -1,10 +1,9 @@ -# JCAPIv2::Body1 +# JCAPIv2::PolicyGroupTemplateMember ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**groups** | **Array<String>** | | [optional] +**id** | **String** | | [optional] **name** | **String** | | [optional] -**users** | **Array<String>** | | [optional] - +**policy_template_id** | **String** | | [optional] diff --git a/jcapiv2/docs/PolicyGroupTemplateMembers.md b/jcapiv2/docs/PolicyGroupTemplateMembers.md new file mode 100644 index 0000000..b8f93e8 --- /dev/null +++ b/jcapiv2/docs/PolicyGroupTemplateMembers.md @@ -0,0 +1,8 @@ +# JCAPIv2::PolicyGroupTemplateMembers + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<PolicyGroupTemplateMember>**](PolicyGroupTemplateMember.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/PolicyGroupTemplates.md b/jcapiv2/docs/PolicyGroupTemplates.md new file mode 100644 index 0000000..3b5cad1 --- /dev/null +++ b/jcapiv2/docs/PolicyGroupTemplates.md @@ -0,0 +1,8 @@ +# JCAPIv2::PolicyGroupTemplates + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<PolicyGroupTemplate>**](PolicyGroupTemplate.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/PolicyGroupTemplatesApi.md b/jcapiv2/docs/PolicyGroupTemplatesApi.md new file mode 100644 index 0000000..9c45469 --- /dev/null +++ b/jcapiv2/docs/PolicyGroupTemplatesApi.md @@ -0,0 +1,367 @@ +# JCAPIv2::PolicyGroupTemplatesApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**policy_group_templates_delete**](PolicyGroupTemplatesApi.md#policy_group_templates_delete) | **DELETE** /providers/{provider_id}/policygrouptemplates/{id} | Deletes policy group template. +[**policy_group_templates_get**](PolicyGroupTemplatesApi.md#policy_group_templates_get) | **GET** /providers/{provider_id}/policygrouptemplates/{id} | Gets a provider's policy group template. +[**policy_group_templates_get_configured_policy_template**](PolicyGroupTemplatesApi.md#policy_group_templates_get_configured_policy_template) | **GET** /providers/{provider_id}/configuredpolicytemplates/{id} | Retrieve a configured policy template by id. +[**policy_group_templates_list**](PolicyGroupTemplatesApi.md#policy_group_templates_list) | **GET** /providers/{provider_id}/policygrouptemplates | List a provider's policy group templates. +[**policy_group_templates_list_configured_policy_templates**](PolicyGroupTemplatesApi.md#policy_group_templates_list_configured_policy_templates) | **GET** /providers/{provider_id}/configuredpolicytemplates | List a provider's configured policy templates. +[**policy_group_templates_list_members**](PolicyGroupTemplatesApi.md#policy_group_templates_list_members) | **GET** /providers/{provider_id}/policygrouptemplates/{id}/members | Gets the list of members from a policy group template. + +# **policy_group_templates_delete** +> policy_group_templates_delete(provider_id, id) + +Deletes policy group template. + +Deletes a Policy Group Template. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Deletes policy group template. + api_instance.policy_group_templates_delete(provider_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_get** +> PolicyGroupTemplate policy_group_templates_get(provider_id, id) + +Gets a provider's policy group template. + +Retrieves a Policy Group Template for this provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Gets a provider's policy group template. + result = api_instance.policy_group_templates_get(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +[**PolicyGroupTemplate**](PolicyGroupTemplate.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_get_configured_policy_template** +> ConfiguredPolicyTemplate policy_group_templates_get_configured_policy_template(provider_id, id) + +Retrieve a configured policy template by id. + +Retrieves a Configured Policy Templates for this provider and Id. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Retrieve a configured policy template by id. + result = api_instance.policy_group_templates_get_configured_policy_template(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_get_configured_policy_template: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +[**ConfiguredPolicyTemplate**](ConfiguredPolicyTemplate.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_list** +> PolicyGroupTemplates policy_group_templates_list(provider_id, opts) + +List a provider's policy group templates. + +Retrieves a list of Policy Group Templates for this provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's policy group templates. + result = api_instance.policy_group_templates_list(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**PolicyGroupTemplates**](PolicyGroupTemplates.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_list_configured_policy_templates** +> InlineResponse20014 policy_group_templates_list_configured_policy_templates(provider_id, opts) + +List a provider's configured policy templates. + +Retrieves a list of Configured Policy Templates for this provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's configured policy templates. + result = api_instance.policy_group_templates_list_configured_policy_templates(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_list_configured_policy_templates: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**InlineResponse20014**](InlineResponse20014.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_list_members** +> PolicyGroupTemplateMembers policy_group_templates_list_members(provider_id, id, opts) + +Gets the list of members from a policy group template. + +Retrieves a Policy Group Template's Members. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupTemplatesApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Gets the list of members from a policy group template. + result = api_instance.policy_group_templates_list_members(provider_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupTemplatesApi->policy_group_templates_list_members: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**PolicyGroupTemplateMembers**](PolicyGroupTemplateMembers.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/PolicyGroupsApi.md b/jcapiv2/docs/PolicyGroupsApi.md new file mode 100644 index 0000000..3bf18cc --- /dev/null +++ b/jcapiv2/docs/PolicyGroupsApi.md @@ -0,0 +1,733 @@ +# JCAPIv2::PolicyGroupsApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**graph_policy_group_associations_list**](PolicyGroupsApi.md#graph_policy_group_associations_list) | **GET** /policygroups/{group_id}/associations | List the associations of a Policy Group. +[**graph_policy_group_associations_post**](PolicyGroupsApi.md#graph_policy_group_associations_post) | **POST** /policygroups/{group_id}/associations | Manage the associations of a Policy Group +[**graph_policy_group_members_list**](PolicyGroupsApi.md#graph_policy_group_members_list) | **GET** /policygroups/{group_id}/members | List the members of a Policy Group +[**graph_policy_group_members_post**](PolicyGroupsApi.md#graph_policy_group_members_post) | **POST** /policygroups/{group_id}/members | Manage the members of a Policy Group +[**graph_policy_group_membership**](PolicyGroupsApi.md#graph_policy_group_membership) | **GET** /policygroups/{group_id}/membership | List the Policy Group's membership +[**graph_policy_group_traverse_system**](PolicyGroupsApi.md#graph_policy_group_traverse_system) | **GET** /policygroups/{group_id}/systems | List the Systems bound to a Policy Group +[**graph_policy_group_traverse_system_group**](PolicyGroupsApi.md#graph_policy_group_traverse_system_group) | **GET** /policygroups/{group_id}/systemgroups | List the System Groups bound to Policy Groups +[**groups_policy_delete**](PolicyGroupsApi.md#groups_policy_delete) | **DELETE** /policygroups/{id} | Delete a Policy Group +[**groups_policy_get**](PolicyGroupsApi.md#groups_policy_get) | **GET** /policygroups/{id} | View an individual Policy Group details +[**groups_policy_list**](PolicyGroupsApi.md#groups_policy_list) | **GET** /policygroups | List all Policy Groups +[**groups_policy_post**](PolicyGroupsApi.md#groups_policy_post) | **POST** /policygroups | Create a new Policy Group +[**groups_policy_put**](PolicyGroupsApi.md#groups_policy_put) | **PUT** /policygroups/{id} | Update a Policy Group + +# **graph_policy_group_associations_list** +> Array<GraphConnection> graph_policy_group_associations_list(group_id, targets, opts) + +List the associations of a Policy Group. + +This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +targets = ['targets_example'] # Array | Targets which a \"policy_group\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Policy Group. + result = api_instance.graph_policy_group_associations_list(group_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_associations_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **targets** | [**Array<String>**](String.md)| Targets which a \"policy_group\" can be associated to. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<GraphConnection>**](GraphConnection.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_policy_group_associations_post** +> graph_policy_group_associations_post(group_id, opts) + +Manage the associations of a Policy Group + +This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::GraphOperationPolicyGroup.new # GraphOperationPolicyGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a Policy Group + api_instance.graph_policy_group_associations_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_associations_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **body** | [**GraphOperationPolicyGroup**](GraphOperationPolicyGroup.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: Not defined + + + +# **graph_policy_group_members_list** +> Array<GraphConnection> graph_policy_group_members_list(group_id, opts) + +List the members of a Policy Group + +This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the members of a Policy Group + result = api_instance.graph_policy_group_members_list(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_members_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<GraphConnection>**](GraphConnection.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_policy_group_members_post** +> graph_policy_group_members_post(group_id, opts) + +Manage the members of a Policy Group + +This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::GraphOperationPolicyGroupMember.new # GraphOperationPolicyGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the members of a Policy Group + api_instance.graph_policy_group_members_post(group_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_members_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **body** | [**GraphOperationPolicyGroupMember**](GraphOperationPolicyGroupMember.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: Not defined + + + +# **graph_policy_group_membership** +> Array<GraphObjectWithPaths> graph_policy_group_membership(group_id, opts) + +List the Policy Group's membership + +This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the Policy Group's membership + result = api_instance.graph_policy_group_membership(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_membership: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_policy_group_traverse_system** +> Array<GraphObjectWithPaths> graph_policy_group_traverse_system(group_id, opts) + +List the Systems bound to a Policy Group + +This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Policy Group + result = api_instance.graph_policy_group_traverse_system(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_traverse_system: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_policy_group_traverse_system_group** +> Array<GraphObjectWithPaths> graph_policy_group_traverse_system_group(group_id, opts) + +List the System Groups bound to Policy Groups + +This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +group_id = 'group_id_example' # String | ObjectID of the Policy Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to Policy Groups + result = api_instance.graph_policy_group_traverse_system_group(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->graph_policy_group_traverse_system_group: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the Policy Group. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **groups_policy_delete** +> PolicyGroup groups_policy_delete(id, opts) + +Delete a Policy Group + +This endpoint allows you to delete a Policy Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/policygroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +id = 'id_example' # String | ObjectID of the Policy Group. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete a Policy Group + result = api_instance.groups_policy_delete(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->groups_policy_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| ObjectID of the Policy Group. | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**PolicyGroup**](PolicyGroup.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **groups_policy_get** +> PolicyGroup groups_policy_get(id, opts) + +View an individual Policy Group details + +This endpoint returns the details of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +id = 'id_example' # String | ObjectID of the Policy Group. +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #View an individual Policy Group details + result = api_instance.groups_policy_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->groups_policy_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| ObjectID of the Policy Group. | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**PolicyGroup**](PolicyGroup.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **groups_policy_list** +> Array<PolicyGroup> groups_policy_list(opts) + +List all Policy Groups + +This endpoint returns all Policy Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List all Policy Groups + result = api_instance.groups_policy_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->groups_policy_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<PolicyGroup>**](PolicyGroup.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **groups_policy_post** +> PolicyGroup groups_policy_post(opts) + +Create a new Policy Group + +This endpoint allows you to create a new Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +opts = { + body: JCAPIv2::PolicyGroupData.new # PolicyGroupData | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create a new Policy Group + result = api_instance.groups_policy_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->groups_policy_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**PolicyGroupData**](PolicyGroupData.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**PolicyGroup**](PolicyGroup.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **groups_policy_put** +> PolicyGroup groups_policy_put(id, opts) + +Update a Policy Group + +This endpoint allows you to do a full update of the Policy Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policygroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"group_update\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::PolicyGroupsApi.new +id = 'id_example' # String | ObjectID of the Policy Group. +opts = { + body: JCAPIv2::PolicyGroupData.new # PolicyGroupData | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update a Policy Group + result = api_instance.groups_policy_put(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling PolicyGroupsApi->groups_policy_put: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| ObjectID of the Policy Group. | + **body** | [**PolicyGroupData**](PolicyGroupData.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**PolicyGroup**](PolicyGroup.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/PolicyRequest.md b/jcapiv2/docs/PolicyRequest.md index d2fd9af..42b2f7b 100644 --- a/jcapiv2/docs/PolicyRequest.md +++ b/jcapiv2/docs/PolicyRequest.md @@ -4,7 +4,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **name** | **String** | The description for this specific Policy. | +**notes** | **String** | The notes for this specific Policy. | [optional] **template** | [**PolicyRequestTemplate**](PolicyRequestTemplate.md) | | [optional] **values** | [**Array<PolicyValue>**](PolicyValue.md) | | [optional] - diff --git a/jcapiv2/docs/PolicyRequestTemplate.md b/jcapiv2/docs/PolicyRequestTemplate.md index 49aa312..ee243fc 100644 --- a/jcapiv2/docs/PolicyRequestTemplate.md +++ b/jcapiv2/docs/PolicyRequestTemplate.md @@ -5,4 +5,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **id** | **String** | ObjectId uniquely identifying a Policy instance; only allowed on POST requests. | [optional] - diff --git a/jcapiv2/docs/PolicyResult.md b/jcapiv2/docs/PolicyResult.md index ae262b7..1252961 100644 --- a/jcapiv2/docs/PolicyResult.md +++ b/jcapiv2/docs/PolicyResult.md @@ -15,4 +15,3 @@ Name | Type | Description | Notes **success** | **BOOLEAN** | True if the policy was successfully applied; false otherwise. | [optional] **system_id** | **String** | ObjectId uniquely identifying the parent System. | [optional] - diff --git a/jcapiv2/docs/PolicyTemplate.md b/jcapiv2/docs/PolicyTemplate.md index d04fefa..7e77e57 100644 --- a/jcapiv2/docs/PolicyTemplate.md +++ b/jcapiv2/docs/PolicyTemplate.md @@ -4,12 +4,15 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **activation** | **String** | Requirements before the policy can be activated. | [optional] +**alert** | **String** | Text to describe any risk associated with this policy. | [optional] **behavior** | **String** | Specifics about the behavior of the policy. | [optional] +**delivery_types** | **Array<String>** | The supported delivery mechanisms for this policy template. | [optional] **description** | **String** | The default description for the Policy. | [optional] **display_name** | **String** | The default display name for the Policy. | [optional] **id** | **String** | ObjectId uniquely identifying a Policy Template. | [optional] **name** | **String** | The unique name for the Policy Template. | [optional] **os_meta_family** | **String** | | [optional] -**state** | **String** | String describing the release status of the policy template. | [optional] [default to ""] - +**os_restrictions** | [**Array<OSRestriction>**](OSRestriction.md) | | [optional] +**reference** | **String** | URL to visit for further information. | [optional] +**state** | **String** | String describing the release status of the policy template. | [optional] [default to ''] diff --git a/jcapiv2/docs/PolicyTemplateConfigField.md b/jcapiv2/docs/PolicyTemplateConfigField.md index 7a77e42..5d8b9cb 100644 --- a/jcapiv2/docs/PolicyTemplateConfigField.md +++ b/jcapiv2/docs/PolicyTemplateConfigField.md @@ -3,13 +3,16 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**default_value** | **String** | The default value for this field. | [optional] +**display_options** | **Object** | The options that correspond to the display_type. | [optional] **display_type** | **String** | The default rendering for this field. | [optional] **id** | **String** | ObjectId uniquely identifying a Policy Template Configuration Field | **label** | **String** | The default label for this field. | [optional] **name** | **String** | A unique name identifying this config field. | -**position** | **Float** | The default position to render this field. | [optional] +**position** | [**BigDecimal**](BigDecimal.md) | The default position to render this field. | [optional] **read_only** | **BOOLEAN** | If an admin is allowed to modify this field. | [optional] **required** | **BOOLEAN** | If this field is required for this field. | [optional] +**sensitive** | **BOOLEAN** | Defines if the policy template config field is sensitive or not. | [optional] **tooltip** | [**PolicyTemplateConfigFieldTooltip**](PolicyTemplateConfigFieldTooltip.md) | | [optional] - +**validators** | **Object** | Descriptors to perform extended assertions on the supplied config field value. | [optional] diff --git a/jcapiv2/docs/PolicyTemplateConfigFieldTooltip.md b/jcapiv2/docs/PolicyTemplateConfigFieldTooltip.md index a8fe7b4..f367649 100644 --- a/jcapiv2/docs/PolicyTemplateConfigFieldTooltip.md +++ b/jcapiv2/docs/PolicyTemplateConfigFieldTooltip.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **template** | **String** | | [optional] **variables** | [**PolicyTemplateConfigFieldTooltipVariables**](PolicyTemplateConfigFieldTooltipVariables.md) | | [optional] - diff --git a/jcapiv2/docs/PolicyTemplateConfigFieldTooltipVariables.md b/jcapiv2/docs/PolicyTemplateConfigFieldTooltipVariables.md index 070f61b..5967f1c 100644 --- a/jcapiv2/docs/PolicyTemplateConfigFieldTooltipVariables.md +++ b/jcapiv2/docs/PolicyTemplateConfigFieldTooltipVariables.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **icon** | **String** | | [optional] **message** | **String** | | [optional] - diff --git a/jcapiv2/docs/PolicyTemplateWithDetails.md b/jcapiv2/docs/PolicyTemplateWithDetails.md index 68e46c0..0fcd83b 100644 --- a/jcapiv2/docs/PolicyTemplateWithDetails.md +++ b/jcapiv2/docs/PolicyTemplateWithDetails.md @@ -11,5 +11,5 @@ Name | Type | Description | Notes **id** | **String** | ObjectId uniquely identifying a Policy Template. | [optional] **name** | **String** | The unique name for the Policy Template. | [optional] **os_meta_family** | **String** | | [optional] - +**os_restrictions** | [**Array<OSRestriction>**](OSRestriction.md) | | [optional] diff --git a/jcapiv2/docs/PolicyValue.md b/jcapiv2/docs/PolicyValue.md index b85be77..d7292c8 100644 --- a/jcapiv2/docs/PolicyValue.md +++ b/jcapiv2/docs/PolicyValue.md @@ -4,5 +4,6 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **config_field_id** | **String** | The ObjectId of the corresponding Policy Template configuration field. | [optional] - +**sensitive** | **BOOLEAN** | Defines if the value is sensitive or not. | [optional] +**value** | **String** | The value for the configuration field for this Policy instance. | [optional] diff --git a/jcapiv2/docs/PolicyWithDetails.md b/jcapiv2/docs/PolicyWithDetails.md index 90f0f94..e32873b 100644 --- a/jcapiv2/docs/PolicyWithDetails.md +++ b/jcapiv2/docs/PolicyWithDetails.md @@ -6,7 +6,7 @@ Name | Type | Description | Notes **config_fields** | [**Array<PolicyTemplateConfigField>**](PolicyTemplateConfigField.md) | | [optional] **id** | **String** | ObjectId uniquely identifying a Policy. | [optional] **name** | **String** | The description for this specific Policy. | [optional] +**notes** | **String** | The notes for this specific Policy. | [optional] **template** | [**PolicyTemplate**](PolicyTemplate.md) | | [optional] **values** | [**Array<PolicyValue>**](PolicyValue.md) | | [optional] - diff --git a/jcapiv2/docs/PolicytemplatesApi.md b/jcapiv2/docs/PolicytemplatesApi.md index 3093a91..6c574a3 100644 --- a/jcapiv2/docs/PolicytemplatesApi.md +++ b/jcapiv2/docs/PolicytemplatesApi.md @@ -7,13 +7,12 @@ Method | HTTP request | Description [**policytemplates_get**](PolicytemplatesApi.md#policytemplates_get) | **GET** /policytemplates/{id} | Get a specific Policy Template [**policytemplates_list**](PolicytemplatesApi.md#policytemplates_list) | **GET** /policytemplates | Lists all of the Policy Templates - # **policytemplates_get** -> PolicyTemplateWithDetails policytemplates_get(id, content_type, accept, opts) +> PolicyTemplateWithDetails policytemplates_get(id, opts) Get a specific Policy Template -This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates/{Policy_Template_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -28,20 +27,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PolicytemplatesApi.new - -id = "id_example" # String | ObjectID of the Policy Template. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the Policy Template. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Get a specific Policy Template - result = api_instance.policytemplates_get(id, content_type, accept, opts) + result = api_instance.policytemplates_get(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PolicytemplatesApi->policytemplates_get: #{e}" @@ -53,9 +46,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the Policy Template. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -67,13 +58,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **policytemplates_list** -> Array<PolicyTemplate> policytemplates_list(content_type, accept, opts) +> Array<PolicyTemplate> policytemplates_list(opts) Lists all of the Policy Templates @@ -92,23 +83,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::PolicytemplatesApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Lists all of the Policy Templates - result = api_instance.policytemplates_list(content_type, accept, opts) + result = api_instance.policytemplates_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling PolicytemplatesApi->policytemplates_list: #{e}" @@ -119,14 +105,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -138,7 +122,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/Provider.md b/jcapiv2/docs/Provider.md index 3490011..dccb160 100644 --- a/jcapiv2/docs/Provider.md +++ b/jcapiv2/docs/Provider.md @@ -3,7 +3,6 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**contact** | [**ProviderContact**](ProviderContact.md) | | [optional] -**name** | **String** | | [optional] - +**disallow_org_creation** | **BOOLEAN** | | [optional] +**id** | **String** | | [optional] diff --git a/jcapiv2/docs/ProviderAdminReq.md b/jcapiv2/docs/ProviderAdminReq.md index baba63a..d3e6e15 100644 --- a/jcapiv2/docs/ProviderAdminReq.md +++ b/jcapiv2/docs/ProviderAdminReq.md @@ -3,9 +3,11 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**bind_no_orgs** | **BOOLEAN** | | [optional] [default to false] **email** | **String** | | **enable_multi_factor** | **BOOLEAN** | | [optional] **firstname** | **String** | | [optional] **lastname** | **String** | | [optional] - +**role** | **String** | | [optional] +**role_name** | **String** | | [optional] diff --git a/jcapiv2/docs/ProviderInvoice.md b/jcapiv2/docs/ProviderInvoice.md new file mode 100644 index 0000000..7954508 --- /dev/null +++ b/jcapiv2/docs/ProviderInvoice.md @@ -0,0 +1,13 @@ +# JCAPIv2::ProviderInvoice + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**amount_billed** | **String** | | [optional] +**amount_paid** | **String** | | [optional] +**amount_remaining** | **String** | | [optional] +**currency** | **String** | | [optional] +**due_date** | **String** | | [optional] +**id** | **String** | | [optional] +**status** | **String** | | [optional] + diff --git a/jcapiv2/docs/ProviderInvoiceResponse.md b/jcapiv2/docs/ProviderInvoiceResponse.md new file mode 100644 index 0000000..e84b62e --- /dev/null +++ b/jcapiv2/docs/ProviderInvoiceResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::ProviderInvoiceResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<ProviderInvoice>**](ProviderInvoice.md) | | [optional] +**total_count** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/ProvidersApi.md b/jcapiv2/docs/ProvidersApi.md index 42776b3..1c7fbaa 100644 --- a/jcapiv2/docs/ProvidersApi.md +++ b/jcapiv2/docs/ProvidersApi.md @@ -4,16 +4,3388 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- +[**autotask_create_configuration**](ProvidersApi.md#autotask_create_configuration) | **POST** /providers/{provider_id}/integrations/autotask | Creates a new Autotask integration for the provider +[**autotask_delete_configuration**](ProvidersApi.md#autotask_delete_configuration) | **DELETE** /integrations/autotask/{UUID} | Delete Autotask Integration +[**autotask_get_configuration**](ProvidersApi.md#autotask_get_configuration) | **GET** /integrations/autotask/{UUID} | Retrieve Autotask Integration Configuration +[**autotask_patch_mappings**](ProvidersApi.md#autotask_patch_mappings) | **PATCH** /integrations/autotask/{UUID}/mappings | Create, edit, and/or delete Autotask Mappings +[**autotask_patch_settings**](ProvidersApi.md#autotask_patch_settings) | **PATCH** /integrations/autotask/{UUID}/settings | Create, edit, and/or delete Autotask Integration settings +[**autotask_retrieve_all_alert_configuration_options**](ProvidersApi.md#autotask_retrieve_all_alert_configuration_options) | **GET** /providers/{provider_id}/integrations/autotask/alerts/configuration/options | Get all Autotask ticketing alert configuration options for a provider +[**autotask_retrieve_all_alert_configurations**](ProvidersApi.md#autotask_retrieve_all_alert_configurations) | **GET** /providers/{provider_id}/integrations/autotask/alerts/configuration | Get all Autotask ticketing alert configurations for a provider +[**autotask_retrieve_companies**](ProvidersApi.md#autotask_retrieve_companies) | **GET** /integrations/autotask/{UUID}/companies | Retrieve Autotask Companies +[**autotask_retrieve_company_types**](ProvidersApi.md#autotask_retrieve_company_types) | **GET** /integrations/autotask/{UUID}/companytypes | Retrieve Autotask Company Types +[**autotask_retrieve_contracts**](ProvidersApi.md#autotask_retrieve_contracts) | **GET** /integrations/autotask/{UUID}/contracts | Retrieve Autotask Contracts +[**autotask_retrieve_contracts_fields**](ProvidersApi.md#autotask_retrieve_contracts_fields) | **GET** /integrations/autotask/{UUID}/contracts/fields | Retrieve Autotask Contract Fields +[**autotask_retrieve_mappings**](ProvidersApi.md#autotask_retrieve_mappings) | **GET** /integrations/autotask/{UUID}/mappings | Retrieve Autotask mappings +[**autotask_retrieve_services**](ProvidersApi.md#autotask_retrieve_services) | **GET** /integrations/autotask/{UUID}/contracts/services | Retrieve Autotask Contract Services +[**autotask_retrieve_settings**](ProvidersApi.md#autotask_retrieve_settings) | **GET** /integrations/autotask/{UUID}/settings | Retrieve Autotask Integration settings +[**autotask_update_alert_configuration**](ProvidersApi.md#autotask_update_alert_configuration) | **PUT** /providers/{provider_id}/integrations/autotask/alerts/{alert_UUID}/configuration | Update an Autotask ticketing alert's configuration +[**autotask_update_configuration**](ProvidersApi.md#autotask_update_configuration) | **PATCH** /integrations/autotask/{UUID} | Update Autotask Integration configuration +[**billing_get_contract**](ProvidersApi.md#billing_get_contract) | **GET** /providers/{provider_id}/billing/contract | Retrieve contract for a Provider +[**billing_get_details**](ProvidersApi.md#billing_get_details) | **GET** /providers/{provider_id}/billing/details | Retrieve billing details for a Provider +[**connectwise_create_configuration**](ProvidersApi.md#connectwise_create_configuration) | **POST** /providers/{provider_id}/integrations/connectwise | Creates a new ConnectWise integration for the provider +[**connectwise_delete_configuration**](ProvidersApi.md#connectwise_delete_configuration) | **DELETE** /integrations/connectwise/{UUID} | Delete ConnectWise Integration +[**connectwise_get_configuration**](ProvidersApi.md#connectwise_get_configuration) | **GET** /integrations/connectwise/{UUID} | Retrieve ConnectWise Integration Configuration +[**connectwise_patch_mappings**](ProvidersApi.md#connectwise_patch_mappings) | **PATCH** /integrations/connectwise/{UUID}/mappings | Create, edit, and/or delete ConnectWise Mappings +[**connectwise_patch_settings**](ProvidersApi.md#connectwise_patch_settings) | **PATCH** /integrations/connectwise/{UUID}/settings | Create, edit, and/or delete ConnectWise Integration settings +[**connectwise_retrieve_additions**](ProvidersApi.md#connectwise_retrieve_additions) | **GET** /integrations/connectwise/{UUID}/agreements/{agreement_ID}/additions | Retrieve ConnectWise Additions +[**connectwise_retrieve_agreements**](ProvidersApi.md#connectwise_retrieve_agreements) | **GET** /integrations/connectwise/{UUID}/agreements | Retrieve ConnectWise Agreements +[**connectwise_retrieve_all_alert_configuration_options**](ProvidersApi.md#connectwise_retrieve_all_alert_configuration_options) | **GET** /providers/{provider_id}/integrations/connectwise/alerts/configuration/options | Get all ConnectWise ticketing alert configuration options for a provider +[**connectwise_retrieve_all_alert_configurations**](ProvidersApi.md#connectwise_retrieve_all_alert_configurations) | **GET** /providers/{provider_id}/integrations/connectwise/alerts/configuration | Get all ConnectWise ticketing alert configurations for a provider +[**connectwise_retrieve_companies**](ProvidersApi.md#connectwise_retrieve_companies) | **GET** /integrations/connectwise/{UUID}/companies | Retrieve ConnectWise Companies +[**connectwise_retrieve_company_types**](ProvidersApi.md#connectwise_retrieve_company_types) | **GET** /integrations/connectwise/{UUID}/companytypes | Retrieve ConnectWise Company Types +[**connectwise_retrieve_mappings**](ProvidersApi.md#connectwise_retrieve_mappings) | **GET** /integrations/connectwise/{UUID}/mappings | Retrieve ConnectWise mappings +[**connectwise_retrieve_settings**](ProvidersApi.md#connectwise_retrieve_settings) | **GET** /integrations/connectwise/{UUID}/settings | Retrieve ConnectWise Integration settings +[**connectwise_update_alert_configuration**](ProvidersApi.md#connectwise_update_alert_configuration) | **PUT** /providers/{provider_id}/integrations/connectwise/alerts/{alert_UUID}/configuration | Update a ConnectWise ticketing alert's configuration +[**connectwise_update_configuration**](ProvidersApi.md#connectwise_update_configuration) | **PATCH** /integrations/connectwise/{UUID} | Update ConnectWise Integration configuration +[**mtp_integration_retrieve_alerts**](ProvidersApi.md#mtp_integration_retrieve_alerts) | **GET** /providers/{provider_id}/integrations/ticketing/alerts | Get all ticketing alerts available for a provider's ticketing integration. +[**mtp_integration_retrieve_sync_errors**](ProvidersApi.md#mtp_integration_retrieve_sync_errors) | **GET** /integrations/{integration_type}/{UUID}/errors | Retrieve Recent Integration Sync Errors +[**policy_group_templates_delete**](ProvidersApi.md#policy_group_templates_delete) | **DELETE** /providers/{provider_id}/policygrouptemplates/{id} | Deletes policy group template. +[**policy_group_templates_get**](ProvidersApi.md#policy_group_templates_get) | **GET** /providers/{provider_id}/policygrouptemplates/{id} | Gets a provider's policy group template. +[**policy_group_templates_get_configured_policy_template**](ProvidersApi.md#policy_group_templates_get_configured_policy_template) | **GET** /providers/{provider_id}/configuredpolicytemplates/{id} | Retrieve a configured policy template by id. +[**policy_group_templates_list**](ProvidersApi.md#policy_group_templates_list) | **GET** /providers/{provider_id}/policygrouptemplates | List a provider's policy group templates. +[**policy_group_templates_list_configured_policy_templates**](ProvidersApi.md#policy_group_templates_list_configured_policy_templates) | **GET** /providers/{provider_id}/configuredpolicytemplates | List a provider's configured policy templates. +[**policy_group_templates_list_members**](ProvidersApi.md#policy_group_templates_list_members) | **GET** /providers/{provider_id}/policygrouptemplates/{id}/members | Gets the list of members from a policy group template. +[**provider_organizations_create_org**](ProvidersApi.md#provider_organizations_create_org) | **POST** /providers/{provider_id}/organizations | Create Provider Organization +[**provider_organizations_update_org**](ProvidersApi.md#provider_organizations_update_org) | **PUT** /providers/{provider_id}/organizations/{id} | Update Provider Organization +[**providers_get_provider**](ProvidersApi.md#providers_get_provider) | **GET** /providers/{provider_id} | Retrieve Provider [**providers_list_administrators**](ProvidersApi.md#providers_list_administrators) | **GET** /providers/{provider_id}/administrators | List Provider Administrators +[**providers_list_organizations**](ProvidersApi.md#providers_list_organizations) | **GET** /providers/{provider_id}/organizations | List Provider Organizations [**providers_post_admins**](ProvidersApi.md#providers_post_admins) | **POST** /providers/{provider_id}/administrators | Create a new Provider Administrator +[**providers_provider_list_case**](ProvidersApi.md#providers_provider_list_case) | **GET** /providers/{provider_id}/cases | Get all cases (Support/Feature requests) for provider +[**providers_remove_administrator**](ProvidersApi.md#providers_remove_administrator) | **DELETE** /providers/{provider_id}/administrators/{id} | Delete Provider Administrator +[**providers_retrieve_integrations**](ProvidersApi.md#providers_retrieve_integrations) | **GET** /providers/{provider_id}/integrations | Retrieve Integrations for Provider +[**providers_retrieve_invoice**](ProvidersApi.md#providers_retrieve_invoice) | **GET** /providers/{provider_id}/invoices/{ID} | Download a provider's invoice. +[**providers_retrieve_invoices**](ProvidersApi.md#providers_retrieve_invoices) | **GET** /providers/{provider_id}/invoices | List a provider's invoices. +[**syncro_create_configuration**](ProvidersApi.md#syncro_create_configuration) | **POST** /providers/{provider_id}/integrations/syncro | Creates a new Syncro integration for the provider +[**syncro_delete_configuration**](ProvidersApi.md#syncro_delete_configuration) | **DELETE** /integrations/syncro/{UUID} | Delete Syncro Integration +[**syncro_get_configuration**](ProvidersApi.md#syncro_get_configuration) | **GET** /integrations/syncro/{UUID} | Retrieve Syncro Integration Configuration +[**syncro_patch_mappings**](ProvidersApi.md#syncro_patch_mappings) | **PATCH** /integrations/syncro/{UUID}/mappings | Create, edit, and/or delete Syncro Mappings +[**syncro_patch_settings**](ProvidersApi.md#syncro_patch_settings) | **PATCH** /integrations/syncro/{UUID}/settings | Create, edit, and/or delete Syncro Integration settings +[**syncro_retrieve_all_alert_configuration_options**](ProvidersApi.md#syncro_retrieve_all_alert_configuration_options) | **GET** /providers/{provider_id}/integrations/syncro/alerts/configuration/options | Get all Syncro ticketing alert configuration options for a provider +[**syncro_retrieve_all_alert_configurations**](ProvidersApi.md#syncro_retrieve_all_alert_configurations) | **GET** /providers/{provider_id}/integrations/syncro/alerts/configuration | Get all Syncro ticketing alert configurations for a provider +[**syncro_retrieve_billing_mapping_configuration_options**](ProvidersApi.md#syncro_retrieve_billing_mapping_configuration_options) | **GET** /integrations/syncro/{UUID}/billing_mapping_configuration_options | Retrieve Syncro billing mappings dependencies +[**syncro_retrieve_companies**](ProvidersApi.md#syncro_retrieve_companies) | **GET** /integrations/syncro/{UUID}/companies | Retrieve Syncro Companies +[**syncro_retrieve_mappings**](ProvidersApi.md#syncro_retrieve_mappings) | **GET** /integrations/syncro/{UUID}/mappings | Retrieve Syncro mappings +[**syncro_retrieve_settings**](ProvidersApi.md#syncro_retrieve_settings) | **GET** /integrations/syncro/{UUID}/settings | Retrieve Syncro Integration settings +[**syncro_update_alert_configuration**](ProvidersApi.md#syncro_update_alert_configuration) | **PUT** /providers/{provider_id}/integrations/syncro/alerts/{alert_UUID}/configuration | Update a Syncro ticketing alert's configuration +[**syncro_update_configuration**](ProvidersApi.md#syncro_update_configuration) | **PATCH** /integrations/syncro/{UUID} | Update Syncro Integration configuration + +# **autotask_create_configuration** +> InlineResponse201 autotask_create_configuration(provider_id, opts) + +Creates a new Autotask integration for the provider + +Creates a new Autotask integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with Autotask. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::AutotaskIntegrationReq.new # AutotaskIntegrationReq | +} + +begin + #Creates a new Autotask integration for the provider + result = api_instance.autotask_create_configuration(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_create_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **body** | [**AutotaskIntegrationReq**](AutotaskIntegrationReq.md)| | [optional] + +### Return type + +[**InlineResponse201**](InlineResponse201.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **autotask_delete_configuration** +> autotask_delete_configuration(uuid) + +Delete Autotask Integration + +Removes a Autotask integration. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Delete Autotask Integration + api_instance.autotask_delete_configuration(uuid) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_delete_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_get_configuration** +> AutotaskIntegration autotask_get_configuration(uuid) + +Retrieve Autotask Integration Configuration + +Retrieves configuration for given Autotask integration id. You must be associated to the provider the integration is tied to in order to use this api. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Autotask Integration Configuration + result = api_instance.autotask_get_configuration(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_get_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +[**AutotaskIntegration**](AutotaskIntegration.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_patch_mappings** +> AutotaskMappingResponse autotask_patch_mappings(uuid, opts) + +Create, edit, and/or delete Autotask Mappings + +Create, edit, and/or delete mappings between Jumpcloud organizations and Autotask companies/contracts/services. You must be associated to the same provider as the Autotask integration to use this api. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::AutotaskMappingRequest.new # AutotaskMappingRequest | +} + +begin + #Create, edit, and/or delete Autotask Mappings + result = api_instance.autotask_patch_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_patch_mappings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **body** | [**AutotaskMappingRequest**](AutotaskMappingRequest.md)| | [optional] + +### Return type + +[**AutotaskMappingResponse**](AutotaskMappingResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **autotask_patch_settings** +> AutotaskSettings autotask_patch_settings(uuid, opts) + +Create, edit, and/or delete Autotask Integration settings + +Create, edit, and/or delete Autotask settings. You must be associated to the same provider as the Autotask integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::AutotaskSettingsPatchReq.new # AutotaskSettingsPatchReq | +} + +begin + #Create, edit, and/or delete Autotask Integration settings + result = api_instance.autotask_patch_settings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_patch_settings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **body** | [**AutotaskSettingsPatchReq**](AutotaskSettingsPatchReq.md)| | [optional] + +### Return type + +[**AutotaskSettings**](AutotaskSettings.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **autotask_retrieve_all_alert_configuration_options** +> AutotaskTicketingAlertConfigurationOptions autotask_retrieve_all_alert_configuration_options(provider_id) + +Get all Autotask ticketing alert configuration options for a provider + +Get all Autotask ticketing alert configuration options for a provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all Autotask ticketing alert configuration options for a provider + result = api_instance.autotask_retrieve_all_alert_configuration_options(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_all_alert_configuration_options: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + +### Return type + +[**AutotaskTicketingAlertConfigurationOptions**](AutotaskTicketingAlertConfigurationOptions.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_retrieve_all_alert_configurations** +> AutotaskTicketingAlertConfigurationList autotask_retrieve_all_alert_configurations(provider_id) + +Get all Autotask ticketing alert configurations for a provider + +Get all Autotask ticketing alert configurations for a provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all Autotask ticketing alert configurations for a provider + result = api_instance.autotask_retrieve_all_alert_configurations(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_all_alert_configurations: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + +### Return type + +[**AutotaskTicketingAlertConfigurationList**](AutotaskTicketingAlertConfigurationList.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_retrieve_companies** +> AutotaskCompanyResp autotask_retrieve_companies(uuid, opts) + +Retrieve Autotask Companies + +Retrieves a list of Autotask companies for the given Autotask id. You must be associated to the same provider as the Autotask integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Autotask Companies + result = api_instance.autotask_retrieve_companies(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_companies: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**AutotaskCompanyResp**](AutotaskCompanyResp.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_retrieve_company_types** +> AutotaskCompanyTypeResp autotask_retrieve_company_types(uuid) + +Retrieve Autotask Company Types + +Retrieves a list of user defined company types from Autotask for the given Autotask id. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Autotask Company Types + result = api_instance.autotask_retrieve_company_types(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_company_types: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +[**AutotaskCompanyTypeResp**](AutotaskCompanyTypeResp.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_retrieve_contracts** +> InlineResponse2003 autotask_retrieve_contracts(uuid, opts) + +Retrieve Autotask Contracts + +Retrieves a list of Autotask contracts for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Autotask Contracts + result = api_instance.autotask_retrieve_contracts(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_contracts: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse2003**](InlineResponse2003.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_retrieve_contracts_fields** +> InlineResponse2004 autotask_retrieve_contracts_fields(uuid) + +Retrieve Autotask Contract Fields + +Retrieves a list of Autotask contract fields for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Autotask Contract Fields + result = api_instance.autotask_retrieve_contracts_fields(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_contracts_fields: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +[**InlineResponse2004**](InlineResponse2004.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_retrieve_mappings** +> InlineResponse2006 autotask_retrieve_mappings(uuid, opts) + +Retrieve Autotask mappings + +Retrieves the list of mappings for this Autotask integration. You must be associated to the same provider as the Autotask integration to use this api. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Autotask mappings + result = api_instance.autotask_retrieve_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_mappings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse2006**](InlineResponse2006.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_retrieve_services** +> InlineResponse2005 autotask_retrieve_services(uuid, opts) + +Retrieve Autotask Contract Services + +Retrieves a list of Autotask contract services for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Autotask Contract Services + result = api_instance.autotask_retrieve_services(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_services: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse2005**](InlineResponse2005.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_retrieve_settings** +> AutotaskSettings autotask_retrieve_settings(uuid) + +Retrieve Autotask Integration settings + +Retrieve the Autotask integration settings. You must be associated to the same provider as the Autotask integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Autotask Integration settings + result = api_instance.autotask_retrieve_settings(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_retrieve_settings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +[**AutotaskSettings**](AutotaskSettings.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **autotask_update_alert_configuration** +> AutotaskTicketingAlertConfiguration autotask_update_alert_configuration(provider_idalert_uuid, opts) + +Update an Autotask ticketing alert's configuration + +Update an Autotask ticketing alert's configuration + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +alert_uuid = 'alert_uuid_example' # String | +opts = { + body: JCAPIv2::AutotaskTicketingAlertConfigurationRequest.new # AutotaskTicketingAlertConfigurationRequest | +} + +begin + #Update an Autotask ticketing alert's configuration + result = api_instance.autotask_update_alert_configuration(provider_idalert_uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_update_alert_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **alert_uuid** | **String**| | + **body** | [**AutotaskTicketingAlertConfigurationRequest**](AutotaskTicketingAlertConfigurationRequest.md)| | [optional] + +### Return type + +[**AutotaskTicketingAlertConfiguration**](AutotaskTicketingAlertConfiguration.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **autotask_update_configuration** +> AutotaskIntegration autotask_update_configuration(uuid, opts) + +Update Autotask Integration configuration + +Update the Autotask integration configuration. A 422 Unprocessable Entity response means the server failed to validate with Autotask. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::AutotaskIntegrationPatchReq.new # AutotaskIntegrationPatchReq | +} + +begin + #Update Autotask Integration configuration + result = api_instance.autotask_update_configuration(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->autotask_update_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **body** | [**AutotaskIntegrationPatchReq**](AutotaskIntegrationPatchReq.md)| | [optional] + +### Return type + +[**AutotaskIntegration**](AutotaskIntegration.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **billing_get_contract** +> String billing_get_contract(provider_id) + +Retrieve contract for a Provider + +Retrieve contract for a Provider + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'B' # String | + + +begin + #Retrieve contract for a Provider + result = api_instance.billing_get_contract(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->billing_get_contract: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + +### Return type + +**String** + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/pdf + + + +# **billing_get_details** +> JumpcloudMspGetDetailsResponse billing_get_details(provider_id) + +Retrieve billing details for a Provider + +Retrieve billing details for a Provider + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'B' # String | + + +begin + #Retrieve billing details for a Provider + result = api_instance.billing_get_details(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->billing_get_details: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + +### Return type + +[**JumpcloudMspGetDetailsResponse**](JumpcloudMspGetDetailsResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_create_configuration** +> InlineResponse201 connectwise_create_configuration(provider_id, opts) + +Creates a new ConnectWise integration for the provider + +Creates a new ConnectWise integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with ConnectWise. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::ConnectwiseIntegrationReq.new # ConnectwiseIntegrationReq | +} + +begin + #Creates a new ConnectWise integration for the provider + result = api_instance.connectwise_create_configuration(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_create_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **body** | [**ConnectwiseIntegrationReq**](ConnectwiseIntegrationReq.md)| | [optional] + +### Return type + +[**InlineResponse201**](InlineResponse201.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **connectwise_delete_configuration** +> connectwise_delete_configuration(uuid) + +Delete ConnectWise Integration + +Removes a ConnectWise integration. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Delete ConnectWise Integration + api_instance.connectwise_delete_configuration(uuid) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_delete_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_get_configuration** +> ConnectwiseIntegration connectwise_get_configuration(uuid) + +Retrieve ConnectWise Integration Configuration + +Retrieves configuration for given ConnectWise integration id. You must be associated to the provider the integration is tied to in order to use this api. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve ConnectWise Integration Configuration + result = api_instance.connectwise_get_configuration(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_get_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +[**ConnectwiseIntegration**](ConnectwiseIntegration.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_patch_mappings** +> ConnectWiseMappingRequest connectwise_patch_mappings(uuid, opts) + +Create, edit, and/or delete ConnectWise Mappings + +Create, edit, and/or delete mappings between Jumpcloud organizations and ConnectWise companies/agreements/additions. You must be associated to the same provider as the ConnectWise integration to use this api. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::ConnectWiseMappingRequest.new # ConnectWiseMappingRequest | +} + +begin + #Create, edit, and/or delete ConnectWise Mappings + result = api_instance.connectwise_patch_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_patch_mappings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **body** | [**ConnectWiseMappingRequest**](ConnectWiseMappingRequest.md)| | [optional] + +### Return type + +[**ConnectWiseMappingRequest**](ConnectWiseMappingRequest.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **connectwise_patch_settings** +> ConnectWiseSettings connectwise_patch_settings(uuid, opts) + +Create, edit, and/or delete ConnectWise Integration settings + +Create, edit, and/or delete ConnectWiseIntegration settings. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::ConnectWiseSettingsPatchReq.new # ConnectWiseSettingsPatchReq | +} + +begin + #Create, edit, and/or delete ConnectWise Integration settings + result = api_instance.connectwise_patch_settings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_patch_settings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **body** | [**ConnectWiseSettingsPatchReq**](ConnectWiseSettingsPatchReq.md)| | [optional] + +### Return type + +[**ConnectWiseSettings**](ConnectWiseSettings.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **connectwise_retrieve_additions** +> InlineResponse2008 connectwise_retrieve_additions(uuid, agreement_id, opts) + +Retrieve ConnectWise Additions + +Retrieves a list of ConnectWise additions for the given ConnectWise id and Agreement id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +agreement_id = 'agreement_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve ConnectWise Additions + result = api_instance.connectwise_retrieve_additions(uuid, agreement_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_additions: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **agreement_id** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse2008**](InlineResponse2008.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_retrieve_agreements** +> InlineResponse2007 connectwise_retrieve_agreements(uuid, opts) + +Retrieve ConnectWise Agreements + +Retrieves a list of ConnectWise agreements for the given ConnectWise id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve ConnectWise Agreements + result = api_instance.connectwise_retrieve_agreements(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_agreements: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse2007**](InlineResponse2007.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_retrieve_all_alert_configuration_options** +> ConnectWiseTicketingAlertConfigurationOptions connectwise_retrieve_all_alert_configuration_options(provider_id) + +Get all ConnectWise ticketing alert configuration options for a provider + +Get all ConnectWise ticketing alert configuration options for a provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all ConnectWise ticketing alert configuration options for a provider + result = api_instance.connectwise_retrieve_all_alert_configuration_options(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_all_alert_configuration_options: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + +### Return type + +[**ConnectWiseTicketingAlertConfigurationOptions**](ConnectWiseTicketingAlertConfigurationOptions.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_retrieve_all_alert_configurations** +> ConnectWiseTicketingAlertConfigurationList connectwise_retrieve_all_alert_configurations(provider_id) + +Get all ConnectWise ticketing alert configurations for a provider + +Get all ConnectWise ticketing alert configurations for a provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all ConnectWise ticketing alert configurations for a provider + result = api_instance.connectwise_retrieve_all_alert_configurations(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_all_alert_configurations: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + +### Return type + +[**ConnectWiseTicketingAlertConfigurationList**](ConnectWiseTicketingAlertConfigurationList.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_retrieve_companies** +> ConnectwiseCompanyResp connectwise_retrieve_companies(uuid, opts) + +Retrieve ConnectWise Companies + +Retrieves a list of ConnectWise companies for the given ConnectWise id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve ConnectWise Companies + result = api_instance.connectwise_retrieve_companies(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_companies: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**ConnectwiseCompanyResp**](ConnectwiseCompanyResp.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_retrieve_company_types** +> ConnectwiseCompanyTypeResp connectwise_retrieve_company_types(uuid) + +Retrieve ConnectWise Company Types + +Retrieves a list of user defined company types from ConnectWise for the given ConnectWise id. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve ConnectWise Company Types + result = api_instance.connectwise_retrieve_company_types(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_company_types: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +[**ConnectwiseCompanyTypeResp**](ConnectwiseCompanyTypeResp.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_retrieve_mappings** +> InlineResponse2009 connectwise_retrieve_mappings(uuid, opts) + +Retrieve ConnectWise mappings + +Retrieves the list of mappings for this ConnectWise integration. You must be associated to the same provider as the ConnectWise integration to use this api. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve ConnectWise mappings + result = api_instance.connectwise_retrieve_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_mappings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse2009**](InlineResponse2009.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_retrieve_settings** +> ConnectWiseSettings connectwise_retrieve_settings(uuid) + +Retrieve ConnectWise Integration settings + +Retrieve the ConnectWise integration settings. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve ConnectWise Integration settings + result = api_instance.connectwise_retrieve_settings(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_retrieve_settings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +[**ConnectWiseSettings**](ConnectWiseSettings.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **connectwise_update_alert_configuration** +> ConnectWiseTicketingAlertConfiguration connectwise_update_alert_configuration(provider_idalert_uuid, opts) + +Update a ConnectWise ticketing alert's configuration + +Update a ConnectWise ticketing alert's configuration. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +alert_uuid = 'alert_uuid_example' # String | +opts = { + body: JCAPIv2::ConnectWiseTicketingAlertConfigurationRequest.new # ConnectWiseTicketingAlertConfigurationRequest | +} + +begin + #Update a ConnectWise ticketing alert's configuration + result = api_instance.connectwise_update_alert_configuration(provider_idalert_uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_update_alert_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **alert_uuid** | **String**| | + **body** | [**ConnectWiseTicketingAlertConfigurationRequest**](ConnectWiseTicketingAlertConfigurationRequest.md)| | [optional] + +### Return type + +[**ConnectWiseTicketingAlertConfiguration**](ConnectWiseTicketingAlertConfiguration.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **connectwise_update_configuration** +> ConnectwiseIntegration connectwise_update_configuration(uuid, opts) + +Update ConnectWise Integration configuration + +Update the ConnectWise integration configuration. A 422 Unprocessable Entity response means the server failed to validate with ConnectWise. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::ConnectwiseIntegrationPatchReq.new # ConnectwiseIntegrationPatchReq | +} + +begin + #Update ConnectWise Integration configuration + result = api_instance.connectwise_update_configuration(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->connectwise_update_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **body** | [**ConnectwiseIntegrationPatchReq**](ConnectwiseIntegrationPatchReq.md)| | [optional] + +### Return type + +[**ConnectwiseIntegration**](ConnectwiseIntegration.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **mtp_integration_retrieve_alerts** +> TicketingIntegrationAlertsResp mtp_integration_retrieve_alerts(provider_id) + +Get all ticketing alerts available for a provider's ticketing integration. + +Get all ticketing alerts available for a provider's ticketing integration. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all ticketing alerts available for a provider's ticketing integration. + result = api_instance.mtp_integration_retrieve_alerts(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->mtp_integration_retrieve_alerts: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + +### Return type + +[**TicketingIntegrationAlertsResp**](TicketingIntegrationAlertsResp.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **mtp_integration_retrieve_sync_errors** +> IntegrationSyncErrorResp mtp_integration_retrieve_sync_errors(uuid, integration_type) + +Retrieve Recent Integration Sync Errors + +Retrieves recent sync errors for given integration type and integration id. You must be associated to the provider the integration is tied to in order to use this api. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +integration_type = 'integration_type_example' # String | + + +begin + #Retrieve Recent Integration Sync Errors + result = api_instance.mtp_integration_retrieve_sync_errors(uuid, integration_type) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->mtp_integration_retrieve_sync_errors: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **integration_type** | **String**| | + +### Return type + +[**IntegrationSyncErrorResp**](IntegrationSyncErrorResp.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_delete** +> policy_group_templates_delete(provider_id, id) + +Deletes policy group template. + +Deletes a Policy Group Template. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Deletes policy group template. + api_instance.policy_group_templates_delete(provider_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_get** +> PolicyGroupTemplate policy_group_templates_get(provider_id, id) + +Gets a provider's policy group template. + +Retrieves a Policy Group Template for this provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Gets a provider's policy group template. + result = api_instance.policy_group_templates_get(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +[**PolicyGroupTemplate**](PolicyGroupTemplate.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_get_configured_policy_template** +> ConfiguredPolicyTemplate policy_group_templates_get_configured_policy_template(provider_id, id) + +Retrieve a configured policy template by id. + +Retrieves a Configured Policy Templates for this provider and Id. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Retrieve a configured policy template by id. + result = api_instance.policy_group_templates_get_configured_policy_template(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_get_configured_policy_template: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +[**ConfiguredPolicyTemplate**](ConfiguredPolicyTemplate.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_list** +> PolicyGroupTemplates policy_group_templates_list(provider_id, opts) + +List a provider's policy group templates. + +Retrieves a list of Policy Group Templates for this provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's policy group templates. + result = api_instance.policy_group_templates_list(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**PolicyGroupTemplates**](PolicyGroupTemplates.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_list_configured_policy_templates** +> InlineResponse20014 policy_group_templates_list_configured_policy_templates(provider_id, opts) + +List a provider's configured policy templates. + +Retrieves a list of Configured Policy Templates for this provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List a provider's configured policy templates. + result = api_instance.policy_group_templates_list_configured_policy_templates(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_list_configured_policy_templates: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**InlineResponse20014**](InlineResponse20014.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **policy_group_templates_list_members** +> PolicyGroupTemplateMembers policy_group_templates_list_members(provider_id, id, opts) + +Gets the list of members from a policy group template. + +Retrieves a Policy Group Template's Members. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Gets the list of members from a policy group template. + result = api_instance.policy_group_templates_list_members(provider_id, id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->policy_group_templates_list_members: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**PolicyGroupTemplateMembers**](PolicyGroupTemplateMembers.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **provider_organizations_create_org** +> Organization provider_organizations_create_org(provider_id, opts) + +Create Provider Organization + +This endpoint creates a new organization under the provider + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::CreateOrganization.new # CreateOrganization | +} + +begin + #Create Provider Organization + result = api_instance.provider_organizations_create_org(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->provider_organizations_create_org: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **body** | [**CreateOrganization**](CreateOrganization.md)| | [optional] + +### Return type + +[**Organization**](Organization.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **provider_organizations_update_org** +> Organization provider_organizations_update_org(provider_idid, opts) + +Update Provider Organization + +This endpoint updates a provider's organization + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | +opts = { + body: JCAPIv2::Organization.new # Organization | +} + +begin + #Update Provider Organization + result = api_instance.provider_organizations_update_org(provider_idid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->provider_organizations_update_org: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + **body** | [**Organization**](Organization.md)| | [optional] + +### Return type + +[**Organization**](Organization.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **providers_get_provider** +> Provider providers_get_provider(provider_id, opts) + +Retrieve Provider + +This endpoint returns details about a provider + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'] # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. +} + +begin + #Retrieve Provider + result = api_instance.providers_get_provider(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_get_provider: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + +### Return type + +[**Provider**](Provider.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + # **providers_list_administrators** -> InlineResponse2001 providers_list_administrators(provider_id, content_type, accept, opts) +> InlineResponse20013 providers_list_administrators(provider_id, opts) + +List Provider Administrators + +This endpoint returns a list of the Administrators associated with the Provider. You must be associated with the provider to use this route. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort_ignore_case: ['sort_ignore_case_example'] # Array | The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List Provider Administrators + result = api_instance.providers_list_administrators(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_list_administrators: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **sort_ignore_case** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse20013**](InlineResponse20013.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **providers_list_organizations** +> InlineResponse20015 providers_list_organizations(provider_id, opts) + +List Provider Organizations + +This endpoint returns a list of the Organizations associated with the Provider. You must be associated with the provider to use this route. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort_ignore_case: ['sort_ignore_case_example'] # Array | The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List Provider Organizations + result = api_instance.providers_list_organizations(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_list_organizations: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **sort_ignore_case** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse20015**](InlineResponse20015.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **providers_post_admins** +> Administrator providers_post_admins(provider_id, opts) + +Create a new Provider Administrator + +This endpoint allows you to create a provider administrator. You must be associated with the provider to use this route. You must provide either `role` or `roleName`. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::ProviderAdminReq.new # ProviderAdminReq | +} + +begin + #Create a new Provider Administrator + result = api_instance.providers_post_admins(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_post_admins: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **body** | [**ProviderAdminReq**](ProviderAdminReq.md)| | [optional] + +### Return type + +[**Administrator**](Administrator.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **providers_provider_list_case** +> CasesResponse providers_provider_list_case(provider_id, opts) + +Get all cases (Support/Feature requests) for provider + +This endpoint returns the cases (Support/Feature requests) for the provider + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #Get all cases (Support/Feature requests) for provider + result = api_instance.providers_provider_list_case(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_provider_list_case: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**CasesResponse**](CasesResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **providers_remove_administrator** +> providers_remove_administrator(provider_id, id) + +Delete Provider Administrator + +This endpoint removes an Administrator associated with the Provider. You must be associated with the provider to use this route. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Delete Provider Administrator + api_instance.providers_remove_administrator(provider_id, id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_remove_administrator: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **providers_retrieve_integrations** +> IntegrationsResponse providers_retrieve_integrations(provider_id, opts) + +Retrieve Integrations for Provider + +Retrieves a list of integrations this provider has configured. You must be associated to the provider to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Integrations for Provider + result = api_instance.providers_retrieve_integrations(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_retrieve_integrations: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**IntegrationsResponse**](IntegrationsResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **providers_retrieve_invoice** +> String providers_retrieve_invoice(provider_id, id) + +Download a provider's invoice. + +Retrieves an invoice for this provider. You must be associated to the provider to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +id = 'id_example' # String | + + +begin + #Download a provider's invoice. + result = api_instance.providers_retrieve_invoice(provider_id, id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_retrieve_invoice: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **id** | **String**| | + +### Return type + +**String** + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/pdf + + + +# **providers_retrieve_invoices** +> ProviderInvoiceResponse providers_retrieve_invoices(provider_id, opts) + +List a provider's invoices. + +Retrieves a list of invoices for this provider. You must be associated to the provider to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + limit: 10 # Integer | The number of records to return at once. Limited to 100. +} + +begin + #List a provider's invoices. + result = api_instance.providers_retrieve_invoices(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->providers_retrieve_invoices: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + +### Return type + +[**ProviderInvoiceResponse**](ProviderInvoiceResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **syncro_create_configuration** +> InlineResponse201 syncro_create_configuration(provider_id, opts) + +Creates a new Syncro integration for the provider + +Creates a new Syncro integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with Syncro. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +opts = { + body: JCAPIv2::SyncroIntegrationReq.new # SyncroIntegrationReq | +} + +begin + #Creates a new Syncro integration for the provider + result = api_instance.syncro_create_configuration(provider_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_create_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + **body** | [**SyncroIntegrationReq**](SyncroIntegrationReq.md)| | [optional] + +### Return type + +[**InlineResponse201**](InlineResponse201.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **syncro_delete_configuration** +> syncro_delete_configuration(uuid) + +Delete Syncro Integration + +Removes a Syncro integration. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Delete Syncro Integration + api_instance.syncro_delete_configuration(uuid) +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_delete_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **syncro_get_configuration** +> SyncroIntegration syncro_get_configuration(uuid) + +Retrieve Syncro Integration Configuration + +Retrieves configuration for given Syncro integration id. You must be associated to the provider the integration is tied to in order to use this api. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Syncro Integration Configuration + result = api_instance.syncro_get_configuration(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_get_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +[**SyncroIntegration**](SyncroIntegration.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **syncro_patch_mappings** +> SyncroMappingRequest syncro_patch_mappings(uuid, opts) + +Create, edit, and/or delete Syncro Mappings + +Create, edit, and/or delete mappings between Jumpcloud organizations and Syncro companies. You must be associated to the same provider as the Syncro integration to use this api. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::SyncroMappingRequest.new # SyncroMappingRequest | +} + +begin + #Create, edit, and/or delete Syncro Mappings + result = api_instance.syncro_patch_mappings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_patch_mappings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **body** | [**SyncroMappingRequest**](SyncroMappingRequest.md)| | [optional] + +### Return type + +[**SyncroMappingRequest**](SyncroMappingRequest.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **syncro_patch_settings** +> SyncroSettings syncro_patch_settings(uuid, opts) + +Create, edit, and/or delete Syncro Integration settings + +Create, edit, and/or delete SyncroIntegration settings. You must be associated to the same provider as the Syncro integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::SyncroSettingsPatchReq.new # SyncroSettingsPatchReq | +} + +begin + #Create, edit, and/or delete Syncro Integration settings + result = api_instance.syncro_patch_settings(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_patch_settings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **body** | [**SyncroSettingsPatchReq**](SyncroSettingsPatchReq.md)| | [optional] + +### Return type + +[**SyncroSettings**](SyncroSettings.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **syncro_retrieve_all_alert_configuration_options** +> SyncroTicketingAlertConfigurationOptions syncro_retrieve_all_alert_configuration_options(provider_id) + +Get all Syncro ticketing alert configuration options for a provider + +Get all Syncro ticketing alert configuration options for a provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all Syncro ticketing alert configuration options for a provider + result = api_instance.syncro_retrieve_all_alert_configuration_options(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_retrieve_all_alert_configuration_options: #{e}" +end +``` -List Provider Administrators +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + +### Return type + +[**SyncroTicketingAlertConfigurationOptions**](SyncroTicketingAlertConfigurationOptions.md) + +### Authorization -This endpoint returns a list of the Administrators associated with the Provider. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/providers/{ProviderID}/administrators \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **syncro_retrieve_all_alert_configurations** +> SyncroTicketingAlertConfigurationList syncro_retrieve_all_alert_configurations(provider_id) + +Get all Syncro ticketing alert configurations for a provider + +Get all Syncro ticketing alert configurations for a provider. ### Example ```ruby @@ -28,27 +3400,74 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | + + +begin + #Get all Syncro ticketing alert configurations for a provider + result = api_instance.syncro_retrieve_all_alert_configurations(provider_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_retrieve_all_alert_configurations: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **provider_id** | **String**| | + +### Return type + +[**SyncroTicketingAlertConfigurationList**](SyncroTicketingAlertConfigurationList.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers -provider_id = "provider_id_example" # String | + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **syncro_retrieve_billing_mapping_configuration_options** +> SyncroBillingMappingConfigurationOptionsResp syncro_retrieve_billing_mapping_configuration_options(uuid, opts) -content_type = "application/json" # String | +Retrieve Syncro billing mappings dependencies -accept = "application/json" # String | +Retrieves a list of dependencies for Syncro billing mappings. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. } begin - #List Provider Administrators - result = api_instance.providers_list_administrators(provider_id, content_type, accept, opts) + #Retrieve Syncro billing mappings dependencies + result = api_instance.syncro_retrieve_billing_mapping_configuration_options(uuid, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling ProvidersApi->providers_list_administrators: #{e}" + puts "Exception when calling ProvidersApi->syncro_retrieve_billing_mapping_configuration_options: #{e}" end ``` @@ -56,18 +3475,16 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **provider_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **uuid** | **String**| | **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] ### Return type -[**InlineResponse2001**](InlineResponse2001.md) +[**SyncroBillingMappingConfigurationOptionsResp**](SyncroBillingMappingConfigurationOptionsResp.md) ### Authorization @@ -75,17 +3492,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **providers_post_admins** -> Administrator providers_post_admins(provider_id, content_type, accept, opts) +# **syncro_retrieve_companies** +> SyncroCompanyResp syncro_retrieve_companies(uuid, opts) -Create a new Provider Administrator +Retrieve Syncro Companies -This endpoint allows you to create a provider administrator. You must be associated to the provider to use this route. **Sample Request** ``` curl -X POST https://console.jumpcloud.com/api/v2/providers/{ProviderID}/administrators \\ -H 'Accept: application/json' \\ -H 'Context-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"email\":\"{ADMIN_EMAIL}\" }' ``` +Retrieves a list of Syncro companies for the given Syncro id. You must be associated to the same provider as the Syncro integration to use this endpoint. ### Example ```ruby @@ -100,23 +3517,199 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Retrieve Syncro Companies + result = api_instance.syncro_retrieve_companies(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_retrieve_companies: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**SyncroCompanyResp**](SyncroCompanyResp.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **syncro_retrieve_mappings** +> InlineResponse20010 syncro_retrieve_mappings(uuid, opts) -provider_id = "provider_id_example" # String | +Retrieve Syncro mappings -content_type = "application/json" # String | +Retrieves the list of mappings for this Syncro integration. You must be associated to the same provider as the Syncro integration to use this api. -accept = "application/json" # String | +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | opts = { - body: JCAPIv2::ProviderAdminReq.new # ProviderAdminReq | + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. } begin - #Create a new Provider Administrator - result = api_instance.providers_post_admins(provider_id, content_type, accept, opts) + #Retrieve Syncro mappings + result = api_instance.syncro_retrieve_mappings(uuid, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling ProvidersApi->providers_post_admins: #{e}" + puts "Exception when calling ProvidersApi->syncro_retrieve_mappings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**InlineResponse20010**](InlineResponse20010.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **syncro_retrieve_settings** +> SyncroSettings syncro_retrieve_settings(uuid) + +Retrieve Syncro Integration settings + +Retrieve the Syncro integration settings. You must be associated to the same provider as the Syncro integration to use this endpoint. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | + + +begin + #Retrieve Syncro Integration settings + result = api_instance.syncro_retrieve_settings(uuid) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_retrieve_settings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + +### Return type + +[**SyncroSettings**](SyncroSettings.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **syncro_update_alert_configuration** +> SyncroTicketingAlertConfiguration syncro_update_alert_configuration(provider_idalert_uuid, opts) + +Update a Syncro ticketing alert's configuration + +Update a Syncro ticketing alert's configuration + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +provider_id = 'provider_id_example' # String | +alert_uuid = 'alert_uuid_example' # String | +opts = { + body: JCAPIv2::SyncroTicketingAlertConfigurationRequest.new # SyncroTicketingAlertConfigurationRequest | +} + +begin + #Update a Syncro ticketing alert's configuration + result = api_instance.syncro_update_alert_configuration(provider_idalert_uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_update_alert_configuration: #{e}" end ``` @@ -125,13 +3718,68 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **provider_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**ProviderAdminReq**](ProviderAdminReq.md)| | [optional] + **alert_uuid** | **String**| | + **body** | [**SyncroTicketingAlertConfigurationRequest**](SyncroTicketingAlertConfigurationRequest.md)| | [optional] ### Return type -[**Administrator**](Administrator.md) +[**SyncroTicketingAlertConfiguration**](SyncroTicketingAlertConfiguration.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **syncro_update_configuration** +> SyncroIntegration syncro_update_configuration(uuid, opts) + +Update Syncro Integration configuration + +Update the Syncro integration configuration. A 422 Unprocessable Entity response means the server failed to validate with Syncro. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::ProvidersApi.new +uuid = 'uuid_example' # String | +opts = { + body: JCAPIv2::SyncroIntegrationPatchReq.new # SyncroIntegrationPatchReq | +} + +begin + #Update Syncro Integration configuration + result = api_instance.syncro_update_configuration(uuid, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling ProvidersApi->syncro_update_configuration: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **uuid** | **String**| | + **body** | [**SyncroIntegrationPatchReq**](SyncroIntegrationPatchReq.md)| | [optional] + +### Return type + +[**SyncroIntegration**](SyncroIntegration.md) ### Authorization diff --git a/jcapiv2/docs/PushEndpointResponse.md b/jcapiv2/docs/PushEndpointResponse.md new file mode 100644 index 0000000..d0dd56f --- /dev/null +++ b/jcapiv2/docs/PushEndpointResponse.md @@ -0,0 +1,12 @@ +# JCAPIv2::PushEndpointResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**device** | [**PushEndpointResponseDevice**](PushEndpointResponseDevice.md) | | [optional] +**enrollment_date** | **DateTime** | | [optional] +**id** | **String** | | [optional] +**last_used_date** | **DateTime** | | [optional] +**name** | **String** | | [optional] +**state** | **String** | | [optional] + diff --git a/jcapiv2/docs/PushEndpointResponseDevice.md b/jcapiv2/docs/PushEndpointResponseDevice.md new file mode 100644 index 0000000..f5243b9 --- /dev/null +++ b/jcapiv2/docs/PushEndpointResponseDevice.md @@ -0,0 +1,12 @@ +# JCAPIv2::PushEndpointResponseDevice + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**app_version** | **String** | | [optional] +**make** | **String** | | [optional] +**model** | **String** | | [optional] +**os** | **String** | | [optional] +**os_version** | **String** | | [optional] +**uv_enabled** | **BOOLEAN** | | [optional] + diff --git a/jcapiv2/docs/ActiveDirectoryAgentListOutput.md b/jcapiv2/docs/PushendpointsPushEndpointIdBody.md similarity index 55% rename from jcapiv2/docs/ActiveDirectoryAgentListOutput.md rename to jcapiv2/docs/PushendpointsPushEndpointIdBody.md index 1052443..e722284 100644 --- a/jcapiv2/docs/ActiveDirectoryAgentListOutput.md +++ b/jcapiv2/docs/PushendpointsPushEndpointIdBody.md @@ -1,9 +1,8 @@ -# JCAPIv2::ActiveDirectoryAgentListOutput +# JCAPIv2::PushendpointsPushEndpointIdBody ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**id** | **String** | ObjectID of this Active Directory Agent. | [optional] +**name** | **String** | | [optional] **state** | **String** | | [optional] - diff --git a/jcapiv2/docs/PwmAllUsers.md b/jcapiv2/docs/PwmAllUsers.md new file mode 100644 index 0000000..a3a57f5 --- /dev/null +++ b/jcapiv2/docs/PwmAllUsers.md @@ -0,0 +1,8 @@ +# JCAPIv2::PwmAllUsers + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | **Array<AllOfPwmAllUsersResultsItems>** | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/PwmCloudBackupRestores.md b/jcapiv2/docs/PwmCloudBackupRestores.md new file mode 100644 index 0000000..93ad6ea --- /dev/null +++ b/jcapiv2/docs/PwmCloudBackupRestores.md @@ -0,0 +1,8 @@ +# JCAPIv2::PwmCloudBackupRestores + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**approved** | **Integer** | | [optional] +**requested** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/PwmItemHistory.md b/jcapiv2/docs/PwmItemHistory.md new file mode 100644 index 0000000..d24c840 --- /dev/null +++ b/jcapiv2/docs/PwmItemHistory.md @@ -0,0 +1,10 @@ +# JCAPIv2::PwmItemHistory + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**created_by** | **String** | | [optional] +**date_created** | **String** | | [optional] +**date_updated** | **String** | | [optional] +**updated_by** | **String** | | [optional] + diff --git a/jcapiv2/docs/PwmItemsCountByType.md b/jcapiv2/docs/PwmItemsCountByType.md new file mode 100644 index 0000000..0d97998 --- /dev/null +++ b/jcapiv2/docs/PwmItemsCountByType.md @@ -0,0 +1,8 @@ +# JCAPIv2::PwmItemsCountByType + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**count** | **Integer** | | [optional] +**type** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/PwmItemsMetadata.md b/jcapiv2/docs/PwmItemsMetadata.md new file mode 100644 index 0000000..3f7b1ab --- /dev/null +++ b/jcapiv2/docs/PwmItemsMetadata.md @@ -0,0 +1,9 @@ +# JCAPIv2::PwmItemsMetadata + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**items** | [**Array<PwmItemsCountByType>**](PwmItemsCountByType.md) | | [optional] +**results** | **Array<AllOfPwmItemsMetadataResultsItems>** | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/PwmOverviewAppVersions.md b/jcapiv2/docs/PwmOverviewAppVersions.md new file mode 100644 index 0000000..caad66a --- /dev/null +++ b/jcapiv2/docs/PwmOverviewAppVersions.md @@ -0,0 +1,8 @@ +# JCAPIv2::PwmOverviewAppVersions + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<PwmOverviewAppVersionsResults>**](PwmOverviewAppVersionsResults.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/PwmOverviewAppVersionsResults.md b/jcapiv2/docs/PwmOverviewAppVersionsResults.md new file mode 100644 index 0000000..f9a1ca9 --- /dev/null +++ b/jcapiv2/docs/PwmOverviewAppVersionsResults.md @@ -0,0 +1,8 @@ +# JCAPIv2::PwmOverviewAppVersionsResults + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**users_count** | **Integer** | | [optional] +**version** | **String** | | [optional] + diff --git a/jcapiv2/docs/PwmOverviewMain.md b/jcapiv2/docs/PwmOverviewMain.md new file mode 100644 index 0000000..b06d829 --- /dev/null +++ b/jcapiv2/docs/PwmOverviewMain.md @@ -0,0 +1,16 @@ +# JCAPIv2::PwmOverviewMain + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**compromised_passwords** | **Integer** | | [optional] +**devices** | [**Array<PwmOverviewMainDevices>**](PwmOverviewMainDevices.md) | | +**enrolled_groups** | **Integer** | | [optional] +**old_passwords** | **Integer** | | [optional] +**passwords_count** | **Integer** | | [optional] +**passwords_score** | [**BigDecimal**](BigDecimal.md) | | [optional] +**pending_invites** | **Integer** | | +**shared_folders** | **Integer** | | +**total_users** | **Integer** | | +**weak_passwords** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/PwmOverviewMainDevices.md b/jcapiv2/docs/PwmOverviewMainDevices.md new file mode 100644 index 0000000..380e0f6 --- /dev/null +++ b/jcapiv2/docs/PwmOverviewMainDevices.md @@ -0,0 +1,9 @@ +# JCAPIv2::PwmOverviewMainDevices + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**count** | **Integer** | | [optional] +**id** | **Integer** | | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/PwmUser.md b/jcapiv2/docs/PwmUser.md new file mode 100644 index 0000000..bbe14a1 --- /dev/null +++ b/jcapiv2/docs/PwmUser.md @@ -0,0 +1,20 @@ +# JCAPIv2::PwmUser + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**apps** | [**Apps**](Apps.md) | | [optional] +**cloud_backup_restores** | [**PwmCloudBackupRestores**](PwmCloudBackupRestores.md) | | [optional] +**email** | **String** | | +**employee_uuid** | **String** | | [optional] +**external_id** | **String** | | [optional] +**groups** | [**Groups**](Groups.md) | | [optional] +**id** | **String** | | +**items_count** | **Integer** | | [optional] +**name** | **String** | | +**passwords_count** | **Integer** | | [optional] +**passwords_score** | [**BigDecimal**](BigDecimal.md) | | [optional] +**score_updated_at** | **String** | | [optional] +**status** | **String** | | +**username** | **String** | | [optional] + diff --git a/jcapiv2/docs/PwmUserById.md b/jcapiv2/docs/PwmUserById.md new file mode 100644 index 0000000..779b599 --- /dev/null +++ b/jcapiv2/docs/PwmUserById.md @@ -0,0 +1,24 @@ +# JCAPIv2::PwmUserById + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**compromised_passwords** | **Integer** | | [optional] +**old_passwords** | **Integer** | | [optional] +**reused_passwords** | **Integer** | | [optional] +**weak_passwords** | **Integer** | | [optional] +**apps** | [**Apps**](Apps.md) | | [optional] +**cloud_backup_restores** | [**PwmCloudBackupRestores**](PwmCloudBackupRestores.md) | | [optional] +**email** | **String** | | +**employee_uuid** | **String** | | [optional] +**external_id** | **String** | | [optional] +**groups** | [**Groups**](Groups.md) | | [optional] +**id** | **String** | | +**items_count** | **Integer** | | [optional] +**name** | **String** | | +**passwords_count** | **Integer** | | [optional] +**passwords_score** | [**BigDecimal**](BigDecimal.md) | | [optional] +**score_updated_at** | **String** | | [optional] +**status** | **String** | | +**username** | **String** | | [optional] + diff --git a/jcapiv2/docs/PwmUserItem.md b/jcapiv2/docs/PwmUserItem.md new file mode 100644 index 0000000..3c565dd --- /dev/null +++ b/jcapiv2/docs/PwmUserItem.md @@ -0,0 +1,14 @@ +# JCAPIv2::PwmUserItem + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**field1** | **String** | | +**field2** | **String** | | +**folder_name** | **String** | | [optional] +**folder_uuid** | **String** | | [optional] +**id** | **String** | | +**item_uuid** | **String** | | +**nickname** | **String** | | +**type** | **Integer** | | + diff --git a/jcapiv2/docs/PwmUserItems.md b/jcapiv2/docs/PwmUserItems.md new file mode 100644 index 0000000..6b0a2cd --- /dev/null +++ b/jcapiv2/docs/PwmUserItems.md @@ -0,0 +1,9 @@ +# JCAPIv2::PwmUserItems + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**items** | [**Array<PwmItemsCountByType>**](PwmItemsCountByType.md) | | [optional] +**results** | [**Array<PwmUserItem>**](PwmUserItem.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/PwmUserSharedFolders.md b/jcapiv2/docs/PwmUserSharedFolders.md new file mode 100644 index 0000000..69e2e32 --- /dev/null +++ b/jcapiv2/docs/PwmUserSharedFolders.md @@ -0,0 +1,8 @@ +# JCAPIv2::PwmUserSharedFolders + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<PwmUserSharedFoldersResults>**](PwmUserSharedFoldersResults.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/PwmUserSharedFoldersResults.md b/jcapiv2/docs/PwmUserSharedFoldersResults.md new file mode 100644 index 0000000..9b7051d --- /dev/null +++ b/jcapiv2/docs/PwmUserSharedFoldersResults.md @@ -0,0 +1,15 @@ +# JCAPIv2::PwmUserSharedFoldersResults + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**access_level_id** | **String** | | [optional] +**access_level_name** | **String** | | [optional] +**created_at** | **String** | | +**id** | **String** | | +**items_in_folder** | **Integer** | | +**name** | **String** | | +**passwords_score** | [**BigDecimal**](BigDecimal.md) | | [optional] +**score_updated_at** | **String** | | [optional] +**users_with_access** | **Integer** | | + diff --git a/jcapiv2/docs/Query.md b/jcapiv2/docs/Query.md new file mode 100644 index 0000000..824cf02 --- /dev/null +++ b/jcapiv2/docs/Query.md @@ -0,0 +1,7 @@ +# JCAPIv2::Query + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**query_type** | **String** | | + diff --git a/jcapiv2/docs/QueuedCommandList.md b/jcapiv2/docs/QueuedCommandList.md new file mode 100644 index 0000000..ee0f5bc --- /dev/null +++ b/jcapiv2/docs/QueuedCommandList.md @@ -0,0 +1,8 @@ +# JCAPIv2::QueuedCommandList + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<QueuedCommandListResults>**](QueuedCommandListResults.md) | | [optional] +**total_count** | **Integer** | The total number of queued command results. | [optional] + diff --git a/jcapiv2/docs/QueuedCommandListResults.md b/jcapiv2/docs/QueuedCommandListResults.md new file mode 100644 index 0000000..17f4eee --- /dev/null +++ b/jcapiv2/docs/QueuedCommandListResults.md @@ -0,0 +1,10 @@ +# JCAPIv2::QueuedCommandListResults + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**command** | **String** | The ID of the command, from savedAgentCommands. | [optional] +**id** | **String** | The workflowInstanceId. | [optional] +**pending_count** | **Integer** | The number of devices that still haven't received the directive. | [optional] +**system** | **String** | The ID of the device the command is bound to. | [optional] + diff --git a/jcapiv2/docs/RADIUSServersApi.md b/jcapiv2/docs/RADIUSServersApi.md index abe127b..a4143f5 100644 --- a/jcapiv2/docs/RADIUSServersApi.md +++ b/jcapiv2/docs/RADIUSServersApi.md @@ -9,9 +9,8 @@ Method | HTTP request | Description [**graph_radius_server_traverse_user**](RADIUSServersApi.md#graph_radius_server_traverse_user) | **GET** /radiusservers/{radiusserver_id}/users | List the Users bound to a RADIUS Server [**graph_radius_server_traverse_user_group**](RADIUSServersApi.md#graph_radius_server_traverse_user_group) | **GET** /radiusservers/{radiusserver_id}/usergroups | List the User Groups bound to a RADIUS Server - # **graph_radius_server_associations_list** -> Array<GraphConnection> graph_radius_server_associations_list(radiusserver_id, targets, content_type, accept, opts) +> Array<GraphConnection> graph_radius_server_associations_list(radiusserver_id, targets, opts) List the associations of a RADIUS Server @@ -30,24 +29,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::RADIUSServersApi.new - -radiusserver_id = "radiusserver_id_example" # String | ObjectID of the Radius Server. - -targets = ["targets_example"] # Array | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. +targets = ['targets_example'] # Array | Targets which a \"radius_server\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a RADIUS Server - result = api_instance.graph_radius_server_associations_list(radiusserver_id, targets, content_type, accept, opts) + result = api_instance.graph_radius_server_associations_list(radiusserver_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling RADIUSServersApi->graph_radius_server_associations_list: #{e}" @@ -59,12 +51,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **radiusserver_id** | **String**| ObjectID of the Radius Server. | - **targets** | [**Array<String>**](String.md)| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] + **targets** | [**Array<String>**](String.md)| Targets which a \"radius_server\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -76,13 +66,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_radius_server_associations_post** -> graph_radius_server_associations_post(radiusserver_id, content_type, accept, opts) +> graph_radius_server_associations_post(radiusserver_id, opts) Manage the associations of a RADIUS Server @@ -101,21 +91,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::RADIUSServersApi.new - -radiusserver_id = "radiusserver_id_example" # String | ObjectID of the Radius Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. opts = { - body: JCAPIv2::GraphManagementReq.new, # GraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationRadiusServer.new # GraphOperationRadiusServer | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a RADIUS Server - api_instance.graph_radius_server_associations_post(radiusserver_id, content_type, accept, opts) + api_instance.graph_radius_server_associations_post(radiusserver_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling RADIUSServersApi->graph_radius_server_associations_post: #{e}" end @@ -126,10 +110,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **radiusserver_id** | **String**| ObjectID of the Radius Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**GraphManagementReq**](GraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationRadiusServer**](GraphOperationRadiusServer.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -142,12 +124,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_radius_server_traverse_user** -> Array<GraphObjectWithPaths> graph_radius_server_traverse_user(radiusserver_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_radius_server_traverse_user(radiusserver_id, opts) List the Users bound to a RADIUS Server @@ -166,23 +148,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::RADIUSServersApi.new - -radiusserver_id = "radiusserver_id_example" # String | ObjectID of the Radius Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to a RADIUS Server - result = api_instance.graph_radius_server_traverse_user(radiusserver_id, content_type, accept, opts) + result = api_instance.graph_radius_server_traverse_user(radiusserver_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling RADIUSServersApi->graph_radius_server_traverse_user: #{e}" @@ -194,12 +170,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **radiusserver_id** | **String**| ObjectID of the Radius Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -211,13 +185,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_radius_server_traverse_user_group** -> Array<GraphObjectWithPaths> graph_radius_server_traverse_user_group(radiusserver_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_radius_server_traverse_user_group(radiusserver_id, opts) List the User Groups bound to a RADIUS Server @@ -236,23 +210,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::RADIUSServersApi.new - -radiusserver_id = "radiusserver_id_example" # String | ObjectID of the Radius Server. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +radiusserver_id = 'radiusserver_id_example' # String | ObjectID of the Radius Server. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to a RADIUS Server - result = api_instance.graph_radius_server_traverse_user_group(radiusserver_id, content_type, accept, opts) + result = api_instance.graph_radius_server_traverse_user_group(radiusserver_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling RADIUSServersApi->graph_radius_server_traverse_user_group: #{e}" @@ -264,12 +232,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **radiusserver_id** | **String**| ObjectID of the Radius Server. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -281,7 +247,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/SCIMImportApi.md b/jcapiv2/docs/SCIMImportApi.md new file mode 100644 index 0000000..26613a8 --- /dev/null +++ b/jcapiv2/docs/SCIMImportApi.md @@ -0,0 +1,76 @@ +# JCAPIv2::SCIMImportApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**import_users**](SCIMImportApi.md#import_users) | **GET** /applications/{application_id}/import/users | Get a list of users to import from an Application IdM service provider + +# **import_users** +> ImportUsersResponse import_users(application_id, opts) + +Get a list of users to import from an Application IdM service provider + +Get a list of users to import from an Application IdM service provider. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SCIMImportApi.new +application_id = 'application_id_example' # String | ObjectID of the Application. +opts = { + filter: 'filter_example', # String | Filter users by a search term + query: 'query_example', # String | URL query to merge with the service provider request + sort: 'sort_example', # String | Sort users by supported fields + sort_order: 'asc', # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #Get a list of users to import from an Application IdM service provider + result = api_instance.import_users(application_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SCIMImportApi->import_users: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **application_id** | **String**| ObjectID of the Application. | + **filter** | **String**| Filter users by a search term | [optional] + **query** | **String**| URL query to merge with the service provider request | [optional] + **sort** | **String**| Sort users by supported fields | [optional] + **sort_order** | **String**| | [optional] [default to asc] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**ImportUsersResponse**](ImportUsersResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/SambaDomainInput.md b/jcapiv2/docs/SambaDomain.md similarity index 52% rename from jcapiv2/docs/SambaDomainInput.md rename to jcapiv2/docs/SambaDomain.md index d797fe3..97640e9 100644 --- a/jcapiv2/docs/SambaDomainInput.md +++ b/jcapiv2/docs/SambaDomain.md @@ -1,9 +1,9 @@ -# JCAPIv2::SambaDomainInput +# JCAPIv2::SambaDomain ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**name** | **String** | Name of this domain's WorkGroup | +**id** | **String** | Unique identifier of this domain | [optional] +**name** | **String** | Name of this domain's WorkGroup | **sid** | **String** | Security identifier of this domain | - diff --git a/jcapiv2/docs/SambaDomainOutput.md b/jcapiv2/docs/SambaDomainOutput.md deleted file mode 100644 index df2f3fb..0000000 --- a/jcapiv2/docs/SambaDomainOutput.md +++ /dev/null @@ -1,10 +0,0 @@ -# JCAPIv2::SambaDomainOutput - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**name** | **String** | Name of this domain's WorkGroup | -**sid** | **String** | Security identifier of this domain | -**id** | **String** | Unique identifier of this domain | - - diff --git a/jcapiv2/docs/SambaDomainsApi.md b/jcapiv2/docs/SambaDomainsApi.md index 7b36abe..183e795 100644 --- a/jcapiv2/docs/SambaDomainsApi.md +++ b/jcapiv2/docs/SambaDomainsApi.md @@ -10,7 +10,6 @@ Method | HTTP request | Description [**ldapservers_samba_domains_post**](SambaDomainsApi.md#ldapservers_samba_domains_post) | **POST** /ldapservers/{ldapserver_id}/sambadomains | Create Samba Domain [**ldapservers_samba_domains_put**](SambaDomainsApi.md#ldapservers_samba_domains_put) | **PUT** /ldapservers/{ldapserver_id}/sambadomains/{id} | Update Samba Domain - # **ldapservers_samba_domains_delete** > String ldapservers_samba_domains_delete(ldapserver_id, id, opts) @@ -31,15 +30,10 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SambaDomainsApi.new - -ldapserver_id = "ldapserver_id_example" # String | Unique identifier of the LDAP server. - -id = "id_example" # String | Unique identifier of the samba domain. - +ldapserver_id = 'ldapserver_id_example' # String | Unique identifier of the LDAP server. +id = 'id_example' # String | Unique identifier of the samba domain. opts = { - content_type: "application/json", # String | - accept: "application/json", # String | - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin @@ -57,9 +51,7 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| Unique identifier of the LDAP server. | **id** | **String**| Unique identifier of the samba domain. | - **content_type** | **String**| | [optional] [default to application/json] - **accept** | **String**| | [optional] [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -71,13 +63,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **ldapservers_samba_domains_get** -> SambaDomainOutput ldapservers_samba_domains_get(ldapserver_id, id, opts) +> SambaDomain ldapservers_samba_domains_get(ldapserver_id, id, opts) Get Samba Domain @@ -96,15 +88,10 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SambaDomainsApi.new - -ldapserver_id = "ldapserver_id_example" # String | Unique identifier of the LDAP server. - -id = "id_example" # String | Unique identifier of the samba domain. - +ldapserver_id = 'ldapserver_id_example' # String | Unique identifier of the LDAP server. +id = 'id_example' # String | Unique identifier of the samba domain. opts = { - content_type: "application/json", # String | - accept: "application/json", # String | - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin @@ -122,13 +109,11 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| Unique identifier of the LDAP server. | **id** | **String**| Unique identifier of the samba domain. | - **content_type** | **String**| | [optional] [default to application/json] - **accept** | **String**| | [optional] [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**SambaDomainOutput**](SambaDomainOutput.md) +[**SambaDomain**](SambaDomain.md) ### Authorization @@ -136,13 +121,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **ldapservers_samba_domains_list** -> Array<SambaDomainOutput> ldapservers_samba_domains_list(ldapserver_id, opts) +> Array<SambaDomain> ldapservers_samba_domains_list(ldapserver_id, opts) List Samba Domains @@ -161,18 +146,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SambaDomainsApi.new - -ldapserver_id = "ldapserver_id_example" # String | Unique identifier of the LDAP server. - +ldapserver_id = 'ldapserver_id_example' # String | Unique identifier of the LDAP server. opts = { - content_type: "application/json", # String | - accept: "application/json", # String | - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin @@ -189,18 +170,16 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| Unique identifier of the LDAP server. | - **content_type** | **String**| | [optional] [default to application/json] - **accept** | **String**| | [optional] [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<SambaDomainOutput>**](SambaDomainOutput.md) +[**Array<SambaDomain>**](SambaDomain.md) ### Authorization @@ -208,17 +187,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **ldapservers_samba_domains_post** -> SambaDomainOutput ldapservers_samba_domains_post(ldapserver_id, opts) +> SambaDomain ldapservers_samba_domains_post(ldapserver_id, opts) Create Samba Domain -This endpoint allows you to create a samba domain for an LDAP server. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` +This endpoint allows you to create a samba domain for an LDAP server. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` ### Example ```ruby @@ -233,14 +212,10 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SambaDomainsApi.new - -ldapserver_id = "ldapserver_id_example" # String | Unique identifier of the LDAP server. - +ldapserver_id = 'ldapserver_id_example' # String | Unique identifier of the LDAP server. opts = { - body: JCAPIv2::SambaDomainInput.new, # SambaDomainInput | - content_type: "application/json", # String | - accept: "application/json", # String | - x_org_id: "" # String | + body: JCAPIv2::SambaDomain.new # SambaDomain | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin @@ -257,14 +232,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| Unique identifier of the LDAP server. | - **body** | [**SambaDomainInput**](SambaDomainInput.md)| | [optional] - **content_type** | **String**| | [optional] [default to application/json] - **accept** | **String**| | [optional] [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**SambaDomain**](SambaDomain.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**SambaDomainOutput**](SambaDomainOutput.md) +[**SambaDomain**](SambaDomain.md) ### Authorization @@ -278,11 +251,11 @@ Name | Type | Description | Notes # **ldapservers_samba_domains_put** -> SambaDomainOutput ldapservers_samba_domains_put(ldapserver_id, id, opts) +> SambaDomain ldapservers_samba_domains_put(ldapserver_idid, opts) Update Samba Domain -This endpoint allows you to update the samba domain information for an LDAP server. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` +This endpoint allows you to update the samba domain information for an LDAP server. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` ### Example ```ruby @@ -297,21 +270,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SambaDomainsApi.new - -ldapserver_id = "ldapserver_id_example" # String | Unique identifier of the LDAP server. - -id = "id_example" # String | Unique identifier of the samba domain. - +ldapserver_id = 'ldapserver_id_example' # String | Unique identifier of the LDAP server. +id = 'id_example' # String | Unique identifier of the samba domain. opts = { - body: JCAPIv2::SambaDomainInput.new, # SambaDomainInput | - content_type: "application/json", # String | - accept: "application/json", # String | - x_org_id: "" # String | + body: JCAPIv2::SambaDomain.new # SambaDomain | } begin #Update Samba Domain - result = api_instance.ldapservers_samba_domains_put(ldapserver_id, id, opts) + result = api_instance.ldapservers_samba_domains_put(ldapserver_idid, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SambaDomainsApi->ldapservers_samba_domains_put: #{e}" @@ -324,14 +291,11 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ldapserver_id** | **String**| Unique identifier of the LDAP server. | **id** | **String**| Unique identifier of the samba domain. | - **body** | [**SambaDomainInput**](SambaDomainInput.md)| | [optional] - **content_type** | **String**| | [optional] [default to application/json] - **accept** | **String**| | [optional] [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**SambaDomain**](SambaDomain.md)| | [optional] ### Return type -[**SambaDomainOutput**](SambaDomainOutput.md) +[**SambaDomain**](SambaDomain.md) ### Authorization diff --git a/jcapiv2/docs/ScheduleOSUpdate.md b/jcapiv2/docs/ScheduleOSUpdate.md new file mode 100644 index 0000000..b3ab641 --- /dev/null +++ b/jcapiv2/docs/ScheduleOSUpdate.md @@ -0,0 +1,9 @@ +# JCAPIv2::ScheduleOSUpdate + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**install_action** | [**InstallActionType**](InstallActionType.md) | | +**max_user_deferrals** | **Integer** | | [optional] +**product_key** | **String** | | + diff --git a/jcapiv2/docs/ScheduledUserstateResult.md b/jcapiv2/docs/ScheduledUserstateResult.md new file mode 100644 index 0000000..dd3939a --- /dev/null +++ b/jcapiv2/docs/ScheduledUserstateResult.md @@ -0,0 +1,10 @@ +# JCAPIv2::ScheduledUserstateResult + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**scheduled_date** | **String** | The UTC date and time when the scheduled job will execute. | [optional] +**scheduled_job_id** | **String** | The id of the scheduled job that scheduled the state change. | [optional] +**state** | **String** | The state that the user will be in once the scheduled job executes. | [optional] +**system_user_id** | **String** | The id of the user that the scheduled job will update. | [optional] + diff --git a/jcapiv2/docs/SetupAssistantOption.md b/jcapiv2/docs/SetupAssistantOption.md new file mode 100644 index 0000000..4f5d948 --- /dev/null +++ b/jcapiv2/docs/SetupAssistantOption.md @@ -0,0 +1,6 @@ +# JCAPIv2::SetupAssistantOption + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- + diff --git a/jcapiv2/docs/SharedFolder.md b/jcapiv2/docs/SharedFolder.md new file mode 100644 index 0000000..39b6c03 --- /dev/null +++ b/jcapiv2/docs/SharedFolder.md @@ -0,0 +1,14 @@ +# JCAPIv2::SharedFolder + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**created_at** | **String** | | +**items_in_folder** | **Integer** | | +**name** | **String** | | +**passwords_count** | **Integer** | | [optional] +**passwords_score** | [**BigDecimal**](BigDecimal.md) | | [optional] +**score_updated_at** | **String** | | [optional] +**users_with_access** | **Integer** | | +**uuid** | **String** | | + diff --git a/jcapiv2/docs/SharedFolderAccessLevels.md b/jcapiv2/docs/SharedFolderAccessLevels.md new file mode 100644 index 0000000..cf057bb --- /dev/null +++ b/jcapiv2/docs/SharedFolderAccessLevels.md @@ -0,0 +1,7 @@ +# JCAPIv2::SharedFolderAccessLevels + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<SharedFolderAccessLevelsResults>**](SharedFolderAccessLevelsResults.md) | | + diff --git a/jcapiv2/docs/SharedFolderAccessLevelsResults.md b/jcapiv2/docs/SharedFolderAccessLevelsResults.md new file mode 100644 index 0000000..cbb026a --- /dev/null +++ b/jcapiv2/docs/SharedFolderAccessLevelsResults.md @@ -0,0 +1,9 @@ +# JCAPIv2::SharedFolderAccessLevelsResults + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**description** | **String** | | [optional] +**id** | **String** | | +**name** | **String** | | + diff --git a/jcapiv2/docs/SharedFolderDetails.md b/jcapiv2/docs/SharedFolderDetails.md new file mode 100644 index 0000000..85cd54d --- /dev/null +++ b/jcapiv2/docs/SharedFolderDetails.md @@ -0,0 +1,18 @@ +# JCAPIv2::SharedFolderDetails + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**compromised_passwords** | **Integer** | | [optional] +**old_passwords** | **Integer** | | [optional] +**reused_passwords** | **Integer** | | [optional] +**weak_passwords** | **Integer** | | [optional] +**created_at** | **String** | | +**items_in_folder** | **Integer** | | +**name** | **String** | | +**passwords_count** | **Integer** | | [optional] +**passwords_score** | [**BigDecimal**](BigDecimal.md) | | [optional] +**score_updated_at** | **String** | | [optional] +**users_with_access** | **Integer** | | +**uuid** | **String** | | + diff --git a/jcapiv2/docs/SharedFolderGroups.md b/jcapiv2/docs/SharedFolderGroups.md new file mode 100644 index 0000000..0cd9438 --- /dev/null +++ b/jcapiv2/docs/SharedFolderGroups.md @@ -0,0 +1,8 @@ +# JCAPIv2::SharedFolderGroups + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<GroupPwm>**](GroupPwm.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/SharedFolderUsers.md b/jcapiv2/docs/SharedFolderUsers.md new file mode 100644 index 0000000..df743ec --- /dev/null +++ b/jcapiv2/docs/SharedFolderUsers.md @@ -0,0 +1,8 @@ +# JCAPIv2::SharedFolderUsers + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<SharedFolderUsersResults>**](SharedFolderUsersResults.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/SharedFolderUsersResults.md b/jcapiv2/docs/SharedFolderUsersResults.md new file mode 100644 index 0000000..300073c --- /dev/null +++ b/jcapiv2/docs/SharedFolderUsersResults.md @@ -0,0 +1,16 @@ +# JCAPIv2::SharedFolderUsersResults + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**access_level_id** | **String** | | +**access_level_name** | **String** | | +**apps** | [**Apps**](Apps.md) | | [optional] +**email** | **String** | | +**employee_uuid** | **String** | | [optional] +**external_id** | **String** | | [optional] +**id** | **String** | | +**name** | **String** | | +**status** | **String** | | +**username** | **String** | | [optional] + diff --git a/jcapiv2/docs/SharedFoldersList.md b/jcapiv2/docs/SharedFoldersList.md new file mode 100644 index 0000000..5288672 --- /dev/null +++ b/jcapiv2/docs/SharedFoldersList.md @@ -0,0 +1,8 @@ +# JCAPIv2::SharedFoldersList + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**results** | [**Array<SharedFolder>**](SharedFolder.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/SoftwareApp.md b/jcapiv2/docs/SoftwareApp.md new file mode 100644 index 0000000..c701290 --- /dev/null +++ b/jcapiv2/docs/SoftwareApp.md @@ -0,0 +1,9 @@ +# JCAPIv2::SoftwareApp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**display_name** | **String** | | [optional] +**id** | **String** | | [optional] +**settings** | [**Array<SoftwareAppSettings>**](SoftwareAppSettings.md) | | [optional] + diff --git a/jcapiv2/docs/SoftwareAppAppleVpp.md b/jcapiv2/docs/SoftwareAppAppleVpp.md new file mode 100644 index 0000000..1a2973e --- /dev/null +++ b/jcapiv2/docs/SoftwareAppAppleVpp.md @@ -0,0 +1,13 @@ +# JCAPIv2::SoftwareAppAppleVpp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**app_configuration** | **String** | Text sent to configure the application, the text should be a valid plist. Returned only by 'GET /softwareapps/{id}'. | [optional] +**assigned_licenses** | **Integer** | | [optional] +**available_licenses** | **Integer** | | [optional] +**details** | **Object** | App details returned by iTunes API. See example. The properties in this field are out of our control and we cannot guarantee consistency, so it should be checked by the client and manage the details accordingly. | [optional] +**is_config_enabled** | **BOOLEAN** | Denotes if configuration has been enabled for the application. Returned only by ''GET /softwareapps/{id}''. | [optional] +**supported_device_families** | **Array<String>** | The supported device families for this VPP Application. | [optional] +**total_licenses** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/SoftwareAppCreate.md b/jcapiv2/docs/SoftwareAppCreate.md new file mode 100644 index 0000000..921d3a1 --- /dev/null +++ b/jcapiv2/docs/SoftwareAppCreate.md @@ -0,0 +1,10 @@ +# JCAPIv2::SoftwareAppCreate + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**display_name** | **String** | | [optional] +**id** | **String** | | [optional] +**settings** | [**Array<SoftwareAppSettings>**](SoftwareAppSettings.md) | | [optional] +**upload_url** | **String** | | [optional] + diff --git a/jcapiv2/docs/SoftwareAppGoogleAndroid.md b/jcapiv2/docs/SoftwareAppGoogleAndroid.md new file mode 100644 index 0000000..236360d --- /dev/null +++ b/jcapiv2/docs/SoftwareAppGoogleAndroid.md @@ -0,0 +1,27 @@ +# JCAPIv2::SoftwareAppGoogleAndroid + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**app_pricing** | **String** | Whether this app is free, free with in-app purchases, or paid. | [optional] +**app_version** | **String** | Latest version currently available for this app. | [optional] +**author** | **String** | The name of the author of this app. | [optional] +**auto_update_mode** | **String** | Controls the auto-update mode for the app. | [optional] +**category** | **String** | The app category (e.g. COMMUNICATION, SOCIAL, etc.). | [optional] +**content_rating** | **String** | The content rating for this app. | [optional] +**display_mode** | **String** | The display mode of the web app. | [optional] +**distribution_channel** | **String** | How and to whom the package is made available. | [optional] +**full_description** | **String** | Full app description, if available. | [optional] +**icon_url** | **String** | A link to an image that can be used as an icon for the app. | [optional] +**install_type** | **String** | The type of installation to perform for an app. | [optional] +**managed_configuration_template_id** | **String** | The managed configurations template for the app. | [optional] +**managed_properties** | **BOOLEAN** | Indicates whether this app has managed properties or not. | [optional] +**min_sdk_version** | **Integer** | The minimum Android SDK necessary to run the app. | [optional] +**name** | **String** | The name of the app in the form enterprises/{enterprise}/applications/{packageName}. | [optional] +**permission_grants** | [**Array<SoftwareAppPermissionGrants>**](SoftwareAppPermissionGrants.md) | | [optional] +**runtime_permission** | **String** | The policy for granting permission requests to apps. | [optional] +**start_url** | **String** | The start URL, i.e. the URL that should load when the user opens the application. Applicable only for webapps. | [optional] +**type** | **String** | Type of this android application. | [optional] +**update_time** | **String** | The approximate time (within 7 days) the app was last published. | [optional] +**version_code** | **Integer** | The current version of the web app. | [optional] + diff --git a/jcapiv2/docs/SoftwareAppPermissionGrants.md b/jcapiv2/docs/SoftwareAppPermissionGrants.md new file mode 100644 index 0000000..eb654e0 --- /dev/null +++ b/jcapiv2/docs/SoftwareAppPermissionGrants.md @@ -0,0 +1,8 @@ +# JCAPIv2::SoftwareAppPermissionGrants + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | An opaque string uniquely identifying the Android permission, e.g. android.permission.READ_CALENDAR. | [optional] +**policy** | **String** | The policy for granting the permission. | [optional] + diff --git a/jcapiv2/docs/SoftwareAppReclaimLicenses.md b/jcapiv2/docs/SoftwareAppReclaimLicenses.md new file mode 100644 index 0000000..9655bd1 --- /dev/null +++ b/jcapiv2/docs/SoftwareAppReclaimLicenses.md @@ -0,0 +1,10 @@ +# JCAPIv2::SoftwareAppReclaimLicenses + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**assigned_licenses** | **Integer** | | [optional] +**available_licenses** | **Integer** | | [optional] +**reclaimed_licenses** | **Integer** | | [optional] +**total_licenses** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/SoftwareAppSettings.md b/jcapiv2/docs/SoftwareAppSettings.md new file mode 100644 index 0000000..6ef6b36 --- /dev/null +++ b/jcapiv2/docs/SoftwareAppSettings.md @@ -0,0 +1,26 @@ +# JCAPIv2::SoftwareAppSettings + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**allow_update_delay** | **BOOLEAN** | | [optional] [default to false] +**apple_vpp** | [**SoftwareAppAppleVpp**](SoftwareAppAppleVpp.md) | | [optional] +**asset_kind** | **String** | The manifest asset kind (ex: software). | [optional] +**asset_sha256_size** | **Integer** | The incremental size to use for summing the package as it is downloaded. | [optional] +**asset_sha256_strings** | **Array<String>** | The array of checksums, one each for the hash size up to the total size of the package. | [optional] +**auto_update** | **BOOLEAN** | | [optional] [default to false] +**command_line_arguments** | **String** | Command line arguments to use with the application. | [optional] +**description** | **String** | The software app description. | [optional] +**desired_state** | **String** | State of Install or Uninstall | [optional] +**enterprise_object_id** | **String** | ID of the Enterprise with which this app is associated | [optional] +**google_android** | [**SoftwareAppGoogleAndroid**](SoftwareAppGoogleAndroid.md) | | [optional] +**location** | **String** | Repository where the app is located within the package manager | [optional] +**location_object_id** | **String** | ID of the repository where the app is located within the package manager | [optional] +**package_id** | **String** | | [optional] +**package_kind** | **String** | The package manifest kind (ex: software-package). | [optional] +**package_manager** | **String** | App store serving the app: APPLE_VPP, CHOCOLATEY, etc. | [optional] +**package_subtitle** | **String** | The package manifest subtitle. | [optional] +**package_version** | **String** | The package manifest version. | [optional] +**stored_package** | [**ObjectStorageItem**](ObjectStorageItem.md) | | [optional] +**stored_package_object_id** | **String** | ID of the stored package this app uses to reference the stored install media. | [optional] + diff --git a/jcapiv2/docs/SoftwareAppStatus.md b/jcapiv2/docs/SoftwareAppStatus.md new file mode 100644 index 0000000..543b332 --- /dev/null +++ b/jcapiv2/docs/SoftwareAppStatus.md @@ -0,0 +1,14 @@ +# JCAPIv2::SoftwareAppStatus + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**code** | **Integer** | | [optional] +**details** | **String** | | [optional] +**id** | **String** | | [optional] +**software_app_id** | **String** | | [optional] +**state** | **String** | | [optional] +**system_id** | **String** | | [optional] +**timestamp** | **String** | | [optional] +**version** | **String** | | [optional] + diff --git a/jcapiv2/docs/SoftwareAppWithStatus.md b/jcapiv2/docs/SoftwareAppWithStatus.md new file mode 100644 index 0000000..d62de5d --- /dev/null +++ b/jcapiv2/docs/SoftwareAppWithStatus.md @@ -0,0 +1,8 @@ +# JCAPIv2::SoftwareAppWithStatus + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**app** | [**SoftwareApp**](SoftwareApp.md) | | [optional] +**status** | [**SoftwareAppStatus**](SoftwareAppStatus.md) | | [optional] + diff --git a/jcapiv2/docs/SoftwareAppsApi.md b/jcapiv2/docs/SoftwareAppsApi.md new file mode 100644 index 0000000..4dca05b --- /dev/null +++ b/jcapiv2/docs/SoftwareAppsApi.md @@ -0,0 +1,774 @@ +# JCAPIv2::SoftwareAppsApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**graph_softwareapps_associations_list**](SoftwareAppsApi.md#graph_softwareapps_associations_list) | **GET** /softwareapps/{software_app_id}/associations | List the associations of a Software Application +[**graph_softwareapps_associations_post**](SoftwareAppsApi.md#graph_softwareapps_associations_post) | **POST** /softwareapps/{software_app_id}/associations | Manage the associations of a software application. +[**graph_softwareapps_traverse_system**](SoftwareAppsApi.md#graph_softwareapps_traverse_system) | **GET** /softwareapps/{software_app_id}/systems | List the Systems bound to a Software App. +[**graph_softwareapps_traverse_system_group**](SoftwareAppsApi.md#graph_softwareapps_traverse_system_group) | **GET** /softwareapps/{software_app_id}/systemgroups | List the System Groups bound to a Software App. +[**software_app_statuses_list**](SoftwareAppsApi.md#software_app_statuses_list) | **GET** /softwareapps/{software_app_id}/statuses | Get the status of the provided Software Application +[**software_apps_delete**](SoftwareAppsApi.md#software_apps_delete) | **DELETE** /softwareapps/{id} | Delete a configured Software Application +[**software_apps_get**](SoftwareAppsApi.md#software_apps_get) | **GET** /softwareapps/{id} | Retrieve a configured Software Application. +[**software_apps_list**](SoftwareAppsApi.md#software_apps_list) | **GET** /softwareapps | Get all configured Software Applications. +[**software_apps_post**](SoftwareAppsApi.md#software_apps_post) | **POST** /softwareapps | Create a Software Application that will be managed by JumpCloud. +[**software_apps_reclaim_licenses**](SoftwareAppsApi.md#software_apps_reclaim_licenses) | **POST** /softwareapps/{software_app_id}/reclaim-licenses | Reclaim Licenses for a Software Application. +[**software_apps_retry_installation**](SoftwareAppsApi.md#software_apps_retry_installation) | **POST** /softwareapps/{software_app_id}/retry-installation | Retry Installation for a Software Application +[**software_apps_update**](SoftwareAppsApi.md#software_apps_update) | **PUT** /softwareapps/{id} | Update a Software Application Configuration. +[**validator_validate_application_install_package**](SoftwareAppsApi.md#validator_validate_application_install_package) | **POST** /softwareapps/validate | Validate Installation Packages + +# **graph_softwareapps_associations_list** +> Array<GraphConnection> graph_softwareapps_associations_list(software_app_id, targets, opts) + +List the associations of a Software Application + +This endpoint will return the _direct_ associations of a Software Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Software Application and System Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +targets = ['targets_example'] # Array | Targets which a \"software_app\" can be associated to. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List the associations of a Software Application + result = api_instance.graph_softwareapps_associations_list(software_app_id, targets, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->graph_softwareapps_associations_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **software_app_id** | **String**| ObjectID of the Software App. | + **targets** | [**Array<String>**](String.md)| Targets which a \"software_app\" can be associated to. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<GraphConnection>**](GraphConnection.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_softwareapps_associations_post** +> graph_softwareapps_associations_post(software_app_id, opts) + +Manage the associations of a software application. + +This endpoint allows you to associate or disassociate a software application to a system or system group. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"id\": \"\", \"op\": \"add\", \"type\": \"system\" }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + body: JCAPIv2::GraphOperationSoftwareApp.new # GraphOperationSoftwareApp | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Manage the associations of a software application. + api_instance.graph_softwareapps_associations_post(software_app_id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->graph_softwareapps_associations_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **software_app_id** | **String**| ObjectID of the Software App. | + **body** | [**GraphOperationSoftwareApp**](GraphOperationSoftwareApp.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: Not defined + + + +# **graph_softwareapps_traverse_system** +> Array<GraphObjectWithPaths> graph_softwareapps_traverse_system(software_app_id, opts) + +List the Systems bound to a Software App. + +This endpoint will return all Systems bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Systems bound to a Software App. + result = api_instance.graph_softwareapps_traverse_system(software_app_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->graph_softwareapps_traverse_system: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **software_app_id** | **String**| ObjectID of the Software App. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_softwareapps_traverse_system_group** +> Array<GraphObjectWithPaths> graph_softwareapps_traverse_system_group(software_app_id, opts) + +List the System Groups bound to a Software App. + +This endpoint will return all Systems Groups bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the System Groups bound to a Software App. + result = api_instance.graph_softwareapps_traverse_system_group(software_app_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->graph_softwareapps_traverse_system_group: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **software_app_id** | **String**| ObjectID of the Software App. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **software_app_statuses_list** +> Array<SoftwareAppStatus> software_app_statuses_list(software_app_id, opts) + +Get the status of the provided Software Application + +This endpoint allows you to get the status of the provided Software Application on associated JumpCloud systems. #### Sample Request ``` $ curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/statuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | ObjectID of the Software App. +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Get the status of the provided Software Application + result = api_instance.software_app_statuses_list(software_app_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_app_statuses_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **software_app_id** | **String**| ObjectID of the Software App. | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**Array<SoftwareAppStatus>**](SoftwareAppStatus.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **software_apps_delete** +> software_apps_delete(id, opts) + +Delete a configured Software Application + +Removes a Software Application configuration. Warning: This is a destructive operation and will unmanage the application on all affected systems. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete a configured Software Application + api_instance.software_apps_delete(id, opts) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_delete: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **software_apps_get** +> SoftwareApp software_apps_get(id, opts) + +Retrieve a configured Software Application. + +Retrieves a Software Application. The optional isConfigEnabled and appConfiguration apple_vpp attributes are populated in this response. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +id = 'id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Retrieve a configured Software Application. + result = api_instance.software_apps_get(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**SoftwareApp**](SoftwareApp.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **software_apps_list** +> Array<SoftwareApp> software_apps_list(opts) + +Get all configured Software Applications. + +This endpoint allows you to get all configured Software Applications that will be managed by JumpCloud on associated JumpCloud systems. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request ``` $ curl -X GET https://console.jumpcloud.com/api/v2/softwareapps \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #Get all configured Software Applications. + result = api_instance.software_apps_list(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**Array<SoftwareApp>**](SoftwareApp.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **software_apps_post** +> SoftwareAppCreate software_apps_post(opts) + +Create a Software Application that will be managed by JumpCloud. + +This endpoint allows you to create a Software Application that will be managed by JumpCloud on associated JumpCloud systems. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"Adobe Reader\", \"settings\": [{\"packageId\": \"adobereader\"}] }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +opts = { + body: JCAPIv2::SoftwareApp.new # SoftwareApp | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Create a Software Application that will be managed by JumpCloud. + result = api_instance.software_apps_post(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_post: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**SoftwareApp**](SoftwareApp.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**SoftwareAppCreate**](SoftwareAppCreate.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **software_apps_reclaim_licenses** +> SoftwareAppReclaimLicenses software_apps_reclaim_licenses(software_app_id) + +Reclaim Licenses for a Software Application. + +This endpoint allows you to reclaim the licenses from a software app associated with devices that are deleted. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/reclaim-licenses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +software_app_id = 'software_app_id_example' # String | + + +begin + #Reclaim Licenses for a Software Application. + result = api_instance.software_apps_reclaim_licenses(software_app_id) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_reclaim_licenses: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **software_app_id** | **String**| | + +### Return type + +[**SoftwareAppReclaimLicenses**](SoftwareAppReclaimLicenses.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **software_apps_retry_installation** +> software_apps_retry_installation(bodysoftware_app_id) + +Retry Installation for a Software Application + +This endpoints initiates an installation retry of an Apple VPP App for the provided system IDs #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/retry-installation \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"system_ids\": \"{, , ...}\"}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +body = JCAPIv2::SoftwareAppsRetryInstallationRequest.new # SoftwareAppsRetryInstallationRequest | +software_app_id = 'software_app_id_example' # String | + + +begin + #Retry Installation for a Software Application + api_instance.software_apps_retry_installation(bodysoftware_app_id) +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_retry_installation: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**SoftwareAppsRetryInstallationRequest**](SoftwareAppsRetryInstallationRequest.md)| | + **software_app_id** | **String**| | + +### Return type + +nil (empty response body) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **software_apps_update** +> SoftwareApp software_apps_update(id, opts) + +Update a Software Application Configuration. + +This endpoint updates a specific Software Application configuration for the organization. displayName can be changed alone if no settings are provided. If a setting is provided, it should include all its information since this endpoint will update all the settings' fields. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request - displayName only ``` curl -X PUT https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"My Software App\" }' ``` #### Sample Request - all attributes ``` curl -X PUT https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"My Software App\", \"settings\": [ { \"packageId\": \"123456\", \"autoUpdate\": false, \"allowUpdateDelay\": false, \"packageManager\": \"APPLE_VPP\", \"locationObjectId\": \"123456789012123456789012\", \"location\": \"123456\", \"desiredState\": \"Install\", \"appleVpp\": { \"appConfiguration\": \"MyKeyMy String\", \"assignedLicenses\": 20, \"availableLicenses\": 10, \"details\": {}, \"isConfigEnabled\": true, \"supportedDeviceFamilies\": [ \"IPAD\", \"MAC\" ], \"totalLicenses\": 30 }, \"packageSubtitle\": \"My package subtitle\", \"packageVersion\": \"1.2.3\", \"packageKind\": \"software-package\", \"assetKind\": \"software\", \"assetSha256Size\": 256, \"assetSha256Strings\": [ \"a123b123c123d123\" ], \"description\": \"My app description\" } ] }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +id = 'id_example' # String | +opts = { + body: JCAPIv2::SoftwareApp.new # SoftwareApp | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update a Software Application Configuration. + result = api_instance.software_apps_update(id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->software_apps_update: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**SoftwareApp**](SoftwareApp.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**SoftwareApp**](SoftwareApp.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + +# **validator_validate_application_install_package** +> JumpcloudPackageValidatorValidateApplicationInstallPackageResponse validator_validate_application_install_package(body) + +Validate Installation Packages + +Validates an application install package from the specified URL to calculate the SHA256 hash and extract the installer manifest details. #### Sample Request ``` curl -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -d '{\"url\": \"https://dl.google.com/dl/chrome/mac/universal/stable/gcem/GoogleChrome.pkg\"}' \\ -i -X POST https://console.jumpcloud.com/api/v2/softwareapps/validate ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SoftwareAppsApi.new +body = JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageRequest.new # JumpcloudPackageValidatorValidateApplicationInstallPackageRequest | + + +begin + #Validate Installation Packages + result = api_instance.validator_validate_application_install_package(body) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SoftwareAppsApi->validator_validate_application_install_package: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**JumpcloudPackageValidatorValidateApplicationInstallPackageRequest**](JumpcloudPackageValidatorValidateApplicationInstallPackageRequest.md)| | + +### Return type + +[**JumpcloudPackageValidatorValidateApplicationInstallPackageResponse**](JumpcloudPackageValidatorValidateApplicationInstallPackageResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/SoftwareAppsRetryInstallationRequest.md b/jcapiv2/docs/SoftwareAppsRetryInstallationRequest.md new file mode 100644 index 0000000..512d1b9 --- /dev/null +++ b/jcapiv2/docs/SoftwareAppsRetryInstallationRequest.md @@ -0,0 +1,7 @@ +# JCAPIv2::SoftwareAppsRetryInstallationRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**system_ids** | **Array<String>** | An array of system IDs to retry the software application installation. | [optional] + diff --git a/jcapiv2/docs/Sshkeylist.md b/jcapiv2/docs/Sshkeylist.md deleted file mode 100644 index e923c4f..0000000 --- a/jcapiv2/docs/Sshkeylist.md +++ /dev/null @@ -1,11 +0,0 @@ -# JCAPIv2::Sshkeylist - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**_id** | **String** | The ID of the SSH key. | [optional] -**create_date** | **String** | The date the SSH key was created. | [optional] -**name** | **String** | The name of the SSH key. | [optional] -**public_key** | **String** | The Public SSH key. | [optional] - - diff --git a/jcapiv2/docs/Subscription.md b/jcapiv2/docs/Subscription.md new file mode 100644 index 0000000..9846ab4 --- /dev/null +++ b/jcapiv2/docs/Subscription.md @@ -0,0 +1,11 @@ +# JCAPIv2::Subscription + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**annual_price** | [**BigDecimal**](BigDecimal.md) | The annual (discounted) price of this subscription. | +**display_name** | **String** | The display name of this subscription. | +**features** | [**Array<Feature>**](Feature.md) | Array of the features included in the subscription. | +**list_price** | [**BigDecimal**](BigDecimal.md) | The list price of this subscription. | +**product_code** | **String** | Unique identifier corresponding to this subscription. | + diff --git a/jcapiv2/docs/SubscriptionsApi.md b/jcapiv2/docs/SubscriptionsApi.md new file mode 100644 index 0000000..a92db14 --- /dev/null +++ b/jcapiv2/docs/SubscriptionsApi.md @@ -0,0 +1,49 @@ +# JCAPIv2::SubscriptionsApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**subscriptions_get**](SubscriptionsApi.md#subscriptions_get) | **GET** /subscriptions | Lists all the Pricing & Packaging Subscriptions + +# **subscriptions_get** +> Array<Subscription> subscriptions_get + +Lists all the Pricing & Packaging Subscriptions + +This endpoint returns all pricing & packaging subscriptions. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/subscriptions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' + +api_instance = JCAPIv2::SubscriptionsApi.new + +begin + #Lists all the Pricing & Packaging Subscriptions + result = api_instance.subscriptions_get + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SubscriptionsApi->subscriptions_get: #{e}" +end +``` + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**Array<Subscription>**](Subscription.md) + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/SuggestionCounts.md b/jcapiv2/docs/SuggestionCounts.md new file mode 100644 index 0000000..8cf1aae --- /dev/null +++ b/jcapiv2/docs/SuggestionCounts.md @@ -0,0 +1,9 @@ +# JCAPIv2::SuggestionCounts + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**add** | **Integer** | | [optional] +**remove** | **Integer** | | [optional] +**total** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/SyncroBillingMappingConfigurationOption.md b/jcapiv2/docs/SyncroBillingMappingConfigurationOption.md new file mode 100644 index 0000000..0fe0b54 --- /dev/null +++ b/jcapiv2/docs/SyncroBillingMappingConfigurationOption.md @@ -0,0 +1,8 @@ +# JCAPIv2::SyncroBillingMappingConfigurationOption + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | The option name | [optional] +**values** | [**Array<SyncroBillingMappingConfigurationOptionValue>**](SyncroBillingMappingConfigurationOptionValue.md) | The actual option's values | [optional] + diff --git a/jcapiv2/docs/SyncroBillingMappingConfigurationOptionValue.md b/jcapiv2/docs/SyncroBillingMappingConfigurationOptionValue.md new file mode 100644 index 0000000..229a363 --- /dev/null +++ b/jcapiv2/docs/SyncroBillingMappingConfigurationOptionValue.md @@ -0,0 +1,9 @@ +# JCAPIv2::SyncroBillingMappingConfigurationOptionValue + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**label** | **String** | | [optional] +**lines** | [**Array<SyncroBillingMappingConfigurationOptionValueLine>**](SyncroBillingMappingConfigurationOptionValueLine.md) | | [optional] +**value** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/SyncroBillingMappingConfigurationOptionValueLine.md b/jcapiv2/docs/SyncroBillingMappingConfigurationOptionValueLine.md new file mode 100644 index 0000000..023da8a --- /dev/null +++ b/jcapiv2/docs/SyncroBillingMappingConfigurationOptionValueLine.md @@ -0,0 +1,8 @@ +# JCAPIv2::SyncroBillingMappingConfigurationOptionValueLine + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**label** | **String** | | [optional] +**value** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/SyncroBillingMappingConfigurationOptionsResp.md b/jcapiv2/docs/SyncroBillingMappingConfigurationOptionsResp.md new file mode 100644 index 0000000..5dc116e --- /dev/null +++ b/jcapiv2/docs/SyncroBillingMappingConfigurationOptionsResp.md @@ -0,0 +1,7 @@ +# JCAPIv2::SyncroBillingMappingConfigurationOptionsResp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**options** | [**Array<SyncroBillingMappingConfigurationOption>**](SyncroBillingMappingConfigurationOption.md) | | + diff --git a/jcapiv2/docs/SyncroCompany.md b/jcapiv2/docs/SyncroCompany.md new file mode 100644 index 0000000..099fd07 --- /dev/null +++ b/jcapiv2/docs/SyncroCompany.md @@ -0,0 +1,8 @@ +# JCAPIv2::SyncroCompany + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The company identifier. | +**name** | **String** | The company name. | + diff --git a/jcapiv2/docs/SyncroCompanyResp.md b/jcapiv2/docs/SyncroCompanyResp.md new file mode 100644 index 0000000..8695bda --- /dev/null +++ b/jcapiv2/docs/SyncroCompanyResp.md @@ -0,0 +1,8 @@ +# JCAPIv2::SyncroCompanyResp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<SyncroCompany>**](SyncroCompany.md) | | +**total_count** | **Integer** | | + diff --git a/jcapiv2/docs/SyncroIntegration.md b/jcapiv2/docs/SyncroIntegration.md new file mode 100644 index 0000000..596a71c --- /dev/null +++ b/jcapiv2/docs/SyncroIntegration.md @@ -0,0 +1,9 @@ +# JCAPIv2::SyncroIntegration + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**id** | **String** | The identifier for this Syncro integration. | +**is_msp_auth_configured** | **BOOLEAN** | Has the msp-api been configured with auth data yet | [optional] +**subdomain** | **String** | The subdomain for the URL to connect to Syncro. | + diff --git a/jcapiv2/docs/SyncroIntegrationPatchReq.md b/jcapiv2/docs/SyncroIntegrationPatchReq.md new file mode 100644 index 0000000..0a399b4 --- /dev/null +++ b/jcapiv2/docs/SyncroIntegrationPatchReq.md @@ -0,0 +1,8 @@ +# JCAPIv2::SyncroIntegrationPatchReq + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**api_token** | **String** | The Syncro API token for authentication | [optional] +**subdomain** | **String** | The subdomain for the URL to connect to Syncro. | [optional] + diff --git a/jcapiv2/docs/SyncroIntegrationReq.md b/jcapiv2/docs/SyncroIntegrationReq.md new file mode 100644 index 0000000..2237943 --- /dev/null +++ b/jcapiv2/docs/SyncroIntegrationReq.md @@ -0,0 +1,8 @@ +# JCAPIv2::SyncroIntegrationReq + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**api_token** | **String** | The Syncro API token for authentication | +**subdomain** | **String** | The subdomain for the URL to connect to Syncro. | + diff --git a/jcapiv2/docs/SyncroMappingRequest.md b/jcapiv2/docs/SyncroMappingRequest.md new file mode 100644 index 0000000..0c22e9f --- /dev/null +++ b/jcapiv2/docs/SyncroMappingRequest.md @@ -0,0 +1,7 @@ +# JCAPIv2::SyncroMappingRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**data** | [**Array<SyncroMappingRequestData>**](SyncroMappingRequestData.md) | | [optional] + diff --git a/jcapiv2/docs/SyncroMappingRequestBillingConfigurations.md b/jcapiv2/docs/SyncroMappingRequestBillingConfigurations.md new file mode 100644 index 0000000..b19af4e --- /dev/null +++ b/jcapiv2/docs/SyncroMappingRequestBillingConfigurations.md @@ -0,0 +1,7 @@ +# JCAPIv2::SyncroMappingRequestBillingConfigurations + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**fields** | [**SyncroMappingRequestBillingConfigurationsFields**](SyncroMappingRequestBillingConfigurationsFields.md) | | [optional] + diff --git a/jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFields.md b/jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFields.md new file mode 100644 index 0000000..502c180 --- /dev/null +++ b/jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFields.md @@ -0,0 +1,10 @@ +# JCAPIv2::SyncroMappingRequestBillingConfigurationsFields + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**line_item_id** | [**SyncroMappingRequestBillingConfigurationsFieldsLineItemId**](SyncroMappingRequestBillingConfigurationsFieldsLineItemId.md) | | [optional] +**line_item_name** | [**SyncroMappingRequestBillingConfigurationsFieldsLineItemName**](SyncroMappingRequestBillingConfigurationsFieldsLineItemName.md) | | [optional] +**schedule_id** | [**SyncroMappingRequestBillingConfigurationsFieldsLineItemId**](SyncroMappingRequestBillingConfigurationsFieldsLineItemId.md) | | [optional] +**schedule_name** | [**SyncroMappingRequestBillingConfigurationsFieldsLineItemName**](SyncroMappingRequestBillingConfigurationsFieldsLineItemName.md) | | [optional] + diff --git a/jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFieldsLineItemId.md b/jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFieldsLineItemId.md new file mode 100644 index 0000000..f1b109d --- /dev/null +++ b/jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFieldsLineItemId.md @@ -0,0 +1,8 @@ +# JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemId + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**kind** | **String** | | [optional] +**number_value** | [**BigDecimal**](BigDecimal.md) | | [optional] + diff --git a/jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFieldsLineItemName.md b/jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFieldsLineItemName.md new file mode 100644 index 0000000..25cfff8 --- /dev/null +++ b/jcapiv2/docs/SyncroMappingRequestBillingConfigurationsFieldsLineItemName.md @@ -0,0 +1,8 @@ +# JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemName + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**kind** | **String** | | [optional] +**string_value** | **String** | | [optional] + diff --git a/jcapiv2/docs/SyncroMappingRequestData.md b/jcapiv2/docs/SyncroMappingRequestData.md new file mode 100644 index 0000000..0f0e251 --- /dev/null +++ b/jcapiv2/docs/SyncroMappingRequestData.md @@ -0,0 +1,10 @@ +# JCAPIv2::SyncroMappingRequestData + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**billing_configurations** | [**SyncroMappingRequestBillingConfigurations**](SyncroMappingRequestBillingConfigurations.md) | | [optional] +**company** | [**ConnectWiseMappingRequestCompany**](ConnectWiseMappingRequestCompany.md) | | +**delete** | **BOOLEAN** | | [optional] +**organization** | [**ConnectWiseMappingRequestOrganization**](ConnectWiseMappingRequestOrganization.md) | | + diff --git a/jcapiv2/docs/SyncroMappingResponse.md b/jcapiv2/docs/SyncroMappingResponse.md new file mode 100644 index 0000000..72dea0f --- /dev/null +++ b/jcapiv2/docs/SyncroMappingResponse.md @@ -0,0 +1,8 @@ +# JCAPIv2::SyncroMappingResponse + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**company** | [**ConnectWiseMappingResponseAddition**](ConnectWiseMappingResponseAddition.md) | | [optional] +**organization** | [**ConnectWiseMappingResponseAddition**](ConnectWiseMappingResponseAddition.md) | | [optional] + diff --git a/jcapiv2/docs/SyncroSettings.md b/jcapiv2/docs/SyncroSettings.md new file mode 100644 index 0000000..8161a6a --- /dev/null +++ b/jcapiv2/docs/SyncroSettings.md @@ -0,0 +1,7 @@ +# JCAPIv2::SyncroSettings + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**automatic_ticketing** | **BOOLEAN** | Determine whether Syncro uses automatic ticketing | [optional] + diff --git a/jcapiv2/docs/SyncroSettingsPatchReq.md b/jcapiv2/docs/SyncroSettingsPatchReq.md new file mode 100644 index 0000000..b6d97ac --- /dev/null +++ b/jcapiv2/docs/SyncroSettingsPatchReq.md @@ -0,0 +1,7 @@ +# JCAPIv2::SyncroSettingsPatchReq + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**automatic_ticketing** | **BOOLEAN** | Determine whether Syncro uses automatic ticketing | [optional] + diff --git a/jcapiv2/docs/SyncroTicketingAlertConfiguration.md b/jcapiv2/docs/SyncroTicketingAlertConfiguration.md new file mode 100644 index 0000000..d16b008 --- /dev/null +++ b/jcapiv2/docs/SyncroTicketingAlertConfiguration.md @@ -0,0 +1,17 @@ +# JCAPIv2::SyncroTicketingAlertConfiguration + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**category** | **String** | | [optional] +**description** | **String** | | [optional] +**display_name** | **String** | | [optional] +**due_days** | **Integer** | | [optional] +**id** | **Integer** | | [optional] +**priority** | **String** | | [optional] +**problem_type** | **String** | | [optional] +**should_create_tickets** | **BOOLEAN** | | [optional] +**status** | **String** | | [optional] +**user_id** | **Integer** | | [optional] +**username** | **String** | | [optional] + diff --git a/jcapiv2/docs/SyncroTicketingAlertConfigurationList.md b/jcapiv2/docs/SyncroTicketingAlertConfigurationList.md new file mode 100644 index 0000000..bb52898 --- /dev/null +++ b/jcapiv2/docs/SyncroTicketingAlertConfigurationList.md @@ -0,0 +1,7 @@ +# JCAPIv2::SyncroTicketingAlertConfigurationList + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | **Array<AllOfSyncroTicketingAlertConfigurationListRecordsItems>** | | + diff --git a/jcapiv2/docs/SyncroTicketingAlertConfigurationOption.md b/jcapiv2/docs/SyncroTicketingAlertConfigurationOption.md new file mode 100644 index 0000000..ddf37c3 --- /dev/null +++ b/jcapiv2/docs/SyncroTicketingAlertConfigurationOption.md @@ -0,0 +1,8 @@ +# JCAPIv2::SyncroTicketingAlertConfigurationOption + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | | [optional] +**values** | [**Array<AutotaskTicketingAlertConfigurationOptionValues>**](AutotaskTicketingAlertConfigurationOptionValues.md) | | [optional] + diff --git a/jcapiv2/docs/SyncroTicketingAlertConfigurationOptions.md b/jcapiv2/docs/SyncroTicketingAlertConfigurationOptions.md new file mode 100644 index 0000000..093b71e --- /dev/null +++ b/jcapiv2/docs/SyncroTicketingAlertConfigurationOptions.md @@ -0,0 +1,7 @@ +# JCAPIv2::SyncroTicketingAlertConfigurationOptions + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<SyncroTicketingAlertConfigurationOption>**](SyncroTicketingAlertConfigurationOption.md) | | + diff --git a/jcapiv2/docs/SyncroTicketingAlertConfigurationRequest.md b/jcapiv2/docs/SyncroTicketingAlertConfigurationRequest.md new file mode 100644 index 0000000..4664fa9 --- /dev/null +++ b/jcapiv2/docs/SyncroTicketingAlertConfigurationRequest.md @@ -0,0 +1,13 @@ +# JCAPIv2::SyncroTicketingAlertConfigurationRequest + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**due_days** | **Integer** | | [optional] +**priority** | **String** | | [optional] +**problem_type** | **String** | | +**should_create_tickets** | **BOOLEAN** | | +**status** | **String** | | [optional] +**user_id** | [**BigDecimal**](BigDecimal.md) | | [optional] +**username** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemGraphManagementReqAttributes.md b/jcapiv2/docs/SystemGraphManagementReqAttributes.md deleted file mode 100644 index 4f98f2a..0000000 --- a/jcapiv2/docs/SystemGraphManagementReqAttributes.md +++ /dev/null @@ -1,8 +0,0 @@ -# JCAPIv2::SystemGraphManagementReqAttributes - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**sudo** | [**SystemGraphManagementReqAttributesSudo**](SystemGraphManagementReqAttributesSudo.md) | | [optional] - - diff --git a/jcapiv2/docs/SystemGroup.md b/jcapiv2/docs/SystemGroup.md index e38cb45..d5ea9df 100644 --- a/jcapiv2/docs/SystemGroup.md +++ b/jcapiv2/docs/SystemGroup.md @@ -3,8 +3,14 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**description** | **String** | Description of a System Group | [optional] +**email** | **String** | E-mail address associated with a System Group | [optional] **id** | **String** | ObjectId uniquely identifying a System Group. | [optional] +**member_query** | [**FilterQuery**](FilterQuery.md) | | [optional] +**member_query_exemptions** | [**Array<GraphObject>**](GraphObject.md) | Array of GraphObjects exempted from the query | [optional] +**member_suggestions_notify** | **BOOLEAN** | True if notification emails are to be sent for membership suggestions. | [optional] +**membership_method** | [**GroupMembershipMethodType**](GroupMembershipMethodType.md) | | [optional] **name** | **String** | Display name of a System Group. | [optional] -**type** | **String** | The type of the group; always 'system' for a System Group. | [optional] - +**type** | **String** | The type of the group; always 'system' for a System Group. | [optional] diff --git a/jcapiv2/docs/SystemGroupAssociationsApi.md b/jcapiv2/docs/SystemGroupAssociationsApi.md index 64f402a..24dbc7a 100644 --- a/jcapiv2/docs/SystemGroupAssociationsApi.md +++ b/jcapiv2/docs/SystemGroupAssociationsApi.md @@ -8,12 +8,12 @@ Method | HTTP request | Description [**graph_system_group_associations_post**](SystemGroupAssociationsApi.md#graph_system_group_associations_post) | **POST** /systemgroups/{group_id}/associations | Manage the associations of a System Group [**graph_system_group_traverse_command**](SystemGroupAssociationsApi.md#graph_system_group_traverse_command) | **GET** /systemgroups/{group_id}/commands | List the Commands bound to a System Group [**graph_system_group_traverse_policy**](SystemGroupAssociationsApi.md#graph_system_group_traverse_policy) | **GET** /systemgroups/{group_id}/policies | List the Policies bound to a System Group +[**graph_system_group_traverse_policy_group**](SystemGroupAssociationsApi.md#graph_system_group_traverse_policy_group) | **GET** /systemgroups/{group_id}/policygroups | List the Policy Groups bound to a System Group [**graph_system_group_traverse_user**](SystemGroupAssociationsApi.md#graph_system_group_traverse_user) | **GET** /systemgroups/{group_id}/users | List the Users bound to a System Group [**graph_system_group_traverse_user_group**](SystemGroupAssociationsApi.md#graph_system_group_traverse_user_group) | **GET** /systemgroups/{group_id}/usergroups | List the User Groups bound to a System Group - # **graph_system_group_associations_list** -> Array<GraphConnection> graph_system_group_associations_list(group_id, content_type, accepttargets, opts) +> Array<GraphConnection> graph_system_group_associations_list(group_id, targets, opts) List the associations of a System Group @@ -32,24 +32,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -targets = ["targets_example"] # Array | - +group_id = 'group_id_example' # String | ObjectID of the System Group. +targets = ['targets_example'] # Array | Targets which a \"system_group\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a System Group - result = api_instance.graph_system_group_associations_list(group_id, content_type, accepttargets, opts) + result = api_instance.graph_system_group_associations_list(group_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_associations_list: #{e}" @@ -61,12 +54,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **targets** | [**Array<String>**](String.md)| | + **targets** | [**Array<String>**](String.md)| Targets which a \"system_group\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -78,17 +69,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_associations_post** -> graph_system_group_associations_post(group_id, content_type, accept, opts) +> graph_system_group_associations_post(group_id, opts) Manage the associations of a System Group -This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` ### Example ```ruby @@ -103,21 +94,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { - body: JCAPIv2::SystemGroupGraphManagementReq.new, # SystemGroupGraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationSystemGroup.new # GraphOperationSystemGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a System Group - api_instance.graph_system_group_associations_post(group_id, content_type, accept, opts) + api_instance.graph_system_group_associations_post(group_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_associations_post: #{e}" end @@ -128,10 +113,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGroupGraphManagementReq**](SystemGroupGraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationSystemGroup**](GraphOperationSystemGroup.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -144,12 +127,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_system_group_traverse_command** -> Array<GraphObjectWithPaths> graph_system_group_traverse_command(group_id, content_type, accept, opts) +> Array<CommandsGraphObjectWithPaths> graph_system_group_traverse_command(group_id, opts) List the Commands bound to a System Group @@ -168,23 +151,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + details: 'details_example' # String | This will provide detail descriptive response for the request. } begin #List the Commands bound to a System Group - result = api_instance.graph_system_group_traverse_command(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_traverse_command(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_command: #{e}" @@ -196,16 +174,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **details** | **String**| This will provide detail descriptive response for the request. | [optional] ### Return type -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) +[**Array<CommandsGraphObjectWithPaths>**](CommandsGraphObjectWithPaths.md) ### Authorization @@ -213,13 +190,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_traverse_policy** -> Array<GraphObjectWithPaths> graph_system_group_traverse_policy(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_group_traverse_policy(group_id, opts) List the Policies bound to a System Group @@ -238,26 +215,82 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} + +begin + #List the Policies bound to a System Group + result = api_instance.graph_system_group_traverse_policy(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_policy: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ObjectID of the System Group. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + -group_id = "group_id_example" # String | ObjectID of the System Group. +# **graph_system_group_traverse_policy_group** +> Array<GraphObjectWithPaths> graph_system_group_traverse_policy_group(group_id, opts) -content_type = "application/json" # String | +List the Policy Groups bound to a System Group -accept = "application/json" # String | +This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemGroupAssociationsApi.new +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin - #List the Policies bound to a System Group - result = api_instance.graph_system_group_traverse_policy(group_id, content_type, accept, opts) + #List the Policy Groups bound to a System Group + result = api_instance.graph_system_group_traverse_policy_group(group_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_policy: #{e}" + puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_policy_group: #{e}" end ``` @@ -266,12 +299,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -283,13 +314,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_traverse_user** -> Array<GraphObjectWithPaths> graph_system_group_traverse_user(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_group_traverse_user(group_id, opts) List the Users bound to a System Group @@ -308,23 +339,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to a System Group - result = api_instance.graph_system_group_traverse_user(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_traverse_user(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_user: #{e}" @@ -336,12 +361,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -353,13 +376,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_traverse_user_group** -> Array<GraphObjectWithPaths> graph_system_group_traverse_user_group(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_group_traverse_user_group(group_id, opts) List the User Groups bound to a System Group @@ -378,23 +401,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to a System Group - result = api_instance.graph_system_group_traverse_user_group(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_traverse_user_group(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupAssociationsApi->graph_system_group_traverse_user_group: #{e}" @@ -406,12 +423,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -423,7 +438,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/SystemGroupData.md b/jcapiv2/docs/SystemGroupData.md deleted file mode 100644 index 4545deb..0000000 --- a/jcapiv2/docs/SystemGroupData.md +++ /dev/null @@ -1,8 +0,0 @@ -# JCAPIv2::SystemGroupData - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**name** | **String** | Display name of a System Group. | - - diff --git a/jcapiv2/docs/SystemGroupMembersMembershipApi.md b/jcapiv2/docs/SystemGroupMembersMembershipApi.md index 211db93..cc5372a 100644 --- a/jcapiv2/docs/SystemGroupMembersMembershipApi.md +++ b/jcapiv2/docs/SystemGroupMembersMembershipApi.md @@ -4,86 +4,12 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- -[**graph_system_group_member_of**](SystemGroupMembersMembershipApi.md#graph_system_group_member_of) | **GET** /systemgroups/{group_id}/memberof | List the System Group's parents [**graph_system_group_members_list**](SystemGroupMembersMembershipApi.md#graph_system_group_members_list) | **GET** /systemgroups/{group_id}/members | List the members of a System Group [**graph_system_group_members_post**](SystemGroupMembersMembershipApi.md#graph_system_group_members_post) | **POST** /systemgroups/{group_id}/members | Manage the members of a System Group -[**graph_system_group_membership**](SystemGroupMembersMembershipApi.md#graph_system_group_membership) | **GET** /systemgroups/{group_id}/membership | List the System Group's membership - - -# **graph_system_group_member_of** -> Array<GraphObjectWithPaths> graph_system_group_member_of(group_id, content_type, accept, opts) - -List the System Group's parents - -This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::SystemGroupMembersMembershipApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | -} - -begin - #List the System Group's parents - result = api_instance.graph_system_group_member_of(group_id, content_type, accept, opts) - p result -rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemGroupMembersMembershipApi->graph_system_group_member_of: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] - -### Return type - -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - +[**graph_system_group_membership**](SystemGroupMembersMembershipApi.md#graph_system_group_membership) | **GET** /systemgroups/{group_id}/membership | List the System Group's membership # **graph_system_group_members_list** -> Array<GraphConnection> graph_system_group_members_list(group_id, content_type, accept, opts) +> Array<GraphConnection> graph_system_group_members_list(group_id, opts) List the members of a System Group @@ -102,22 +28,16 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupMembersMembershipApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the members of a System Group - result = api_instance.graph_system_group_members_list(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_members_list(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupMembersMembershipApi->graph_system_group_members_list: #{e}" @@ -129,11 +49,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -145,17 +63,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_members_post** -> graph_system_group_members_post(group_id, content_type, accept, opts) +> graph_system_group_members_post(group_id, opts) Manage the members of a System Group -This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` +This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` ### Example ```ruby @@ -170,23 +88,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupMembersMembershipApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { - body: JCAPIv2::SystemGroupMembersReq.new, # SystemGroupMembersReq | - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - x_org_id: "" # String | + body: JCAPIv2::GraphOperationSystemGroupMember.new # GraphOperationSystemGroupMember | + date: 'date_example' # String | Current date header for the System Context API + authorization: 'authorization_example' # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the members of a System Group - api_instance.graph_system_group_members_post(group_id, content_type, accept, opts) + api_instance.graph_system_group_members_post(group_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupMembersMembershipApi->graph_system_group_members_post: #{e}" end @@ -197,12 +109,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGroupMembersReq**](SystemGroupMembersReq.md)| | [optional] + **body** | [**GraphOperationSystemGroupMember**](GraphOperationSystemGroupMember.md)| | [optional] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -215,12 +125,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_system_group_membership** -> Array<GraphObjectWithPaths> graph_system_group_membership(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_group_membership(group_id, opts) List the System Group's membership @@ -239,24 +149,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupMembersMembershipApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the System Group's membership - result = api_instance.graph_system_group_membership(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_membership(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupMembersMembershipApi->graph_system_group_membership: #{e}" @@ -268,13 +172,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -286,7 +188,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/SystemGroupMembersReq.md b/jcapiv2/docs/SystemGroupMembersReq.md deleted file mode 100644 index 7e3315c..0000000 --- a/jcapiv2/docs/SystemGroupMembersReq.md +++ /dev/null @@ -1,10 +0,0 @@ -# JCAPIv2::SystemGroupMembersReq - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**id** | **String** | The ObjectID of member being added or removed. | -**op** | **String** | How to modify the membership connection. | -**type** | **String** | The member type. | - - diff --git a/jcapiv2/docs/SystemGroupPost.md b/jcapiv2/docs/SystemGroupPost.md new file mode 100644 index 0000000..db66b99 --- /dev/null +++ b/jcapiv2/docs/SystemGroupPost.md @@ -0,0 +1,14 @@ +# JCAPIv2::SystemGroupPost + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**description** | **String** | Description of a System Group | [optional] +**email** | **String** | Email address of a System Group | [optional] +**member_query** | [**FilterQuery**](FilterQuery.md) | | [optional] +**member_query_exemptions** | [**Array<GraphObject>**](GraphObject.md) | Array of GraphObjects exempted from the query | [optional] +**member_suggestions_notify** | **BOOLEAN** | True if notification emails are to be sent for membership suggestions. | [optional] +**membership_method** | [**GroupMembershipMethodType**](GroupMembershipMethodType.md) | | [optional] +**name** | **String** | Display name of a System Group. | + diff --git a/jcapiv2/docs/SystemGroupPut.md b/jcapiv2/docs/SystemGroupPut.md new file mode 100644 index 0000000..24c06e0 --- /dev/null +++ b/jcapiv2/docs/SystemGroupPut.md @@ -0,0 +1,14 @@ +# JCAPIv2::SystemGroupPut + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**attributes** | [**GraphAttributes**](GraphAttributes.md) | | [optional] +**description** | **String** | Description of a System Group | [optional] +**email** | **String** | Email address of a System Group | [optional] +**member_query** | [**FilterQuery**](FilterQuery.md) | | [optional] +**member_query_exemptions** | [**Array<GraphObject>**](GraphObject.md) | Array of GraphObjects exempted from the query | [optional] +**member_suggestions_notify** | **BOOLEAN** | True if notification emails are to be sent for membership suggestions. | [optional] +**membership_method** | [**GroupMembershipMethodType**](GroupMembershipMethodType.md) | | [optional] +**name** | **String** | Display name of a System Group. | + diff --git a/jcapiv2/docs/SystemGroupsApi.md b/jcapiv2/docs/SystemGroupsApi.md index 4a8d235..977a2cb 100644 --- a/jcapiv2/docs/SystemGroupsApi.md +++ b/jcapiv2/docs/SystemGroupsApi.md @@ -6,23 +6,23 @@ Method | HTTP request | Description ------------- | ------------- | ------------- [**graph_system_group_associations_list**](SystemGroupsApi.md#graph_system_group_associations_list) | **GET** /systemgroups/{group_id}/associations | List the associations of a System Group [**graph_system_group_associations_post**](SystemGroupsApi.md#graph_system_group_associations_post) | **POST** /systemgroups/{group_id}/associations | Manage the associations of a System Group -[**graph_system_group_member_of**](SystemGroupsApi.md#graph_system_group_member_of) | **GET** /systemgroups/{group_id}/memberof | List the System Group's parents [**graph_system_group_members_list**](SystemGroupsApi.md#graph_system_group_members_list) | **GET** /systemgroups/{group_id}/members | List the members of a System Group [**graph_system_group_members_post**](SystemGroupsApi.md#graph_system_group_members_post) | **POST** /systemgroups/{group_id}/members | Manage the members of a System Group -[**graph_system_group_membership**](SystemGroupsApi.md#graph_system_group_membership) | **GET** /systemgroups/{group_id}/membership | List the System Group's membership +[**graph_system_group_membership**](SystemGroupsApi.md#graph_system_group_membership) | **GET** /systemgroups/{group_id}/membership | List the System Group's membership [**graph_system_group_traverse_policy**](SystemGroupsApi.md#graph_system_group_traverse_policy) | **GET** /systemgroups/{group_id}/policies | List the Policies bound to a System Group +[**graph_system_group_traverse_policy_group**](SystemGroupsApi.md#graph_system_group_traverse_policy_group) | **GET** /systemgroups/{group_id}/policygroups | List the Policy Groups bound to a System Group [**graph_system_group_traverse_user**](SystemGroupsApi.md#graph_system_group_traverse_user) | **GET** /systemgroups/{group_id}/users | List the Users bound to a System Group [**graph_system_group_traverse_user_group**](SystemGroupsApi.md#graph_system_group_traverse_user_group) | **GET** /systemgroups/{group_id}/usergroups | List the User Groups bound to a System Group [**groups_system_delete**](SystemGroupsApi.md#groups_system_delete) | **DELETE** /systemgroups/{id} | Delete a System Group [**groups_system_get**](SystemGroupsApi.md#groups_system_get) | **GET** /systemgroups/{id} | View an individual System Group details [**groups_system_list**](SystemGroupsApi.md#groups_system_list) | **GET** /systemgroups | List all System Groups -[**groups_system_patch**](SystemGroupsApi.md#groups_system_patch) | **PATCH** /systemgroups/{id} | Partial update a System Group [**groups_system_post**](SystemGroupsApi.md#groups_system_post) | **POST** /systemgroups | Create a new System Group [**groups_system_put**](SystemGroupsApi.md#groups_system_put) | **PUT** /systemgroups/{id} | Update a System Group - +[**groups_system_suggestions_get**](SystemGroupsApi.md#groups_system_suggestions_get) | **GET** /systemgroups/{group_id}/suggestions | List Suggestions for a System Group +[**groups_system_suggestions_post**](SystemGroupsApi.md#groups_system_suggestions_post) | **POST** /systemgroups/{group_id}/suggestions | Apply Suggestions for a System Group # **graph_system_group_associations_list** -> Array<GraphConnection> graph_system_group_associations_list(group_id, content_type, accepttargets, opts) +> Array<GraphConnection> graph_system_group_associations_list(group_id, targets, opts) List the associations of a System Group @@ -41,24 +41,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -targets = ["targets_example"] # Array | - +group_id = 'group_id_example' # String | ObjectID of the System Group. +targets = ['targets_example'] # Array | Targets which a \"system_group\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a System Group - result = api_instance.graph_system_group_associations_list(group_id, content_type, accepttargets, opts) + result = api_instance.graph_system_group_associations_list(group_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupsApi->graph_system_group_associations_list: #{e}" @@ -70,12 +63,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **targets** | [**Array<String>**](String.md)| | + **targets** | [**Array<String>**](String.md)| Targets which a \"system_group\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -87,17 +78,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_associations_post** -> graph_system_group_associations_post(group_id, content_type, accept, opts) +> graph_system_group_associations_post(group_id, opts) Manage the associations of a System Group -This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` +This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` ### Example ```ruby @@ -112,21 +103,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { - body: JCAPIv2::SystemGroupGraphManagementReq.new, # SystemGroupGraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationSystemGroup.new # GraphOperationSystemGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a System Group - api_instance.graph_system_group_associations_post(group_id, content_type, accept, opts) + api_instance.graph_system_group_associations_post(group_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupsApi->graph_system_group_associations_post: #{e}" end @@ -137,10 +122,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGroupGraphManagementReq**](SystemGroupGraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationSystemGroup**](GraphOperationSystemGroup.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -153,16 +136,16 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined -# **graph_system_group_member_of** -> Array<GraphObjectWithPaths> graph_system_group_member_of(group_id, content_type, accept, opts) +# **graph_system_group_members_list** +> Array<GraphConnection> graph_system_group_members_list(group_id, opts) -List the System Group's parents +List the members of a System Group -This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. +This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -177,27 +160,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List the System Group's parents - result = api_instance.graph_system_group_member_of(group_id, content_type, accept, opts) + #List the members of a System Group + result = api_instance.graph_system_group_members_list(group_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemGroupsApi->graph_system_group_member_of: #{e}" + puts "Exception when calling SystemGroupsApi->graph_system_group_members_list: #{e}" end ``` @@ -206,17 +181,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) +[**Array<GraphConnection>**](GraphConnection.md) ### Authorization @@ -224,17 +195,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_group_members_list** -> Array<GraphConnection> graph_system_group_members_list(group_id, content_type, accept, opts) +# **graph_system_group_members_post** +> graph_system_group_members_post(group_id, opts) -List the members of a System Group +Manage the members of a System Group -This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` ### Example ```ruby @@ -249,25 +220,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + body: JCAPIv2::GraphOperationSystemGroupMember.new # GraphOperationSystemGroupMember | + date: 'date_example' # String | Current date header for the System Context API + authorization: 'authorization_example' # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #List the members of a System Group - result = api_instance.graph_system_group_members_list(group_id, content_type, accept, opts) - p result + #Manage the members of a System Group + api_instance.graph_system_group_members_post(group_id, opts) rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemGroupsApi->graph_system_group_members_list: #{e}" + puts "Exception when calling SystemGroupsApi->graph_system_group_members_post: #{e}" end ``` @@ -276,15 +241,14 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationSystemGroupMember**](GraphOperationSystemGroupMember.md)| | [optional] + **date** | **String**| Current date header for the System Context API | [optional] + **authorization** | **String**| Authorization header for the System Context API | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**Array<GraphConnection>**](GraphConnection.md) +nil (empty response body) ### Authorization @@ -293,16 +257,16 @@ Name | Type | Description | Notes ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined -# **graph_system_group_members_post** -> graph_system_group_members_post(group_id, content_type, accept, opts) +# **graph_system_group_membership** +> Array<GraphObjectWithPaths> graph_system_group_membership(group_id, opts) -Manage the members of a System Group +List the System Group's membership -This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` +This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -317,25 +281,21 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { - body: JCAPIv2::SystemGroupMembersReq.new, # SystemGroupMembersReq | - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - x_org_id: "" # String | + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Manage the members of a System Group - api_instance.graph_system_group_members_post(group_id, content_type, accept, opts) + #List the System Group's membership + result = api_instance.graph_system_group_membership(group_id, opts) + p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemGroupsApi->graph_system_group_members_post: #{e}" + puts "Exception when calling SystemGroupsApi->graph_system_group_membership: #{e}" end ``` @@ -344,16 +304,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGroupMembersReq**](SystemGroupMembersReq.md)| | [optional] - **date** | **String**| Current date header for the System Context API | [optional] - **authorization** | **String**| Authorization header for the System Context API | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -nil (empty response body) +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) ### Authorization @@ -361,17 +320,17 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_group_membership** -> Array<GraphObjectWithPaths> graph_system_group_membership(group_id, content_type, accept, opts) +# **graph_system_group_traverse_policy** +> Array<GraphObjectWithPaths> graph_system_group_traverse_policy(group_id, opts) -List the System Group's membership +List the Policies bound to a System Group -This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -386,27 +345,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - x_org_id: "" # String | + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin - #List the System Group's membership - result = api_instance.graph_system_group_membership(group_id, content_type, accept, opts) + #List the Policies bound to a System Group + result = api_instance.graph_system_group_traverse_policy(group_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemGroupsApi->graph_system_group_membership: #{e}" + puts "Exception when calling SystemGroupsApi->graph_system_group_traverse_policy: #{e}" end ``` @@ -415,13 +367,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -433,17 +382,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_system_group_traverse_policy** -> Array<GraphObjectWithPaths> graph_system_group_traverse_policy(group_id, content_type, accept, opts) +# **graph_system_group_traverse_policy_group** +> Array<GraphObjectWithPaths> graph_system_group_traverse_policy_group(group_id, opts) -List the Policies bound to a System Group +List the Policy Groups bound to a System Group -This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -458,26 +407,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin - #List the Policies bound to a System Group - result = api_instance.graph_system_group_traverse_policy(group_id, content_type, accept, opts) + #List the Policy Groups bound to a System Group + result = api_instance.graph_system_group_traverse_policy_group(group_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemGroupsApi->graph_system_group_traverse_policy: #{e}" + puts "Exception when calling SystemGroupsApi->graph_system_group_traverse_policy_group: #{e}" end ``` @@ -486,12 +429,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -503,13 +444,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_traverse_user** -> Array<GraphObjectWithPaths> graph_system_group_traverse_user(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_group_traverse_user(group_id, opts) List the Users bound to a System Group @@ -528,23 +469,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to a System Group - result = api_instance.graph_system_group_traverse_user(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_traverse_user(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupsApi->graph_system_group_traverse_user: #{e}" @@ -556,12 +491,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -573,13 +506,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_group_traverse_user_group** -> Array<GraphObjectWithPaths> graph_system_group_traverse_user_group(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_group_traverse_user_group(group_id, opts) List the User Groups bound to a System Group @@ -598,23 +531,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the System Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to a System Group - result = api_instance.graph_system_group_traverse_user_group(group_id, content_type, accept, opts) + result = api_instance.graph_system_group_traverse_user_group(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupsApi->graph_system_group_traverse_user_group: #{e}" @@ -626,12 +553,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -643,13 +568,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **groups_system_delete** -> groups_system_delete(id, content_type, accept, opts) +> SystemGroup groups_system_delete(id, opts) Delete a System Group @@ -668,20 +593,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -id = "id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the System Group. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Delete a System Group - api_instance.groups_system_delete(id, content_type, accept, opts) + result = api_instance.groups_system_delete(id, opts) + p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupsApi->groups_system_delete: #{e}" end @@ -692,13 +612,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -nil (empty response body) +[**SystemGroup**](SystemGroup.md) ### Authorization @@ -706,13 +624,13 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **groups_system_get** -> SystemGroup groups_system_get(id, content_type, accept, opts) +> SystemGroup groups_system_get(id, opts) View an individual System Group details @@ -731,20 +649,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -id = "id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the System Group. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #View an individual System Group details - result = api_instance.groups_system_get(id, content_type, accept, opts) + result = api_instance.groups_system_get(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupsApi->groups_system_get: #{e}" @@ -756,9 +668,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -770,13 +680,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **groups_system_list** -> Array<SystemGroup> groups_system_list(content_type, accept, opts) +> Array<SystemGroup> groups_system_list(opts) List all System Groups @@ -795,23 +705,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List all System Groups - result = api_instance.groups_system_list(content_type, accept, opts) + result = api_instance.groups_system_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemGroupsApi->groups_system_list: #{e}" @@ -822,14 +727,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -841,17 +744,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **groups_system_patch** -> SystemGroup groups_system_patch(id, content_type, accept, opts) +# **groups_system_post** +> SystemGroup groups_system_post(opts) -Partial update a System Group +Create a new System Group -We have hidden PATCH on the systemgroups and usergroups for now; we don't have that implemented correctly yet, people should use PUT until we do a true PATCH operation. #### Sample Request ``` https://console.jumpcloud.com/api/v2/systemgroups/{id} ``` +This endpoint allows you to create a new System Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` ### Example ```ruby @@ -866,24 +769,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -id = "id_example" # String | ObjectID of the System Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - body: JCAPIv2::SystemGroupData.new, # SystemGroupData | - x_org_id: "" # String | + body: JCAPIv2::SystemGroupPost.new # SystemGroupPost | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Partial update a System Group - result = api_instance.groups_system_patch(id, content_type, accept, opts) + #Create a new System Group + result = api_instance.groups_system_post(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemGroupsApi->groups_system_patch: #{e}" + puts "Exception when calling SystemGroupsApi->groups_system_post: #{e}" end ``` @@ -891,11 +787,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGroupData**](SystemGroupData.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**SystemGroupPost**](SystemGroupPost.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -912,12 +805,12 @@ Name | Type | Description | Notes -# **groups_system_post** -> SystemGroup groups_system_post(content_type, accept, opts) +# **groups_system_put** +> SystemGroup groups_system_put(id, opts) -Create a new System Group +Update a System Group -This endpoint allows you to create a new System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` +This endpoint allows you to do a full update of the System Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Name_Update\" }' ``` ### Example ```ruby @@ -932,22 +825,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the System Group. opts = { - body: JCAPIv2::SystemGroupData.new, # SystemGroupData | - x_org_id: "" # String | + body: JCAPIv2::SystemGroupPut.new # SystemGroupPut | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Create a new System Group - result = api_instance.groups_system_post(content_type, accept, opts) + #Update a System Group + result = api_instance.groups_system_put(id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemGroupsApi->groups_system_post: #{e}" + puts "Exception when calling SystemGroupsApi->groups_system_put: #{e}" end ``` @@ -955,10 +844,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGroupData**](SystemGroupData.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **id** | **String**| ObjectID of the System Group. | + **body** | [**SystemGroupPut**](SystemGroupPut.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -975,12 +863,12 @@ Name | Type | Description | Notes -# **groups_system_put** -> SystemGroup groups_system_put(id, content_type, accept, opts) +# **groups_system_suggestions_get** +> Array<MemberSuggestion> groups_system_suggestions_get(group_id, opts) -Update a System Group +List Suggestions for a System Group -This endpoint allows you to do a full update of the System Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Name_Update\" }' ``` +This endpoint returns available suggestions for a given system group #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -995,24 +883,78 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemGroupsApi.new +group_id = 'group_id_example' # String | ID of the group +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List Suggestions for a System Group + result = api_instance.groups_system_suggestions_get(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemGroupsApi->groups_system_suggestions_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ID of the group | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**Array<MemberSuggestion>**](MemberSuggestion.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + -id = "id_example" # String | ObjectID of the System Group. -content_type = "application/json" # String | +# **groups_system_suggestions_post** +> Array<MemberSuggestionsPostResult> groups_system_suggestions_post(bodygroup_id, opts) -accept = "application/json" # String | +Apply Suggestions for a System Group + +This endpoint applies the suggestions for the specified system group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"object_ids\": [\"212345678901234567890123\", \"123456789012345678901234\"] }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::SystemGroupsApi.new +body = JCAPIv2::GroupIdSuggestionsBody.new # GroupIdSuggestionsBody | +group_id = 'group_id_example' # String | ID of the group opts = { - body: JCAPIv2::SystemGroupData.new, # SystemGroupData | - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Update a System Group - result = api_instance.groups_system_put(id, content_type, accept, opts) + #Apply Suggestions for a System Group + result = api_instance.groups_system_suggestions_post(bodygroup_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemGroupsApi->groups_system_put: #{e}" + puts "Exception when calling SystemGroupsApi->groups_system_suggestions_post: #{e}" end ``` @@ -1020,15 +962,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| ObjectID of the System Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGroupData**](SystemGroupData.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GroupIdSuggestionsBody**](GroupIdSuggestionsBody.md)| | + **group_id** | **String**| ID of the group | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**SystemGroup**](SystemGroup.md) +[**Array<MemberSuggestionsPostResult>**](MemberSuggestionsPostResult.md) ### Authorization diff --git a/jcapiv2/docs/SystemInsightsAlf.md b/jcapiv2/docs/SystemInsightsAlf.md new file mode 100644 index 0000000..d32c7ea --- /dev/null +++ b/jcapiv2/docs/SystemInsightsAlf.md @@ -0,0 +1,15 @@ +# JCAPIv2::SystemInsightsAlf + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**allow_signed_enabled** | **Integer** | | [optional] +**collection_time** | **String** | | [optional] +**firewall_unload** | **Integer** | | [optional] +**global_state** | **Integer** | | [optional] +**logging_enabled** | **Integer** | | [optional] +**logging_option** | **Integer** | | [optional] +**stealth_enabled** | **Integer** | | [optional] +**system_id** | **String** | | [optional] +**version** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsAlfExceptions.md b/jcapiv2/docs/SystemInsightsAlfExceptions.md new file mode 100644 index 0000000..29561e6 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsAlfExceptions.md @@ -0,0 +1,10 @@ +# JCAPIv2::SystemInsightsAlfExceptions + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**path** | **String** | | [optional] +**state** | [**BigDecimal**](BigDecimal.md) | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsAlfExplicitAuths.md b/jcapiv2/docs/SystemInsightsAlfExplicitAuths.md new file mode 100644 index 0000000..6307bb2 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsAlfExplicitAuths.md @@ -0,0 +1,9 @@ +# JCAPIv2::SystemInsightsAlfExplicitAuths + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**process** | **String** | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsApi.md b/jcapiv2/docs/SystemInsightsApi.md index 10b0c53..12141bf 100644 --- a/jcapiv2/docs/SystemInsightsApi.md +++ b/jcapiv2/docs/SystemInsightsApi.md @@ -4,96 +4,521 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- +[**systeminsights_list_alf**](SystemInsightsApi.md#systeminsights_list_alf) | **GET** /systeminsights/alf | List System Insights ALF +[**systeminsights_list_alf_exceptions**](SystemInsightsApi.md#systeminsights_list_alf_exceptions) | **GET** /systeminsights/alf_exceptions | List System Insights ALF Exceptions +[**systeminsights_list_alf_explicit_auths**](SystemInsightsApi.md#systeminsights_list_alf_explicit_auths) | **GET** /systeminsights/alf_explicit_auths | List System Insights ALF Explicit Authentications +[**systeminsights_list_appcompat_shims**](SystemInsightsApi.md#systeminsights_list_appcompat_shims) | **GET** /systeminsights/appcompat_shims | List System Insights Application Compatibility Shims [**systeminsights_list_apps**](SystemInsightsApi.md#systeminsights_list_apps) | **GET** /systeminsights/apps | List System Insights Apps +[**systeminsights_list_authorized_keys**](SystemInsightsApi.md#systeminsights_list_authorized_keys) | **GET** /systeminsights/authorized_keys | List System Insights Authorized Keys +[**systeminsights_list_azure_instance_metadata**](SystemInsightsApi.md#systeminsights_list_azure_instance_metadata) | **GET** /systeminsights/azure_instance_metadata | List System Insights Azure Instance Metadata +[**systeminsights_list_azure_instance_tags**](SystemInsightsApi.md#systeminsights_list_azure_instance_tags) | **GET** /systeminsights/azure_instance_tags | List System Insights Azure Instance Tags [**systeminsights_list_battery**](SystemInsightsApi.md#systeminsights_list_battery) | **GET** /systeminsights/battery | List System Insights Battery [**systeminsights_list_bitlocker_info**](SystemInsightsApi.md#systeminsights_list_bitlocker_info) | **GET** /systeminsights/bitlocker_info | List System Insights Bitlocker Info [**systeminsights_list_browser_plugins**](SystemInsightsApi.md#systeminsights_list_browser_plugins) | **GET** /systeminsights/browser_plugins | List System Insights Browser Plugins +[**systeminsights_list_certificates**](SystemInsightsApi.md#systeminsights_list_certificates) | **GET** /systeminsights/certificates | List System Insights Certificates +[**systeminsights_list_chassis_info**](SystemInsightsApi.md#systeminsights_list_chassis_info) | **GET** /systeminsights/chassis_info | List System Insights Chassis Info [**systeminsights_list_chrome_extensions**](SystemInsightsApi.md#systeminsights_list_chrome_extensions) | **GET** /systeminsights/chrome_extensions | List System Insights Chrome Extensions +[**systeminsights_list_connectivity**](SystemInsightsApi.md#systeminsights_list_connectivity) | **GET** /systeminsights/connectivity | List System Insights Connectivity [**systeminsights_list_crashes**](SystemInsightsApi.md#systeminsights_list_crashes) | **GET** /systeminsights/crashes | List System Insights Crashes +[**systeminsights_list_cups_destinations**](SystemInsightsApi.md#systeminsights_list_cups_destinations) | **GET** /systeminsights/cups_destinations | List System Insights CUPS Destinations [**systeminsights_list_disk_encryption**](SystemInsightsApi.md#systeminsights_list_disk_encryption) | **GET** /systeminsights/disk_encryption | List System Insights Disk Encryption [**systeminsights_list_disk_info**](SystemInsightsApi.md#systeminsights_list_disk_info) | **GET** /systeminsights/disk_info | List System Insights Disk Info +[**systeminsights_list_dns_resolvers**](SystemInsightsApi.md#systeminsights_list_dns_resolvers) | **GET** /systeminsights/dns_resolvers | List System Insights DNS Resolvers [**systeminsights_list_etc_hosts**](SystemInsightsApi.md#systeminsights_list_etc_hosts) | **GET** /systeminsights/etc_hosts | List System Insights Etc Hosts [**systeminsights_list_firefox_addons**](SystemInsightsApi.md#systeminsights_list_firefox_addons) | **GET** /systeminsights/firefox_addons | List System Insights Firefox Addons [**systeminsights_list_groups**](SystemInsightsApi.md#systeminsights_list_groups) | **GET** /systeminsights/groups | List System Insights Groups [**systeminsights_list_ie_extensions**](SystemInsightsApi.md#systeminsights_list_ie_extensions) | **GET** /systeminsights/ie_extensions | List System Insights IE Extensions [**systeminsights_list_interface_addresses**](SystemInsightsApi.md#systeminsights_list_interface_addresses) | **GET** /systeminsights/interface_addresses | List System Insights Interface Addresses +[**systeminsights_list_interface_details**](SystemInsightsApi.md#systeminsights_list_interface_details) | **GET** /systeminsights/interface_details | List System Insights Interface Details [**systeminsights_list_kernel_info**](SystemInsightsApi.md#systeminsights_list_kernel_info) | **GET** /systeminsights/kernel_info | List System Insights Kernel Info [**systeminsights_list_launchd**](SystemInsightsApi.md#systeminsights_list_launchd) | **GET** /systeminsights/launchd | List System Insights Launchd +[**systeminsights_list_linux_packages**](SystemInsightsApi.md#systeminsights_list_linux_packages) | **GET** /systeminsights/linux_packages | List System Insights Linux Packages [**systeminsights_list_logged_in_users**](SystemInsightsApi.md#systeminsights_list_logged_in_users) | **GET** /systeminsights/logged_in_users | List System Insights Logged-In Users [**systeminsights_list_logical_drives**](SystemInsightsApi.md#systeminsights_list_logical_drives) | **GET** /systeminsights/logical_drives | List System Insights Logical Drives +[**systeminsights_list_managed_policies**](SystemInsightsApi.md#systeminsights_list_managed_policies) | **GET** /systeminsights/managed_policies | List System Insights Managed Policies [**systeminsights_list_mounts**](SystemInsightsApi.md#systeminsights_list_mounts) | **GET** /systeminsights/mounts | List System Insights Mounts [**systeminsights_list_os_version**](SystemInsightsApi.md#systeminsights_list_os_version) | **GET** /systeminsights/os_version | List System Insights OS Version [**systeminsights_list_patches**](SystemInsightsApi.md#systeminsights_list_patches) | **GET** /systeminsights/patches | List System Insights Patches [**systeminsights_list_programs**](SystemInsightsApi.md#systeminsights_list_programs) | **GET** /systeminsights/programs | List System Insights Programs +[**systeminsights_list_python_packages**](SystemInsightsApi.md#systeminsights_list_python_packages) | **GET** /systeminsights/python_packages | List System Insights Python Packages [**systeminsights_list_safari_extensions**](SystemInsightsApi.md#systeminsights_list_safari_extensions) | **GET** /systeminsights/safari_extensions | List System Insights Safari Extensions -[**systeminsights_list_system_apps**](SystemInsightsApi.md#systeminsights_list_system_apps) | **GET** /systeminsights/{system_id}/apps | List System Insights System Apps -[**systeminsights_list_system_bitlocker_info**](SystemInsightsApi.md#systeminsights_list_system_bitlocker_info) | **GET** /systeminsights/{system_id}/bitlocker_info | List System Insights System Bitlocker Info -[**systeminsights_list_system_browser_plugins**](SystemInsightsApi.md#systeminsights_list_system_browser_plugins) | **GET** /systeminsights/{system_id}/browser_plugins | List System Insights System Browser Plugins -[**systeminsights_list_system_chrome_extensions**](SystemInsightsApi.md#systeminsights_list_system_chrome_extensions) | **GET** /systeminsights/{system_id}/chrome_extensions | List System Insights System Chrome Extensions +[**systeminsights_list_scheduled_tasks**](SystemInsightsApi.md#systeminsights_list_scheduled_tasks) | **GET** /systeminsights/scheduled_tasks | List System Insights Scheduled Tasks +[**systeminsights_list_secureboot**](SystemInsightsApi.md#systeminsights_list_secureboot) | **GET** /systeminsights/secureboot | List System Insights Secure Boot +[**systeminsights_list_services**](SystemInsightsApi.md#systeminsights_list_services) | **GET** /systeminsights/services | List System Insights Services +[**systeminsights_list_shadow**](SystemInsightsApi.md#systeminsights_list_shadow) | **GET** /systeminsights/shadow | LIst System Insights Shadow +[**systeminsights_list_shared_folders**](SystemInsightsApi.md#systeminsights_list_shared_folders) | **GET** /systeminsights/shared_folders | List System Insights Shared Folders +[**systeminsights_list_shared_resources**](SystemInsightsApi.md#systeminsights_list_shared_resources) | **GET** /systeminsights/shared_resources | List System Insights Shared Resources +[**systeminsights_list_sharing_preferences**](SystemInsightsApi.md#systeminsights_list_sharing_preferences) | **GET** /systeminsights/sharing_preferences | List System Insights Sharing Preferences +[**systeminsights_list_sip_config**](SystemInsightsApi.md#systeminsights_list_sip_config) | **GET** /systeminsights/sip_config | List System Insights SIP Config +[**systeminsights_list_startup_items**](SystemInsightsApi.md#systeminsights_list_startup_items) | **GET** /systeminsights/startup_items | List System Insights Startup Items [**systeminsights_list_system_controls**](SystemInsightsApi.md#systeminsights_list_system_controls) | **GET** /systeminsights/system_controls | List System Insights System Control -[**systeminsights_list_system_disk_encryption**](SystemInsightsApi.md#systeminsights_list_system_disk_encryption) | **GET** /systeminsights/{system_id}/disk_encryption | List System Insights System Disk Encryption -[**systeminsights_list_system_disk_info**](SystemInsightsApi.md#systeminsights_list_system_disk_info) | **GET** /systeminsights/{system_id}/disk_info | List System Insights System Disk Info -[**systeminsights_list_system_etc_hosts**](SystemInsightsApi.md#systeminsights_list_system_etc_hosts) | **GET** /systeminsights/{system_id}/etc_hosts | List System Insights System Etc Hosts -[**systeminsights_list_system_firefox_addons**](SystemInsightsApi.md#systeminsights_list_system_firefox_addons) | **GET** /systeminsights/{system_id}/firefox_addons | List System Insights System Firefox Addons -[**systeminsights_list_system_groups**](SystemInsightsApi.md#systeminsights_list_system_groups) | **GET** /systeminsights/{system_id}/groups | List System Insights System Groups [**systeminsights_list_system_info**](SystemInsightsApi.md#systeminsights_list_system_info) | **GET** /systeminsights/system_info | List System Insights System Info -[**systeminsights_list_system_interface_addresses**](SystemInsightsApi.md#systeminsights_list_system_interface_addresses) | **GET** /systeminsights/{system_id}/interface_addresses | List System Insights System Interface Addresses -[**systeminsights_list_system_kernel_info**](SystemInsightsApi.md#systeminsights_list_system_kernel_info) | **GET** /systeminsights/{system_id}/kernel_info | List System Insights System Kernel Info -[**systeminsights_list_system_logical_drives**](SystemInsightsApi.md#systeminsights_list_system_logical_drives) | **GET** /systeminsights/{system_id}/logical_drives | List System Insights System Logical Drives -[**systeminsights_list_system_mounts**](SystemInsightsApi.md#systeminsights_list_system_mounts) | **GET** /systeminsights/{system_id}/mounts | List System Insights System Mounts -[**systeminsights_list_system_os_version**](SystemInsightsApi.md#systeminsights_list_system_os_version) | **GET** /systeminsights/{system_id}/os_version | List System Insights System OS Version -[**systeminsights_list_system_patches**](SystemInsightsApi.md#systeminsights_list_system_patches) | **GET** /systeminsights/{system_id}/patches | List System Insights System Patches -[**systeminsights_list_system_programs**](SystemInsightsApi.md#systeminsights_list_system_programs) | **GET** /systeminsights/{system_id}/programs | List System Insights System Programs -[**systeminsights_list_system_safari_extensions**](SystemInsightsApi.md#systeminsights_list_system_safari_extensions) | **GET** /systeminsights/{system_id}/safari_extensions | List System Insights System Safari Extensions -[**systeminsights_list_system_system_controls**](SystemInsightsApi.md#systeminsights_list_system_system_controls) | **GET** /systeminsights/{system_id}/system_controls | List System Insights System System Controls -[**systeminsights_list_system_system_info**](SystemInsightsApi.md#systeminsights_list_system_system_info) | **GET** /systeminsights/{system_id}/system_info | List System Insights System System Info -[**systeminsights_list_system_uptime**](SystemInsightsApi.md#systeminsights_list_system_uptime) | **GET** /systeminsights/{system_id}/uptime | List System Insights System Uptime -[**systeminsights_list_system_users**](SystemInsightsApi.md#systeminsights_list_system_users) | **GET** /systeminsights/{system_id}/users | List System Insights System Users +[**systeminsights_list_tpm_info**](SystemInsightsApi.md#systeminsights_list_tpm_info) | **GET** /systeminsights/tpm_info | List System Insights TPM Info [**systeminsights_list_uptime**](SystemInsightsApi.md#systeminsights_list_uptime) | **GET** /systeminsights/uptime | List System Insights Uptime [**systeminsights_list_usb_devices**](SystemInsightsApi.md#systeminsights_list_usb_devices) | **GET** /systeminsights/usb_devices | List System Insights USB Devices [**systeminsights_list_user_groups**](SystemInsightsApi.md#systeminsights_list_user_groups) | **GET** /systeminsights/user_groups | List System Insights User Groups +[**systeminsights_list_user_ssh_keys**](SystemInsightsApi.md#systeminsights_list_user_ssh_keys) | **GET** /systeminsights/user_ssh_keys | List System Insights User SSH Keys +[**systeminsights_list_userassist**](SystemInsightsApi.md#systeminsights_list_userassist) | **GET** /systeminsights/userassist | List System Insights User Assist [**systeminsights_list_users**](SystemInsightsApi.md#systeminsights_list_users) | **GET** /systeminsights/users | List System Insights Users -[**systeminsights_list_windows_crashes**](SystemInsightsApi.md#systeminsights_list_windows_crashes) | **GET** /systeminsights/windows_crashes | List System Insights Windows Crashes +[**systeminsights_list_wifi_networks**](SystemInsightsApi.md#systeminsights_list_wifi_networks) | **GET** /systeminsights/wifi_networks | List System Insights WiFi Networks +[**systeminsights_list_wifi_status**](SystemInsightsApi.md#systeminsights_list_wifi_status) | **GET** /systeminsights/wifi_status | List System Insights WiFi Status +[**systeminsights_list_windows_security_center**](SystemInsightsApi.md#systeminsights_list_windows_security_center) | **GET** /systeminsights/windows_security_center | List System Insights Windows Security Center +[**systeminsights_list_windows_security_products**](SystemInsightsApi.md#systeminsights_list_windows_security_products) | **GET** /systeminsights/windows_security_products | List System Insights Windows Security Products + +# **systeminsights_list_alf** +> Array<SystemInsightsAlf> systeminsights_list_alf(opts) + +List System Insights ALF + +Valid filter fields are `system_id` and `global_state`. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + limit: 10 # Integer | +} + +begin + #List System Insights ALF + result = api_instance.systeminsights_list_alf(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_alf: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] + +### Return type + +[**Array<SystemInsightsAlf>**](SystemInsightsAlf.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systeminsights_list_alf_exceptions** +> Array<SystemInsightsAlfExceptions> systeminsights_list_alf_exceptions(opts) + +List System Insights ALF Exceptions + +Valid filter fields are `system_id` and `state`. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + limit: 10 # Integer | +} + +begin + #List System Insights ALF Exceptions + result = api_instance.systeminsights_list_alf_exceptions(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_alf_exceptions: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] + +### Return type + +[**Array<SystemInsightsAlfExceptions>**](SystemInsightsAlfExceptions.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systeminsights_list_alf_explicit_auths** +> Array<SystemInsightsAlfExplicitAuths> systeminsights_list_alf_explicit_auths(opts) + +List System Insights ALF Explicit Authentications + +Valid filter fields are `system_id` and `process`. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + limit: 10 # Integer | +} + +begin + #List System Insights ALF Explicit Authentications + result = api_instance.systeminsights_list_alf_explicit_auths(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_alf_explicit_auths: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] + +### Return type + +[**Array<SystemInsightsAlfExplicitAuths>**](SystemInsightsAlfExplicitAuths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systeminsights_list_appcompat_shims** +> Array<SystemInsightsAppcompatShims> systeminsights_list_appcompat_shims(opts) + +List System Insights Application Compatibility Shims + +Valid filter fields are `system_id` and `enabled`. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Application Compatibility Shims + result = api_instance.systeminsights_list_appcompat_shims(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_appcompat_shims: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] + +### Return type + +[**Array<SystemInsightsAppcompatShims>**](SystemInsightsAppcompatShims.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + # **systeminsights_list_apps** -> Array<SystemInsightsApps> systeminsights_list_apps(content_type, accept, opts) +> Array<SystemInsightsApps> systeminsights_list_apps(opts) + +List System Insights Apps + +Lists all apps for macOS devices. For Windows devices, use [List System Insights Programs](#operation/systeminsights_list_programs). Valid filter fields are `system_id` and `bundle_name`. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Apps + result = api_instance.systeminsights_list_apps(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_apps: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] + +### Return type + +[**Array<SystemInsightsApps>**](SystemInsightsApps.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systeminsights_list_authorized_keys** +> Array<SystemInsightsAuthorizedKeys> systeminsights_list_authorized_keys(opts) + +List System Insights Authorized Keys + +Valid filter fields are `system_id` and `uid`. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Authorized Keys + result = api_instance.systeminsights_list_authorized_keys(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_authorized_keys: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] + +### Return type + +[**Array<SystemInsightsAuthorizedKeys>**](SystemInsightsAuthorizedKeys.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systeminsights_list_azure_instance_metadata** +> Array<SystemInsightsAzureInstanceMetadata> systeminsights_list_azure_instance_metadata(opts) + +List System Insights Azure Instance Metadata + +Valid filter fields are `system_id`. + +### Example +```ruby +# load the gem +require 'jcapiv2' + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} -List System Insights Apps +begin + #List System Insights Azure Instance Metadata + result = api_instance.systeminsights_list_azure_instance_metadata(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_azure_instance_metadata: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] + +### Return type + +[**Array<SystemInsightsAzureInstanceMetadata>**](SystemInsightsAzureInstanceMetadata.md) + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systeminsights_list_azure_instance_tags** +> Array<SystemInsightsAzureInstanceTags> systeminsights_list_azure_instance_tags(opts) -Valid filter fields are `system_id` and `bundle_name`. +List System Insights Azure Instance Tags + +Valid filter fields are `system_id`. ### Example ```ruby # load the gem require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Apps - result = api_instance.systeminsights_list_apps(content_type, accept, opts) + #List System Insights Azure Instance Tags + result = api_instance.systeminsights_list_azure_instance_tags(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_apps: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_azure_instance_tags: #{e}" end ``` @@ -101,30 +526,29 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsApps>**](SystemInsightsApps.md) +[**Array<SystemInsightsAzureInstanceTags>**](SystemInsightsAzureInstanceTags.md) ### Authorization -[x-api-key](../README.md#x-api-key) +No authorization required ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **systeminsights_list_battery** -> Array<SystemInsightsBattery> systeminsights_list_battery(content_type, accept, opts) +> Array<SystemInsightsBattery> systeminsights_list_battery(opts) List System Insights Battery @@ -143,21 +567,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin #List System Insights Battery - result = api_instance.systeminsights_list_battery(content_type, accept, opts) + result = api_instance.systeminsights_list_battery(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemInsightsApi->systeminsights_list_battery: #{e}" @@ -168,12 +588,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type @@ -185,13 +604,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **systeminsights_list_bitlocker_info** -> Array<SystemInsightsBitlockerInfo> systeminsights_list_bitlocker_info(content_type, accept, opts) +> Array<SystemInsightsBitlockerInfo> systeminsights_list_bitlocker_info(opts) List System Insights Bitlocker Info @@ -210,21 +629,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin #List System Insights Bitlocker Info - result = api_instance.systeminsights_list_bitlocker_info(content_type, accept, opts) + result = api_instance.systeminsights_list_bitlocker_info(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemInsightsApi->systeminsights_list_bitlocker_info: #{e}" @@ -235,12 +650,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type @@ -252,13 +666,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **systeminsights_list_browser_plugins** -> Array<SystemInsightsBrowserPlugins> systeminsights_list_browser_plugins(content_type, accept, opts) +> Array<SystemInsightsBrowserPlugins> systeminsights_list_browser_plugins(opts) List System Insights Browser Plugins @@ -277,21 +691,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin #List System Insights Browser Plugins - result = api_instance.systeminsights_list_browser_plugins(content_type, accept, opts) + result = api_instance.systeminsights_list_browser_plugins(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemInsightsApi->systeminsights_list_browser_plugins: #{e}" @@ -302,12 +712,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type @@ -319,17 +728,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_chrome_extensions** -> Array<SystemInsightsChromeExtensions> systeminsights_list_chrome_extensions(content_type, accept, opts) +# **systeminsights_list_certificates** +> Array<SystemInsightsCertificates> systeminsights_list_certificates(opts) -List System Insights Chrome Extensions +List System Insights Certificates -Valid filter fields are `system_id` and `name`. +Valid filter fields are `system_id` and `common_name`. ### Example ```ruby @@ -344,21 +753,134 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `common_name` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Certificates + result = api_instance.systeminsights_list_certificates(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_certificates: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `common_name` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] + +### Return type + +[**Array<SystemInsightsCertificates>**](SystemInsightsCertificates.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systeminsights_list_chassis_info** +> Array<SystemInsightsChassisInfo> systeminsights_list_chassis_info(opts) + +List System Insights Chassis Info + +Valid filter fields are `system_id`. + +### Example +```ruby +# load the gem +require 'jcapiv2' + +api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | +} + +begin + #List System Insights Chassis Info + result = api_instance.systeminsights_list_chassis_info(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_chassis_info: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] + +### Return type + +[**Array<SystemInsightsChassisInfo>**](SystemInsightsChassisInfo.md) + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json -content_type = "application/json" # String | -accept = "application/json" # String | +# **systeminsights_list_chrome_extensions** +> Array<SystemInsightsChromeExtensions> systeminsights_list_chrome_extensions(opts) + +List System Insights Chrome Extensions + +Valid filter fields are `system_id` and `name`. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemInsightsApi.new opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin #List System Insights Chrome Extensions - result = api_instance.systeminsights_list_chrome_extensions(content_type, accept, opts) + result = api_instance.systeminsights_list_chrome_extensions(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemInsightsApi->systeminsights_list_chrome_extensions: #{e}" @@ -369,12 +891,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type @@ -386,17 +907,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_crashes** -> Array<SystemInsightsCrashes> systeminsights_list_crashes(content_type, accept, opts) +# **systeminsights_list_connectivity** +> Array<SystemInsightsConnectivity> systeminsights_list_connectivity(opts) -List System Insights Crashes +List System Insights Connectivity -Valid filter fields are `system_id` and `identifier`. +The only valid filter field is `system_id`. ### Example ```ruby @@ -411,21 +932,79 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | +} + +begin + #List System Insights Connectivity + result = api_instance.systeminsights_list_connectivity(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemInsightsApi->systeminsights_list_connectivity: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] + +### Return type + +[**Array<SystemInsightsConnectivity>**](SystemInsightsConnectivity.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systeminsights_list_crashes** +> Array<SystemInsightsCrashes> systeminsights_list_crashes(opts) + +List System Insights Crashes -content_type = "application/json" # String | +Valid filter fields are `system_id` and `identifier`. -accept = "application/json" # String | +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::SystemInsightsApi.new opts = { - limit: 10, # Integer | - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin #List System Insights Crashes - result = api_instance.systeminsights_list_crashes(content_type, accept, opts) + result = api_instance.systeminsights_list_crashes(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemInsightsApi->systeminsights_list_crashes: #{e}" @@ -436,12 +1015,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type @@ -453,17 +1031,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_disk_encryption** -> Array<SystemInsightsDiskEncryption> systeminsights_list_disk_encryption(content_type, accept, opts) +# **systeminsights_list_cups_destinations** +> Array<SystemInsightsCupsDestinations> systeminsights_list_cups_destinations(opts) -List System Insights Disk Encryption +List System Insights CUPS Destinations -Valid filter fields are `system_id` and `encryption_status`. +Valid filter fields are `system_id` and `name`. ### Example ```ruby @@ -478,24 +1056,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Disk Encryption - result = api_instance.systeminsights_list_disk_encryption(content_type, accept, opts) + #List System Insights CUPS Destinations + result = api_instance.systeminsights_list_cups_destinations(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_disk_encryption: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_cups_destinations: #{e}" end ``` @@ -503,16 +1077,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsDiskEncryption>**](SystemInsightsDiskEncryption.md) +[**Array<SystemInsightsCupsDestinations>**](SystemInsightsCupsDestinations.md) ### Authorization @@ -520,17 +1093,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_disk_info** -> Array<SystemInsightsDiskInfo> systeminsights_list_disk_info(content_type, accept, opts) +# **systeminsights_list_disk_encryption** +> Array<SystemInsightsDiskEncryption> systeminsights_list_disk_encryption(opts) -List System Insights Disk Info +List System Insights Disk Encryption -Valid filter fields are `system_id` and `disk_index`. +Valid filter fields are `system_id` and `encryption_status`. ### Example ```ruby @@ -545,24 +1118,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Disk Info - result = api_instance.systeminsights_list_disk_info(content_type, accept, opts) + #List System Insights Disk Encryption + result = api_instance.systeminsights_list_disk_encryption(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_disk_info: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_disk_encryption: #{e}" end ``` @@ -570,16 +1139,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsDiskInfo>**](SystemInsightsDiskInfo.md) +[**Array<SystemInsightsDiskEncryption>**](SystemInsightsDiskEncryption.md) ### Authorization @@ -587,17 +1155,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_etc_hosts** -> Array<SystemInsightsEtcHosts> systeminsights_list_etc_hosts(content_type, accept, opts) +# **systeminsights_list_disk_info** +> Array<SystemInsightsDiskInfo> systeminsights_list_disk_info(opts) -List System Insights Etc Hosts +List System Insights Disk Info -Valid filter fields are `system_id` and `address`. +Valid filter fields are `system_id` and `disk_index`. ### Example ```ruby @@ -612,24 +1180,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Etc Hosts - result = api_instance.systeminsights_list_etc_hosts(content_type, accept, opts) + #List System Insights Disk Info + result = api_instance.systeminsights_list_disk_info(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_etc_hosts: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_disk_info: #{e}" end ``` @@ -637,16 +1201,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsEtcHosts>**](SystemInsightsEtcHosts.md) +[**Array<SystemInsightsDiskInfo>**](SystemInsightsDiskInfo.md) ### Authorization @@ -654,17 +1217,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_firefox_addons** -> Array<SystemInsightsFirefoxAddons> systeminsights_list_firefox_addons(content_type, accept, opts) +# **systeminsights_list_dns_resolvers** +> Array<SystemInsightsDnsResolvers> systeminsights_list_dns_resolvers(opts) -List System Insights Firefox Addons +List System Insights DNS Resolvers -Valid filter fields are `system_id` and `name`. +Valid filter fields are `system_id` and `type`. ### Example ```ruby @@ -679,24 +1242,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Firefox Addons - result = api_instance.systeminsights_list_firefox_addons(content_type, accept, opts) + #List System Insights DNS Resolvers + result = api_instance.systeminsights_list_dns_resolvers(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_firefox_addons: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_dns_resolvers: #{e}" end ``` @@ -704,16 +1263,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsFirefoxAddons>**](SystemInsightsFirefoxAddons.md) +[**Array<SystemInsightsDnsResolvers>**](SystemInsightsDnsResolvers.md) ### Authorization @@ -721,17 +1279,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_groups** -> Array<SystemInsightsGroups> systeminsights_list_groups(content_type, accept, opts) +# **systeminsights_list_etc_hosts** +> Array<SystemInsightsEtcHosts> systeminsights_list_etc_hosts(opts) -List System Insights Groups +List System Insights Etc Hosts -Valid filter fields are `system_id` and `groupname`. +Valid filter fields are `system_id` and `address`. ### Example ```ruby @@ -746,24 +1304,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Groups - result = api_instance.systeminsights_list_groups(content_type, accept, opts) + #List System Insights Etc Hosts + result = api_instance.systeminsights_list_etc_hosts(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_groups: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_etc_hosts: #{e}" end ``` @@ -771,16 +1325,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsGroups>**](SystemInsightsGroups.md) +[**Array<SystemInsightsEtcHosts>**](SystemInsightsEtcHosts.md) ### Authorization @@ -788,15 +1341,15 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_ie_extensions** -> Array<SystemInsightsIeExtensions> systeminsights_list_ie_extensions(content_type, accept, opts) +# **systeminsights_list_firefox_addons** +> Array<SystemInsightsFirefoxAddons> systeminsights_list_firefox_addons(opts) -List System Insights IE Extensions +List System Insights Firefox Addons Valid filter fields are `system_id` and `name`. @@ -813,24 +1366,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights IE Extensions - result = api_instance.systeminsights_list_ie_extensions(content_type, accept, opts) + #List System Insights Firefox Addons + result = api_instance.systeminsights_list_firefox_addons(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_ie_extensions: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_firefox_addons: #{e}" end ``` @@ -838,16 +1387,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsIeExtensions>**](SystemInsightsIeExtensions.md) +[**Array<SystemInsightsFirefoxAddons>**](SystemInsightsFirefoxAddons.md) ### Authorization @@ -855,17 +1403,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_interface_addresses** -> Array<SystemInsightsInterfaceAddresses> systeminsights_list_interface_addresses(content_type, accept, opts) +# **systeminsights_list_groups** +> Array<SystemInsightsGroups> systeminsights_list_groups(opts) -List System Insights Interface Addresses +List System Insights Groups -Valid filter fields are `system_id` and `address`. +Valid filter fields are `system_id` and `groupname`. ### Example ```ruby @@ -880,24 +1428,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Interface Addresses - result = api_instance.systeminsights_list_interface_addresses(content_type, accept, opts) + #List System Insights Groups + result = api_instance.systeminsights_list_groups(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_interface_addresses: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_groups: #{e}" end ``` @@ -905,16 +1449,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsInterfaceAddresses>**](SystemInsightsInterfaceAddresses.md) +[**Array<SystemInsightsGroups>**](SystemInsightsGroups.md) ### Authorization @@ -922,17 +1465,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_kernel_info** -> Array<SystemInsightsKernelInfo> systeminsights_list_kernel_info(content_type, accept, opts) +# **systeminsights_list_ie_extensions** +> Array<SystemInsightsIeExtensions> systeminsights_list_ie_extensions(opts) -List System Insights Kernel Info +List System Insights IE Extensions -Valid filter fields are `system_id` and `version`. +Valid filter fields are `system_id` and `name`. ### Example ```ruby @@ -947,24 +1490,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights Kernel Info - result = api_instance.systeminsights_list_kernel_info(content_type, accept, opts) + #List System Insights IE Extensions + result = api_instance.systeminsights_list_ie_extensions(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_kernel_info: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_ie_extensions: #{e}" end ``` @@ -972,16 +1511,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsKernelInfo>**](SystemInsightsKernelInfo.md) +[**Array<SystemInsightsIeExtensions>**](SystemInsightsIeExtensions.md) ### Authorization @@ -989,17 +1527,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_launchd** -> Array<SystemInsightsLaunchd> systeminsights_list_launchd(content_type, accept, opts) +# **systeminsights_list_interface_addresses** +> Array<SystemInsightsInterfaceAddresses> systeminsights_list_interface_addresses(opts) -List System Insights Launchd +List System Insights Interface Addresses -Valid filter fields are `system_id` and `name`. +Valid filter fields are `system_id` and `address`. ### Example ```ruby @@ -1014,24 +1552,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Launchd - result = api_instance.systeminsights_list_launchd(content_type, accept, opts) + #List System Insights Interface Addresses + result = api_instance.systeminsights_list_interface_addresses(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_launchd: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_interface_addresses: #{e}" end ``` @@ -1039,16 +1573,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsLaunchd>**](SystemInsightsLaunchd.md) +[**Array<SystemInsightsInterfaceAddresses>**](SystemInsightsInterfaceAddresses.md) ### Authorization @@ -1056,17 +1589,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_logged_in_users** -> Array<SystemInsightsLoggedInUsers> systeminsights_list_logged_in_users(content_type, accept, opts) +# **systeminsights_list_interface_details** +> Array<SystemInsightsInterfaceDetails> systeminsights_list_interface_details(opts) -List System Insights Logged-In Users +List System Insights Interface Details -Valid filter fields are `system_id` and `user`. +Valid filter fields are `system_id` and `interface`. ### Example ```ruby @@ -1081,24 +1614,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Logged-In Users - result = api_instance.systeminsights_list_logged_in_users(content_type, accept, opts) + #List System Insights Interface Details + result = api_instance.systeminsights_list_interface_details(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_logged_in_users: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_interface_details: #{e}" end ``` @@ -1106,16 +1635,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsLoggedInUsers>**](SystemInsightsLoggedInUsers.md) +[**Array<SystemInsightsInterfaceDetails>**](SystemInsightsInterfaceDetails.md) ### Authorization @@ -1123,17 +1651,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_logical_drives** -> Array<SystemInsightsLogicalDrvies> systeminsights_list_logical_drives(content_type, accept, opts) +# **systeminsights_list_kernel_info** +> Array<SystemInsightsKernelInfo> systeminsights_list_kernel_info(opts) -List System Insights Logical Drives +List System Insights Kernel Info -Valid filter fields are `system_id` and `device_id`. +Valid filter fields are `system_id` and `version`. ### Example ```ruby @@ -1148,24 +1676,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Logical Drives - result = api_instance.systeminsights_list_logical_drives(content_type, accept, opts) + #List System Insights Kernel Info + result = api_instance.systeminsights_list_kernel_info(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_logical_drives: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_kernel_info: #{e}" end ``` @@ -1173,16 +1697,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsLogicalDrvies>**](SystemInsightsLogicalDrvies.md) +[**Array<SystemInsightsKernelInfo>**](SystemInsightsKernelInfo.md) ### Authorization @@ -1190,17 +1713,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_mounts** -> Array<SystemInsightsMounts> systeminsights_list_mounts(content_type, accept, opts) +# **systeminsights_list_launchd** +> Array<SystemInsightsLaunchd> systeminsights_list_launchd(opts) -List System Insights Mounts +List System Insights Launchd -Valid filter fields are `system_id` and `path`. +Valid filter fields are `system_id` and `name`. ### Example ```ruby @@ -1215,24 +1738,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights Mounts - result = api_instance.systeminsights_list_mounts(content_type, accept, opts) + #List System Insights Launchd + result = api_instance.systeminsights_list_launchd(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_mounts: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_launchd: #{e}" end ``` @@ -1240,16 +1759,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsMounts>**](SystemInsightsMounts.md) +[**Array<SystemInsightsLaunchd>**](SystemInsightsLaunchd.md) ### Authorization @@ -1257,17 +1775,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_os_version** -> Array<SystemInsightsOsVersion> systeminsights_list_os_version(content_type, accept, opts) +# **systeminsights_list_linux_packages** +> Array<SystemInsightsLinuxPackages> systeminsights_list_linux_packages(opts) -List System Insights OS Version +List System Insights Linux Packages -Valid filter fields are `system_id` and `version`. +Lists all programs for Linux devices. For macOS devices, use [List System Insights System Apps](#operation/systeminsights_list_apps). For windows devices, use [List System Insights System Apps](#operation/systeminsights_list_programs). Valid filter fields are `name` and `package_format`. ### Example ```ruby @@ -1282,24 +1800,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights OS Version - result = api_instance.systeminsights_list_os_version(content_type, accept, opts) + #List System Insights Linux Packages + result = api_instance.systeminsights_list_linux_packages(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_os_version: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_linux_packages: #{e}" end ``` @@ -1307,16 +1821,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsOsVersion>**](SystemInsightsOsVersion.md) +[**Array<SystemInsightsLinuxPackages>**](SystemInsightsLinuxPackages.md) ### Authorization @@ -1324,17 +1837,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_patches** -> Array<SystemInsightsPatches> systeminsights_list_patches(content_type, accept, opts) +# **systeminsights_list_logged_in_users** +> Array<SystemInsightsLoggedInUsers> systeminsights_list_logged_in_users(opts) -List System Insights Patches +List System Insights Logged-In Users -Valid filter fields are `system_id` and `hotfix_id`. +Valid filter fields are `system_id` and `user`. ### Example ```ruby @@ -1349,24 +1862,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights Patches - result = api_instance.systeminsights_list_patches(content_type, accept, opts) + #List System Insights Logged-In Users + result = api_instance.systeminsights_list_logged_in_users(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_patches: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_logged_in_users: #{e}" end ``` @@ -1374,16 +1883,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsPatches>**](SystemInsightsPatches.md) +[**Array<SystemInsightsLoggedInUsers>**](SystemInsightsLoggedInUsers.md) ### Authorization @@ -1391,17 +1899,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_programs** -> Array<SystemInsightsPrograms> systeminsights_list_programs(content_type, accept, opts) +# **systeminsights_list_logical_drives** +> Array<SystemInsightsLogicalDrives> systeminsights_list_logical_drives(opts) -List System Insights Programs +List System Insights Logical Drives -Valid filter fields are `system_id` and `name`. +Valid filter fields are `system_id` and `device_id`. ### Example ```ruby @@ -1416,24 +1924,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Programs - result = api_instance.systeminsights_list_programs(content_type, accept, opts) + #List System Insights Logical Drives + result = api_instance.systeminsights_list_logical_drives(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_programs: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_logical_drives: #{e}" end ``` @@ -1441,16 +1945,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsPrograms>**](SystemInsightsPrograms.md) +[**Array<SystemInsightsLogicalDrives>**](SystemInsightsLogicalDrives.md) ### Authorization @@ -1458,17 +1961,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_safari_extensions** -> Array<SystemInsightsSafariExtensions> systeminsights_list_safari_extensions(content_type, accept, opts) +# **systeminsights_list_managed_policies** +> Array<SystemInsightsManagedPolicies> systeminsights_list_managed_policies(opts) -List System Insights Safari Extensions +List System Insights Managed Policies -Valid filter fields are `system_id` and `name`. +Valid filter fields are `system_id` and `domain`. ### Example ```ruby @@ -1483,24 +1986,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights Safari Extensions - result = api_instance.systeminsights_list_safari_extensions(content_type, accept, opts) + #List System Insights Managed Policies + result = api_instance.systeminsights_list_managed_policies(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_safari_extensions: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_managed_policies: #{e}" end ``` @@ -1508,16 +2007,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsSafariExtensions>**](SystemInsightsSafariExtensions.md) +[**Array<SystemInsightsManagedPolicies>**](SystemInsightsManagedPolicies.md) ### Authorization @@ -1525,17 +2023,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_apps** -> Array<SystemInsightsApps> systeminsights_list_system_apps(system_id, content_type, accept, opts) +# **systeminsights_list_mounts** +> Array<SystemInsightsMounts> systeminsights_list_mounts(opts) -List System Insights System Apps +List System Insights Mounts -Valid filter fields are `bundle_name`. +Valid filter fields are `system_id` and `path`. ### Example ```ruby @@ -1550,26 +2048,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Apps - result = api_instance.systeminsights_list_system_apps(system_id, content_type, accept, opts) + #List System Insights Mounts + result = api_instance.systeminsights_list_mounts(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_apps: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_mounts: #{e}" end ``` @@ -1577,17 +2069,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsApps>**](SystemInsightsApps.md) +[**Array<SystemInsightsMounts>**](SystemInsightsMounts.md) ### Authorization @@ -1595,17 +2085,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_bitlocker_info** -> Array<SystemInsightsBitlockerInfo> systeminsights_list_system_bitlocker_info(system_id, content_type, accept, opts) +# **systeminsights_list_os_version** +> Array<SystemInsightsOsVersion> systeminsights_list_os_version(opts) -List System Insights System Bitlocker Info +List System Insights OS Version -Valid filter fields are `protection_status`. +Valid filter fields are `system_id` and `version`. ### Example ```ruby @@ -1620,26 +2110,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Bitlocker Info - result = api_instance.systeminsights_list_system_bitlocker_info(system_id, content_type, accept, opts) + #List System Insights OS Version + result = api_instance.systeminsights_list_os_version(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_bitlocker_info: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_os_version: #{e}" end ``` @@ -1647,17 +2131,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsBitlockerInfo>**](SystemInsightsBitlockerInfo.md) +[**Array<SystemInsightsOsVersion>**](SystemInsightsOsVersion.md) ### Authorization @@ -1665,17 +2147,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_browser_plugins** -> Array<SystemInsightsBrowserPlugins> systeminsights_list_system_browser_plugins(system_id, content_type, accept, opts) +# **systeminsights_list_patches** +> Array<SystemInsightsPatches> systeminsights_list_patches(opts) -List System Insights System Browser Plugins +List System Insights Patches -Valid filter fields are `name`. +Valid filter fields are `system_id` and `hotfix_id`. ### Example ```ruby @@ -1690,26 +2172,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Browser Plugins - result = api_instance.systeminsights_list_system_browser_plugins(system_id, content_type, accept, opts) + #List System Insights Patches + result = api_instance.systeminsights_list_patches(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_browser_plugins: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_patches: #{e}" end ``` @@ -1717,17 +2193,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsBrowserPlugins>**](SystemInsightsBrowserPlugins.md) +[**Array<SystemInsightsPatches>**](SystemInsightsPatches.md) ### Authorization @@ -1735,17 +2209,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_chrome_extensions** -> Array<SystemInsightsChromeExtensions> systeminsights_list_system_chrome_extensions(system_id, content_type, accept, opts) +# **systeminsights_list_programs** +> Array<SystemInsightsPrograms> systeminsights_list_programs(opts) -List System Insights System Chrome Extensions +List System Insights Programs -Valid filter fields are `name`. +Lists all programs for Windows devices. For macOS devices, use [List System Insights Apps](#operation/systeminsights_list_apps). Valid filter fields are `system_id` and `name`. ### Example ```ruby @@ -1760,26 +2234,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Chrome Extensions - result = api_instance.systeminsights_list_system_chrome_extensions(system_id, content_type, accept, opts) + #List System Insights Programs + result = api_instance.systeminsights_list_programs(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_chrome_extensions: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_programs: #{e}" end ``` @@ -1787,17 +2255,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsChromeExtensions>**](SystemInsightsChromeExtensions.md) +[**Array<SystemInsightsPrograms>**](SystemInsightsPrograms.md) ### Authorization @@ -1805,15 +2271,15 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_controls** -> Array<SystemInsightsSystemControls> systeminsights_list_system_controls(content_type, accept, opts) +# **systeminsights_list_python_packages** +> Array<SystemInsightsPythonPackages> systeminsights_list_python_packages(opts) -List System Insights System Control +List System Insights Python Packages Valid filter fields are `system_id` and `name`. @@ -1830,24 +2296,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Control - result = api_instance.systeminsights_list_system_controls(content_type, accept, opts) + #List System Insights Python Packages + result = api_instance.systeminsights_list_python_packages(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_controls: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_python_packages: #{e}" end ``` @@ -1855,16 +2317,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsSystemControls>**](SystemInsightsSystemControls.md) +[**Array<SystemInsightsPythonPackages>**](SystemInsightsPythonPackages.md) ### Authorization @@ -1872,17 +2333,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_disk_encryption** -> Array<SystemInsightsDiskEncryption> systeminsights_list_system_disk_encryption(system_id, content_type, accept, opts) +# **systeminsights_list_safari_extensions** +> Array<SystemInsightsSafariExtensions> systeminsights_list_safari_extensions(opts) -List System Insights System Disk Encryption +List System Insights Safari Extensions -Valid filter fields are `encryption_status`. +Valid filter fields are `system_id` and `name`. ### Example ```ruby @@ -1897,26 +2358,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Disk Encryption - result = api_instance.systeminsights_list_system_disk_encryption(system_id, content_type, accept, opts) + #List System Insights Safari Extensions + result = api_instance.systeminsights_list_safari_extensions(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_disk_encryption: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_safari_extensions: #{e}" end ``` @@ -1924,17 +2379,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsDiskEncryption>**](SystemInsightsDiskEncryption.md) +[**Array<SystemInsightsSafariExtensions>**](SystemInsightsSafariExtensions.md) ### Authorization @@ -1942,17 +2395,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_disk_info** -> Array<SystemInsightsBitlockerInfo> systeminsights_list_system_disk_info(system_id, content_type, accept, opts) +# **systeminsights_list_scheduled_tasks** +> Array<SystemInsightsScheduledTasks> systeminsights_list_scheduled_tasks(opts) -List System Insights System Disk Info +List System Insights Scheduled Tasks -Valid filter fields are `disk_index`. +Valid filter fields are `system_id` and `enabled`. ### Example ```ruby @@ -1967,26 +2420,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Disk Info - result = api_instance.systeminsights_list_system_disk_info(system_id, content_type, accept, opts) + #List System Insights Scheduled Tasks + result = api_instance.systeminsights_list_scheduled_tasks(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_disk_info: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_scheduled_tasks: #{e}" end ``` @@ -1994,17 +2441,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsBitlockerInfo>**](SystemInsightsBitlockerInfo.md) +[**Array<SystemInsightsScheduledTasks>**](SystemInsightsScheduledTasks.md) ### Authorization @@ -2012,51 +2457,38 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_etc_hosts** -> Array<SystemInsightsBitlockerInfo> systeminsights_list_system_etc_hosts(system_id, content_type, accept, opts) +# **systeminsights_list_secureboot** +> Array<SystemInsightsSecureboot> systeminsights_list_secureboot(opts) -List System Insights System Etc Hosts +List System Insights Secure Boot -Valid filter fields are `address`. +Valid filter fields are `system_id`. ### Example ```ruby # load the gem require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Etc Hosts - result = api_instance.systeminsights_list_system_etc_hosts(system_id, content_type, accept, opts) + #List System Insights Secure Boot + result = api_instance.systeminsights_list_secureboot(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_etc_hosts: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_secureboot: #{e}" end ``` @@ -2064,35 +2496,33 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsBitlockerInfo>**](SystemInsightsBitlockerInfo.md) +[**Array<SystemInsightsSecureboot>**](SystemInsightsSecureboot.md) ### Authorization -[x-api-key](../README.md#x-api-key) +No authorization required ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_firefox_addons** -> Array<SystemInsightsFirefoxAddons> systeminsights_list_system_firefox_addons(system_id, content_type, accept, opts) +# **systeminsights_list_services** +> Array<SystemInsightsServices> systeminsights_list_services(opts) -List System Insights System Firefox Addons +List System Insights Services -Valid filter fields are `name`. +Valid filter fields are `system_id` and `name`. ### Example ```ruby @@ -2107,26 +2537,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Firefox Addons - result = api_instance.systeminsights_list_system_firefox_addons(system_id, content_type, accept, opts) + #List System Insights Services + result = api_instance.systeminsights_list_services(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_firefox_addons: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_services: #{e}" end ``` @@ -2134,17 +2558,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsFirefoxAddons>**](SystemInsightsFirefoxAddons.md) +[**Array<SystemInsightsServices>**](SystemInsightsServices.md) ### Authorization @@ -2152,17 +2574,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_groups** -> Array<SystemInsightsGroups> systeminsights_list_system_groups(system_id, content_type, accept, opts) +# **systeminsights_list_shadow** +> Array<SystemInsightsShadow> systeminsights_list_shadow(opts) -List System Insights System Groups +LIst System Insights Shadow -Valid filter fields are `groupname`. +Valid filter fields are `system_id` and `username`. ### Example ```ruby @@ -2177,26 +2599,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights System Groups - result = api_instance.systeminsights_list_system_groups(system_id, content_type, accept, opts) + #LIst System Insights Shadow + result = api_instance.systeminsights_list_shadow(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_groups: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_shadow: #{e}" end ``` @@ -2204,17 +2620,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsGroups>**](SystemInsightsGroups.md) +[**Array<SystemInsightsShadow>**](SystemInsightsShadow.md) ### Authorization @@ -2222,17 +2636,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_info** -> Array<SystemInsightsSystemInfo> systeminsights_list_system_info(content_type, accept, opts) +# **systeminsights_list_shared_folders** +> Array<SystemInsightsSharedFolders> systeminsights_list_shared_folders(opts) -List System Insights System Info +List System Insights Shared Folders -Valid filter fields are `system_id` and `cpu_subtype`. +Valid filter fields are `system_id` and `name`. ### Example ```ruby @@ -2247,24 +2661,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights System Info - result = api_instance.systeminsights_list_system_info(content_type, accept, opts) + #List System Insights Shared Folders + result = api_instance.systeminsights_list_shared_folders(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_info: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_shared_folders: #{e}" end ``` @@ -2272,16 +2682,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsSystemInfo>**](SystemInsightsSystemInfo.md) +[**Array<SystemInsightsSharedFolders>**](SystemInsightsSharedFolders.md) ### Authorization @@ -2289,51 +2698,38 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_interface_addresses** -> Array<SystemInsightsInterfaceAddresses> systeminsights_list_system_interface_addresses(system_id, content_type, accept, opts) +# **systeminsights_list_shared_resources** +> Array<SystemInsightsSharedResources> systeminsights_list_shared_resources(opts) -List System Insights System Interface Addresses +List System Insights Shared Resources -Valid filter fields are `address`. +Valid filter fields are `system_id` and `type`. ### Example ```ruby # load the gem require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights System Interface Addresses - result = api_instance.systeminsights_list_system_interface_addresses(system_id, content_type, accept, opts) + #List System Insights Shared Resources + result = api_instance.systeminsights_list_shared_resources(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_interface_addresses: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_shared_resources: #{e}" end ``` @@ -2341,35 +2737,33 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsInterfaceAddresses>**](SystemInsightsInterfaceAddresses.md) +[**Array<SystemInsightsSharedResources>**](SystemInsightsSharedResources.md) ### Authorization -[x-api-key](../README.md#x-api-key) +No authorization required ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_kernel_info** -> Array<SystemInsightsKernelInfo> systeminsights_list_system_kernel_info(system_id, content_type, accept, opts) +# **systeminsights_list_sharing_preferences** +> Array<SystemInsightsSharingPreferences> systeminsights_list_sharing_preferences(opts) -List System Insights System Kernel Info +List System Insights Sharing Preferences -Valid filter fields are `version`. +Only valid filed field is `system_id`. ### Example ```ruby @@ -2384,26 +2778,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights System Kernel Info - result = api_instance.systeminsights_list_system_kernel_info(system_id, content_type, accept, opts) + #List System Insights Sharing Preferences + result = api_instance.systeminsights_list_sharing_preferences(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_kernel_info: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_sharing_preferences: #{e}" end ``` @@ -2411,17 +2799,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsKernelInfo>**](SystemInsightsKernelInfo.md) +[**Array<SystemInsightsSharingPreferences>**](SystemInsightsSharingPreferences.md) ### Authorization @@ -2429,17 +2815,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_logical_drives** -> Array<SystemInsightsLogicalDrvies> systeminsights_list_system_logical_drives(system_id, content_type, accept, opts) +# **systeminsights_list_sip_config** +> Array<SystemInsightsSipConfig> systeminsights_list_sip_config(opts) -List System Insights System Logical Drives +List System Insights SIP Config -Valid filter fields are `device_id`. +Valid filter fields are `system_id` and `enabled`. ### Example ```ruby @@ -2454,26 +2840,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights System Logical Drives - result = api_instance.systeminsights_list_system_logical_drives(system_id, content_type, accept, opts) + #List System Insights SIP Config + result = api_instance.systeminsights_list_sip_config(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_logical_drives: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_sip_config: #{e}" end ``` @@ -2481,17 +2861,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsLogicalDrvies>**](SystemInsightsLogicalDrvies.md) +[**Array<SystemInsightsSipConfig>**](SystemInsightsSipConfig.md) ### Authorization @@ -2499,17 +2877,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_mounts** -> Array<SystemInsightsMounts> systeminsights_list_system_mounts(system_id, content_type, accept, opts) +# **systeminsights_list_startup_items** +> Array<SystemInsightsStartupItems> systeminsights_list_startup_items(opts) -List System Insights System Mounts +List System Insights Startup Items -Valid filter fields are `path`. +Valid filter fields are `system_id` and `name`. ### Example ```ruby @@ -2524,26 +2902,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Mounts - result = api_instance.systeminsights_list_system_mounts(system_id, content_type, accept, opts) + #List System Insights Startup Items + result = api_instance.systeminsights_list_startup_items(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_mounts: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_startup_items: #{e}" end ``` @@ -2551,17 +2923,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsMounts>**](SystemInsightsMounts.md) +[**Array<SystemInsightsStartupItems>**](SystemInsightsStartupItems.md) ### Authorization @@ -2569,17 +2939,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_os_version** -> Array<SystemInsightsOsVersion> systeminsights_list_system_os_version(system_id, content_type, accept, opts) +# **systeminsights_list_system_controls** +> Array<SystemInsightsSystemControls> systeminsights_list_system_controls(opts) -List System Insights System OS Version +List System Insights System Control -Valid filter fields are `version`. +Valid filter fields are `system_id` and `name`. ### Example ```ruby @@ -2594,26 +2964,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `name` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System OS Version - result = api_instance.systeminsights_list_system_os_version(system_id, content_type, accept, opts) + #List System Insights System Control + result = api_instance.systeminsights_list_system_controls(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_os_version: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_system_controls: #{e}" end ``` @@ -2621,17 +2985,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `name` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsOsVersion>**](SystemInsightsOsVersion.md) +[**Array<SystemInsightsSystemControls>**](SystemInsightsSystemControls.md) ### Authorization @@ -2639,17 +3001,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_patches** -> Array<SystemInsightsPatches> systeminsights_list_system_patches(system_id, content_type, accept, opts) +# **systeminsights_list_system_info** +> Array<SystemInsightsSystemInfo> systeminsights_list_system_info(opts) -List System Insights System Patches +List System Insights System Info -Valid filter fields are `hotfix_id `. +Valid filter fields are `system_id` and `cpu_subtype`. ### Example ```ruby @@ -2664,26 +3026,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Patches - result = api_instance.systeminsights_list_system_patches(system_id, content_type, accept, opts) + #List System Insights System Info + result = api_instance.systeminsights_list_system_info(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_patches: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_system_info: #{e}" end ``` @@ -2691,17 +3047,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsPatches>**](SystemInsightsPatches.md) +[**Array<SystemInsightsSystemInfo>**](SystemInsightsSystemInfo.md) ### Authorization @@ -2709,51 +3063,38 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_programs** -> Array<SystemInsightsPrograms> systeminsights_list_system_programs(system_id, content_type, accept, opts) +# **systeminsights_list_tpm_info** +> Array<SystemInsightsTpmInfo> systeminsights_list_tpm_info(opts) -List System Insights System Programs +List System Insights TPM Info -Valid filter fields are `name`. +Valid filter fields are `system_id`. ### Example ```ruby # load the gem require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Programs - result = api_instance.systeminsights_list_system_programs(system_id, content_type, accept, opts) + #List System Insights TPM Info + result = api_instance.systeminsights_list_tpm_info(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_programs: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_tpm_info: #{e}" end ``` @@ -2761,35 +3102,33 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsPrograms>**](SystemInsightsPrograms.md) +[**Array<SystemInsightsTpmInfo>**](SystemInsightsTpmInfo.md) ### Authorization -[x-api-key](../README.md#x-api-key) +No authorization required ### HTTP request headers - - **Content-Type**: application/json - - **Accept**: application/json + - **Content-Type**: Not defined + - **Accept**: text/html -# **systeminsights_list_system_safari_extensions** -> Array<SystemInsightsSafariExtensions> systeminsights_list_system_safari_extensions(system_id, content_type, accept, opts) +# **systeminsights_list_uptime** +> Array<SystemInsightsUptime> systeminsights_list_uptime(opts) -List System Insights System Safari Extensions +List System Insights Uptime -Valid filter fields are `name`. +Valid filter fields are `system_id` and `days`. ### Example ```ruby @@ -2804,26 +3143,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, gte, in. e.g: Filter for single value: `filter=field:gte:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Safari Extensions - result = api_instance.systeminsights_list_system_safari_extensions(system_id, content_type, accept, opts) + #List System Insights Uptime + result = api_instance.systeminsights_list_uptime(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_safari_extensions: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_uptime: #{e}" end ``` @@ -2831,17 +3164,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, gte, in. e.g: Filter for single value: `filter=field:gte:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsSafariExtensions>**](SystemInsightsSafariExtensions.md) +[**Array<SystemInsightsUptime>**](SystemInsightsUptime.md) ### Authorization @@ -2849,17 +3180,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_system_controls** -> Array<SystemInsightsSystemControls> systeminsights_list_system_system_controls(system_id, content_type, accept, opts) +# **systeminsights_list_usb_devices** +> Array<SystemInsightsUsbDevices> systeminsights_list_usb_devices(opts) -List System Insights System System Controls +List System Insights USB Devices -Valid filter fields are `name`. +Valid filter fields are `system_id` and `model`. ### Example ```ruby @@ -2874,26 +3205,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights System System Controls - result = api_instance.systeminsights_list_system_system_controls(system_id, content_type, accept, opts) + #List System Insights USB Devices + result = api_instance.systeminsights_list_usb_devices(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_system_controls: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_usb_devices: #{e}" end ``` @@ -2901,17 +3226,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsSystemControls>**](SystemInsightsSystemControls.md) +[**Array<SystemInsightsUsbDevices>**](SystemInsightsUsbDevices.md) ### Authorization @@ -2919,17 +3242,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_system_info** -> Array<SystemInsightsSystemInfo> systeminsights_list_system_system_info(system_id, content_type, accept, opts) +# **systeminsights_list_user_groups** +> Array<SystemInsightsUserGroups> systeminsights_list_user_groups(opts) -List System Insights System System Info +List System Insights User Groups -Valid filter fields are `cpu_subtype`. +Only valid filter field is `system_id`. ### Example ```ruby @@ -2944,26 +3267,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights System System Info - result = api_instance.systeminsights_list_system_system_info(system_id, content_type, accept, opts) + #List System Insights User Groups + result = api_instance.systeminsights_list_user_groups(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_system_info: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_user_groups: #{e}" end ``` @@ -2971,17 +3288,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsSystemInfo>**](SystemInsightsSystemInfo.md) +[**Array<SystemInsightsUserGroups>**](SystemInsightsUserGroups.md) ### Authorization @@ -2989,17 +3304,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_uptime** -> Array<SystemInsightsUptime> systeminsights_list_system_uptime(system_id, content_type, accept, opts) +# **systeminsights_list_user_ssh_keys** +> Array<SystemInsightsUserSshKeys> systeminsights_list_user_ssh_keys(opts) -List System Insights System Uptime +List System Insights User SSH Keys -Valid filter fields are `days`. +Valid filter fields are `system_id` and `uid`. ### Example ```ruby @@ -3014,26 +3329,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + limit: 10 # Integer | } begin - #List System Insights System Uptime - result = api_instance.systeminsights_list_system_uptime(system_id, content_type, accept, opts) + #List System Insights User SSH Keys + result = api_instance.systeminsights_list_user_ssh_keys(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_uptime: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_user_ssh_keys: #{e}" end ``` @@ -3041,17 +3350,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsUptime>**](SystemInsightsUptime.md) +[**Array<SystemInsightsUserSshKeys>**](SystemInsightsUserSshKeys.md) ### Authorization @@ -3059,51 +3366,38 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_system_users** -> Array<SystemInsightsUsers> systeminsights_list_system_users(system_id, content_type, accept, opts) +# **systeminsights_list_userassist** +> Array<SystemInsightsUserassist> systeminsights_list_userassist(opts) -List System Insights System Users +List System Insights User Assist -Valid filter fields are `username`. +Valid filter fields are `system_id`. ### Example ```ruby # load the gem require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end api_instance = JCAPIv2::SystemInsightsApi.new - -system_id = "system_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights System Users - result = api_instance.systeminsights_list_system_users(system_id, content_type, accept, opts) + #List System Insights User Assist + result = api_instance.systeminsights_list_userassist(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_system_users: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_userassist: #{e}" end ``` @@ -3111,35 +3405,33 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **system_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsUsers>**](SystemInsightsUsers.md) +[**Array<SystemInsightsUserassist>**](SystemInsightsUserassist.md) ### Authorization -[x-api-key](../README.md#x-api-key) +No authorization required ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_uptime** -> Array<SystemInsightsUptime> systeminsights_list_uptime(content_type, accept, opts) +# **systeminsights_list_users** +> Array<SystemInsightsUsers> systeminsights_list_users(opts) -List System Insights Uptime +List System Insights Users -Valid filter fields are `system_id` and `days`. +Valid filter fields are `system_id` and `username`. ### Example ```ruby @@ -3154,24 +3446,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Uptime - result = api_instance.systeminsights_list_uptime(content_type, accept, opts) + #List System Insights Users + result = api_instance.systeminsights_list_users(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_uptime: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_users: #{e}" end ``` @@ -3179,16 +3467,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsUptime>**](SystemInsightsUptime.md) +[**Array<SystemInsightsUsers>**](SystemInsightsUsers.md) ### Authorization @@ -3196,17 +3483,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_usb_devices** -> Array<SystemInsightsUsbDevices> systeminsights_list_usb_devices(content_type, accept, opts) +# **systeminsights_list_wifi_networks** +> Array<SystemInsightsWifiNetworks> systeminsights_list_wifi_networks(opts) -List System Insights USB Devices +List System Insights WiFi Networks -Valid filter fields are `system_id` and `model`. +Valid filter fields are `system_id` and `security_type`. ### Example ```ruby @@ -3221,24 +3508,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights USB Devices - result = api_instance.systeminsights_list_usb_devices(content_type, accept, opts) + #List System Insights WiFi Networks + result = api_instance.systeminsights_list_wifi_networks(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_usb_devices: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_wifi_networks: #{e}" end ``` @@ -3246,16 +3529,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsUsbDevices>**](SystemInsightsUsbDevices.md) +[**Array<SystemInsightsWifiNetworks>**](SystemInsightsWifiNetworks.md) ### Authorization @@ -3263,17 +3545,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_user_groups** -> Array<SystemInsightsUserGroups> systeminsights_list_user_groups(content_type, accept, opts) +# **systeminsights_list_wifi_status** +> Array<SystemInsightsWifiStatus> systeminsights_list_wifi_status(opts) -List System Insights User Groups +List System Insights WiFi Status -Only valid filter field is `system_id`. +Valid filter fields are `system_id` and `security_type`. ### Example ```ruby @@ -3288,24 +3570,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights User Groups - result = api_instance.systeminsights_list_user_groups(content_type, accept, opts) + #List System Insights WiFi Status + result = api_instance.systeminsights_list_wifi_status(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_user_groups: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_wifi_status: #{e}" end ``` @@ -3313,16 +3591,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsUserGroups>**](SystemInsightsUserGroups.md) +[**Array<SystemInsightsWifiStatus>**](SystemInsightsWifiStatus.md) ### Authorization @@ -3330,49 +3607,38 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_users** -> Array<SystemInsightsUsers> systeminsights_list_users(content_type, accept, opts) +# **systeminsights_list_windows_security_center** +> Array<SystemInsightsWindowsSecurityCenter> systeminsights_list_windows_security_center(opts) -List System Insights Users +List System Insights Windows Security Center -Valid filter fields are `system_id` and `username`. +Valid filter fields are `system_id`. ### Example ```ruby # load the gem require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Users - result = api_instance.systeminsights_list_users(content_type, accept, opts) + #List System Insights Windows Security Center + result = api_instance.systeminsights_list_windows_security_center(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_users: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_windows_security_center: #{e}" end ``` @@ -3380,34 +3646,33 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsUsers>**](SystemInsightsUsers.md) +[**Array<SystemInsightsWindowsSecurityCenter>**](SystemInsightsWindowsSecurityCenter.md) ### Authorization -[x-api-key](../README.md#x-api-key) +No authorization required ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **systeminsights_list_windows_crashes** -> Array<SystemInsightsWindowsCrashes> systeminsights_list_windows_crashes(content_type, accept, opts) +# **systeminsights_list_windows_security_products** +> Array<SystemInsightsWindowsSecurityProducts> systeminsights_list_windows_security_products(opts) -List System Insights Windows Crashes +List System Insights Windows Security Products -Valid filter fields are `system_id` and `type`. +Valid filter fields are `system_id` and `state`. ### Example ```ruby @@ -3422,24 +3687,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemInsightsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - limit: 10, # Integer | - x_org_id: "" # String | skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + filter: ['filter_example'], # Array | Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10 # Integer | } begin - #List System Insights Windows Crashes - result = api_instance.systeminsights_list_windows_crashes(content_type, accept, opts) + #List System Insights Windows Security Products + result = api_instance.systeminsights_list_windows_security_products(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemInsightsApi->systeminsights_list_windows_crashes: #{e}" + puts "Exception when calling SystemInsightsApi->systeminsights_list_windows_security_products: #{e}" end ``` @@ -3447,16 +3708,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **limit** | **Integer**| | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq | [optional] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` | [optional] + **filter** | [**Array<String>**](String.md)| Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| | [optional] [default to 10] ### Return type -[**Array<SystemInsightsWindowsCrashes>**](SystemInsightsWindowsCrashes.md) +[**Array<SystemInsightsWindowsSecurityProducts>**](SystemInsightsWindowsSecurityProducts.md) ### Authorization @@ -3464,7 +3724,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/SystemInsightsAppcompatShims.md b/jcapiv2/docs/SystemInsightsAppcompatShims.md new file mode 100644 index 0000000..c4304a8 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsAppcompatShims.md @@ -0,0 +1,14 @@ +# JCAPIv2::SystemInsightsAppcompatShims + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**description** | **String** | | [optional] +**executable** | **String** | | [optional] +**install_time** | [**BigDecimal**](BigDecimal.md) | | [optional] +**path** | **String** | | [optional] +**sdb_id** | **String** | | [optional] +**system_id** | **String** | | [optional] +**type** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsApps.md b/jcapiv2/docs/SystemInsightsApps.md index 544346e..0877c08 100644 --- a/jcapiv2/docs/SystemInsightsApps.md +++ b/jcapiv2/docs/SystemInsightsApps.md @@ -19,10 +19,9 @@ Name | Type | Description | Notes **element** | **String** | | [optional] **environment** | **String** | | [optional] **info_string** | **String** | | [optional] -**last_opened_time** | **Float** | | [optional] +**last_opened_time** | [**BigDecimal**](BigDecimal.md) | | [optional] **minimum_system_version** | **String** | | [optional] **name** | **String** | | [optional] **path** | **String** | | [optional] **system_id** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsAuthorizedKeys.md b/jcapiv2/docs/SystemInsightsAuthorizedKeys.md new file mode 100644 index 0000000..c55e3a0 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsAuthorizedKeys.md @@ -0,0 +1,12 @@ +# JCAPIv2::SystemInsightsAuthorizedKeys + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**algorithm** | **String** | | [optional] +**collection_time** | **String** | | [optional] +**key** | **String** | | [optional] +**key_file** | **String** | | [optional] +**system_id** | **String** | | [optional] +**uid** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsAzureInstanceMetadata.md b/jcapiv2/docs/SystemInsightsAzureInstanceMetadata.md new file mode 100644 index 0000000..66b71e0 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsAzureInstanceMetadata.md @@ -0,0 +1,24 @@ +# JCAPIv2::SystemInsightsAzureInstanceMetadata + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**location** | **String** | | [optional] +**name** | **String** | | [optional] +**offer** | **String** | | [optional] +**os_type** | **String** | | [optional] +**placement_group_id** | **String** | | [optional] +**platform_fault_domain** | **String** | | [optional] +**platform_update_domain** | **String** | | [optional] +**publisher** | **String** | | [optional] +**resource_group_name** | **String** | | [optional] +**sku** | **String** | | [optional] +**subscription_id** | **String** | | [optional] +**system_id** | **String** | | [optional] +**version** | **String** | | [optional] +**vm_id** | **String** | | [optional] +**vm_scale_set_name** | **String** | | [optional] +**vm_size** | **String** | | [optional] +**zone** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsAzureInstanceTags.md b/jcapiv2/docs/SystemInsightsAzureInstanceTags.md new file mode 100644 index 0000000..12f85eb --- /dev/null +++ b/jcapiv2/docs/SystemInsightsAzureInstanceTags.md @@ -0,0 +1,11 @@ +# JCAPIv2::SystemInsightsAzureInstanceTags + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**key** | **String** | | [optional] +**system_id** | **String** | | [optional] +**value** | **String** | | [optional] +**vm_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsBattery.md b/jcapiv2/docs/SystemInsightsBattery.md index bd6ac6b..9ebaef5 100644 --- a/jcapiv2/docs/SystemInsightsBattery.md +++ b/jcapiv2/docs/SystemInsightsBattery.md @@ -3,7 +3,7 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**amgerage** | **Integer** | | [optional] +**amperage** | **Integer** | | [optional] **charged** | **Integer** | | [optional] **charging** | **Integer** | | [optional] **collection_time** | **String** | | [optional] @@ -24,4 +24,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **voltage** | **Integer** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsBitlockerInfo.md b/jcapiv2/docs/SystemInsightsBitlockerInfo.md index 60efff3..0171bb7 100644 --- a/jcapiv2/docs/SystemInsightsBitlockerInfo.md +++ b/jcapiv2/docs/SystemInsightsBitlockerInfo.md @@ -12,4 +12,3 @@ Name | Type | Description | Notes **protection_status** | **Integer** | | [optional] **system_id** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsBrowserPlugins.md b/jcapiv2/docs/SystemInsightsBrowserPlugins.md index a719d85..ca50211 100644 --- a/jcapiv2/docs/SystemInsightsBrowserPlugins.md +++ b/jcapiv2/docs/SystemInsightsBrowserPlugins.md @@ -16,4 +16,3 @@ Name | Type | Description | Notes **uid** | **String** | | [optional] **version** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsCertificates.md b/jcapiv2/docs/SystemInsightsCertificates.md new file mode 100644 index 0000000..bad4dac --- /dev/null +++ b/jcapiv2/docs/SystemInsightsCertificates.md @@ -0,0 +1,28 @@ +# JCAPIv2::SystemInsightsCertificates + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**authority_key_id** | **String** | | [optional] +**ca** | **Integer** | | [optional] +**common_name** | **String** | | [optional] +**issuer** | **String** | | [optional] +**key_algorithm** | **String** | | [optional] +**key_strength** | **String** | | [optional] +**key_usage** | **String** | | [optional] +**not_valid_after** | **String** | | [optional] +**not_valid_before** | **String** | | [optional] +**path** | **String** | | [optional] +**self_signed** | **Integer** | | [optional] +**serial** | **String** | | [optional] +**sha1** | **String** | | [optional] +**sid** | **String** | | [optional] +**signing_algorithm** | **String** | | [optional] +**store** | **String** | | [optional] +**store_id** | **String** | | [optional] +**store_location** | **String** | | [optional] +**subject** | **String** | | [optional] +**subject_key_id** | **String** | | [optional] +**system_id** | **String** | | [optional] +**username** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsChassisInfo.md b/jcapiv2/docs/SystemInsightsChassisInfo.md new file mode 100644 index 0000000..b90fea1 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsChassisInfo.md @@ -0,0 +1,21 @@ +# JCAPIv2::SystemInsightsChassisInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**audible_alarm** | **String** | | [optional] +**breach_description** | **String** | | [optional] +**chassis_types** | **String** | | [optional] +**collection_time** | **String** | | [optional] +**description** | **String** | | [optional] +**lock** | **String** | | [optional] +**manufacturer** | **String** | | [optional] +**model** | **String** | | [optional] +**security_breach** | **String** | | [optional] +**serial** | **String** | | [optional] +**sku** | **String** | | [optional] +**smbios_tag** | **String** | | [optional] +**status** | **String** | | [optional] +**system_id** | **String** | | [optional] +**visible_alarm** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsChromeExtensions.md b/jcapiv2/docs/SystemInsightsChromeExtensions.md index 6749e9a..789bf2b 100644 --- a/jcapiv2/docs/SystemInsightsChromeExtensions.md +++ b/jcapiv2/docs/SystemInsightsChromeExtensions.md @@ -17,4 +17,3 @@ Name | Type | Description | Notes **update_url** | **String** | | [optional] **version** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsConnectivity.md b/jcapiv2/docs/SystemInsightsConnectivity.md new file mode 100644 index 0000000..9c6e2c2 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsConnectivity.md @@ -0,0 +1,17 @@ +# JCAPIv2::SystemInsightsConnectivity + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**disconnected** | **Integer** | | [optional] +**ipv4_internet** | **Integer** | | [optional] +**ipv4_local_network** | **Integer** | | [optional] +**ipv4_no_traffic** | **Integer** | | [optional] +**ipv4_subnet** | **Integer** | | [optional] +**ipv6_internet** | **Integer** | | [optional] +**ipv6_local_network** | **Integer** | | [optional] +**ipv6_no_traffic** | **Integer** | | [optional] +**ipv6_subnet** | **Integer** | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsCrashes.md b/jcapiv2/docs/SystemInsightsCrashes.md index b5c110d..7f88f63 100644 --- a/jcapiv2/docs/SystemInsightsCrashes.md +++ b/jcapiv2/docs/SystemInsightsCrashes.md @@ -3,6 +3,7 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] **crash_path** | **String** | | [optional] **crashed_thread** | **String** | | [optional] **datetime** | **String** | | [optional] @@ -16,8 +17,8 @@ Name | Type | Description | Notes **registers** | **String** | | [optional] **responsible** | **String** | | [optional] **stack_trace** | **String** | | [optional] +**system_id** | **String** | | [optional] **type** | **String** | | [optional] **uid** | **Integer** | | [optional] **version** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsCupsDestinations.md b/jcapiv2/docs/SystemInsightsCupsDestinations.md new file mode 100644 index 0000000..a444bce --- /dev/null +++ b/jcapiv2/docs/SystemInsightsCupsDestinations.md @@ -0,0 +1,10 @@ +# JCAPIv2::SystemInsightsCupsDestinations + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **String** | | [optional] +**option_name** | **String** | | [optional] +**option_value** | **String** | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsDiskEncryption.md b/jcapiv2/docs/SystemInsightsDiskEncryption.md index 8e2a6ea..97440f9 100644 --- a/jcapiv2/docs/SystemInsightsDiskEncryption.md +++ b/jcapiv2/docs/SystemInsightsDiskEncryption.md @@ -13,4 +13,3 @@ Name | Type | Description | Notes **user_uuid** | **String** | | [optional] **uuid** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsDiskInfo.md b/jcapiv2/docs/SystemInsightsDiskInfo.md index 26787cb..a594ed6 100644 --- a/jcapiv2/docs/SystemInsightsDiskInfo.md +++ b/jcapiv2/docs/SystemInsightsDiskInfo.md @@ -17,4 +17,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsDnsResolvers.md b/jcapiv2/docs/SystemInsightsDnsResolvers.md new file mode 100644 index 0000000..92128c4 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsDnsResolvers.md @@ -0,0 +1,13 @@ +# JCAPIv2::SystemInsightsDnsResolvers + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**address** | **String** | | [optional] +**collection_time** | **String** | | [optional] +**id** | [**BigDecimal**](BigDecimal.md) | | [optional] +**netmask** | **String** | | [optional] +**options** | **String** | | [optional] +**system_id** | **String** | | [optional] +**type** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsEtcHosts.md b/jcapiv2/docs/SystemInsightsEtcHosts.md index cac4725..6a69364 100644 --- a/jcapiv2/docs/SystemInsightsEtcHosts.md +++ b/jcapiv2/docs/SystemInsightsEtcHosts.md @@ -8,4 +8,3 @@ Name | Type | Description | Notes **hostnames** | **String** | | [optional] **system_id** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsFirefoxAddons.md b/jcapiv2/docs/SystemInsightsFirefoxAddons.md index c96d621..a73c7fa 100644 --- a/jcapiv2/docs/SystemInsightsFirefoxAddons.md +++ b/jcapiv2/docs/SystemInsightsFirefoxAddons.md @@ -20,4 +20,3 @@ Name | Type | Description | Notes **version** | **String** | | [optional] **visible** | **Integer** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsGroups.md b/jcapiv2/docs/SystemInsightsGroups.md index 9a9a621..448f827 100644 --- a/jcapiv2/docs/SystemInsightsGroups.md +++ b/jcapiv2/docs/SystemInsightsGroups.md @@ -11,4 +11,3 @@ Name | Type | Description | Notes **groupname** | **String** | | [optional] **system_id** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsIeExtensions.md b/jcapiv2/docs/SystemInsightsIeExtensions.md index 6b59ef9..a3abc9d 100644 --- a/jcapiv2/docs/SystemInsightsIeExtensions.md +++ b/jcapiv2/docs/SystemInsightsIeExtensions.md @@ -10,4 +10,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **version** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsInterfaceAddresses.md b/jcapiv2/docs/SystemInsightsInterfaceAddresses.md index f6df707..ec3b1a0 100644 --- a/jcapiv2/docs/SystemInsightsInterfaceAddresses.md +++ b/jcapiv2/docs/SystemInsightsInterfaceAddresses.md @@ -13,4 +13,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsInterfaceDetails.md b/jcapiv2/docs/SystemInsightsInterfaceDetails.md new file mode 100644 index 0000000..ae65835 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsInterfaceDetails.md @@ -0,0 +1,42 @@ +# JCAPIv2::SystemInsightsInterfaceDetails + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collisions** | **String** | | [optional] +**connection_id** | **String** | | [optional] +**connection_status** | **String** | | [optional] +**description** | **String** | | [optional] +**dhcp_enabled** | **Integer** | | [optional] +**dhcp_lease_expires** | **String** | | [optional] +**dhcp_lease_obtained** | **String** | | [optional] +**dhcp_server** | **String** | | [optional] +**dns_domain** | **String** | | [optional] +**dns_domain_suffix_search_order** | **String** | | [optional] +**dns_host_name** | **String** | | [optional] +**dns_server_search_order** | **String** | | [optional] +**enabled** | **Integer** | | [optional] +**flags** | **Integer** | | [optional] +**friendly_name** | **String** | | [optional] +**ibytes** | **String** | | [optional] +**idrops** | **String** | | [optional] +**ierrors** | **String** | | [optional] +**interface** | **String** | | [optional] +**ipackets** | **String** | | [optional] +**last_change** | **String** | | [optional] +**link_speed** | **String** | | [optional] +**mac** | **String** | | [optional] +**manufacturer** | **String** | | [optional] +**metric** | **Integer** | | [optional] +**mtu** | **Integer** | | [optional] +**obytes** | **String** | | [optional] +**odrops** | **String** | | [optional] +**oerrors** | **String** | | [optional] +**opackets** | **String** | | [optional] +**pci_slot** | **String** | | [optional] +**physical_adapter** | **Integer** | | [optional] +**service** | **String** | | [optional] +**speed** | **Integer** | | [optional] +**system_id** | **String** | | [optional] +**type** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsKernelInfo.md b/jcapiv2/docs/SystemInsightsKernelInfo.md index 5501795..72d06c6 100644 --- a/jcapiv2/docs/SystemInsightsKernelInfo.md +++ b/jcapiv2/docs/SystemInsightsKernelInfo.md @@ -10,4 +10,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **version** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsLaunchd.md b/jcapiv2/docs/SystemInsightsLaunchd.md index 8e5e7b5..dff4abb 100644 --- a/jcapiv2/docs/SystemInsightsLaunchd.md +++ b/jcapiv2/docs/SystemInsightsLaunchd.md @@ -27,4 +27,3 @@ Name | Type | Description | Notes **watch_paths** | **String** | | [optional] **working_directory** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsLinuxPackages.md b/jcapiv2/docs/SystemInsightsLinuxPackages.md new file mode 100644 index 0000000..c530c7b --- /dev/null +++ b/jcapiv2/docs/SystemInsightsLinuxPackages.md @@ -0,0 +1,18 @@ +# JCAPIv2::SystemInsightsLinuxPackages + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**arch** | **String** | | [optional] +**install_time** | **Integer** | | [optional] +**maintainer_or_vendor** | **String** | | [optional] +**mount_namespace_id** | **String** | | [optional] +**name** | **String** | | [optional] +**package_format** | **String** | | [optional] +**package_group_or_section** | **String** | | [optional] +**pid_with_namespace** | **Integer** | | [optional] +**release_or_revision** | **String** | | [optional] +**size** | **String** | | [optional] +**system_id** | **String** | | [optional] +**version** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsLoggedInUsers.md b/jcapiv2/docs/SystemInsightsLoggedInUsers.md index 5044bf8..984a7f2 100644 --- a/jcapiv2/docs/SystemInsightsLoggedInUsers.md +++ b/jcapiv2/docs/SystemInsightsLoggedInUsers.md @@ -12,4 +12,3 @@ Name | Type | Description | Notes **type** | **String** | | [optional] **user** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsLogicalDrvies.md b/jcapiv2/docs/SystemInsightsLogicalDrives.md similarity index 92% rename from jcapiv2/docs/SystemInsightsLogicalDrvies.md rename to jcapiv2/docs/SystemInsightsLogicalDrives.md index aa4283b..2ed6e67 100644 --- a/jcapiv2/docs/SystemInsightsLogicalDrvies.md +++ b/jcapiv2/docs/SystemInsightsLogicalDrives.md @@ -1,4 +1,4 @@ -# JCAPIv2::SystemInsightsLogicalDrvies +# JCAPIv2::SystemInsightsLogicalDrives ## Properties Name | Type | Description | Notes @@ -12,4 +12,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsManagedPolicies.md b/jcapiv2/docs/SystemInsightsManagedPolicies.md new file mode 100644 index 0000000..67a4824 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsManagedPolicies.md @@ -0,0 +1,14 @@ +# JCAPIv2::SystemInsightsManagedPolicies + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**domain** | **String** | | [optional] +**manual** | **Integer** | | [optional] +**name** | **String** | | [optional] +**system_id** | **String** | | [optional] +**username** | **String** | | [optional] +**uuid** | **String** | | [optional] +**value** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsMounts.md b/jcapiv2/docs/SystemInsightsMounts.md index abccc54..f21f063 100644 --- a/jcapiv2/docs/SystemInsightsMounts.md +++ b/jcapiv2/docs/SystemInsightsMounts.md @@ -17,4 +17,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsOsVersion.md b/jcapiv2/docs/SystemInsightsOsVersion.md index 56b0360..809b773 100644 --- a/jcapiv2/docs/SystemInsightsOsVersion.md +++ b/jcapiv2/docs/SystemInsightsOsVersion.md @@ -16,4 +16,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **version** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsPatches.md b/jcapiv2/docs/SystemInsightsPatches.md index 2622f03..bafef13 100644 --- a/jcapiv2/docs/SystemInsightsPatches.md +++ b/jcapiv2/docs/SystemInsightsPatches.md @@ -14,4 +14,3 @@ Name | Type | Description | Notes **installed_on** | **String** | | [optional] **system_id** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsPrograms.md b/jcapiv2/docs/SystemInsightsPrograms.md index e553371..7a1e88c 100644 --- a/jcapiv2/docs/SystemInsightsPrograms.md +++ b/jcapiv2/docs/SystemInsightsPrograms.md @@ -15,4 +15,3 @@ Name | Type | Description | Notes **uninstall_string** | **String** | | [optional] **version** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsPythonPackages.md b/jcapiv2/docs/SystemInsightsPythonPackages.md new file mode 100644 index 0000000..c9fba78 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsPythonPackages.md @@ -0,0 +1,14 @@ +# JCAPIv2::SystemInsightsPythonPackages + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**auther** | **String** | | [optional] +**directory** | **String** | | [optional] +**license** | **String** | | [optional] +**name** | **String** | | [optional] +**path** | **String** | | [optional] +**summary** | **String** | | [optional] +**system_id** | **String** | | [optional] +**version** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsSafariExtensions.md b/jcapiv2/docs/SystemInsightsSafariExtensions.md index 9da0ac3..0c0a4af 100644 --- a/jcapiv2/docs/SystemInsightsSafariExtensions.md +++ b/jcapiv2/docs/SystemInsightsSafariExtensions.md @@ -16,4 +16,3 @@ Name | Type | Description | Notes **update_url** | **String** | | [optional] **version** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsScheduledTasks.md b/jcapiv2/docs/SystemInsightsScheduledTasks.md new file mode 100644 index 0000000..23b8b17 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsScheduledTasks.md @@ -0,0 +1,17 @@ +# JCAPIv2::SystemInsightsScheduledTasks + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**action** | **String** | | [optional] +**enabled** | **Integer** | | [optional] +**hidden** | **Integer** | | [optional] +**last_run_code** | **String** | | [optional] +**last_run_message** | **String** | | [optional] +**last_run_time** | **String** | | [optional] +**name** | **String** | | [optional] +**next_run_time** | **String** | | [optional] +**path** | **String** | | [optional] +**state** | **String** | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsSecureboot.md b/jcapiv2/docs/SystemInsightsSecureboot.md new file mode 100644 index 0000000..23fecd8 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsSecureboot.md @@ -0,0 +1,10 @@ +# JCAPIv2::SystemInsightsSecureboot + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**secure_boot** | [**BigDecimal**](BigDecimal.md) | | [optional] +**setup_mode** | [**BigDecimal**](BigDecimal.md) | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsServices.md b/jcapiv2/docs/SystemInsightsServices.md new file mode 100644 index 0000000..ebc1052 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsServices.md @@ -0,0 +1,19 @@ +# JCAPIv2::SystemInsightsServices + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**description** | **String** | | [optional] +**display_name** | **String** | | [optional] +**module_path** | **String** | | [optional] +**name** | **String** | | [optional] +**path** | **String** | | [optional] +**pid** | **Integer** | | [optional] +**service_exit_code** | **Integer** | | [optional] +**service_type** | **String** | | [optional] +**start_type** | **String** | | [optional] +**status** | **String** | | [optional] +**system_id** | **String** | | [optional] +**user_account** | **String** | | [optional] +**win32_exit_code** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsShadow.md b/jcapiv2/docs/SystemInsightsShadow.md new file mode 100644 index 0000000..8072ae2 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsShadow.md @@ -0,0 +1,18 @@ +# JCAPIv2::SystemInsightsShadow + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**expire** | **String** | | [optional] +**flag** | **String** | | [optional] +**hash_alg** | **String** | | [optional] +**inactive** | **String** | | [optional] +**last_change** | **String** | | [optional] +**max** | **String** | | [optional] +**min** | **String** | | [optional] +**password_status** | **String** | | [optional] +**system_id** | **String** | | [optional] +**username** | **String** | | [optional] +**warning** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsSharedFolders.md b/jcapiv2/docs/SystemInsightsSharedFolders.md new file mode 100644 index 0000000..8f6e21a --- /dev/null +++ b/jcapiv2/docs/SystemInsightsSharedFolders.md @@ -0,0 +1,10 @@ +# JCAPIv2::SystemInsightsSharedFolders + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**name** | **String** | | [optional] +**path** | **String** | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsSharedResources.md b/jcapiv2/docs/SystemInsightsSharedResources.md new file mode 100644 index 0000000..8465aee --- /dev/null +++ b/jcapiv2/docs/SystemInsightsSharedResources.md @@ -0,0 +1,16 @@ +# JCAPIv2::SystemInsightsSharedResources + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**allow_maximum** | **Integer** | | [optional] +**collection_time** | **String** | | [optional] +**description** | **String** | | [optional] +**install_date** | **String** | | [optional] +**maximum_allowed** | **Integer** | | [optional] +**name** | **String** | | [optional] +**path** | **String** | | [optional] +**status** | **String** | | [optional] +**system_id** | **String** | | [optional] +**type** | **Integer** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsSharingPreferences.md b/jcapiv2/docs/SystemInsightsSharingPreferences.md new file mode 100644 index 0000000..0eff701 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsSharingPreferences.md @@ -0,0 +1,18 @@ +# JCAPIv2::SystemInsightsSharingPreferences + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**bluetooth_sharing** | **Integer** | | [optional] +**collection_time** | **String** | | [optional] +**content_caching** | **Integer** | | [optional] +**disc_sharing** | **Integer** | | [optional] +**file_sharing** | **Integer** | | [optional] +**internet_sharing** | **Integer** | | [optional] +**printer_sharing** | **Integer** | | [optional] +**remote_apple_events** | **Integer** | | [optional] +**remote_login** | **Integer** | | [optional] +**remote_management** | **Integer** | | [optional] +**screen_sharing** | **Integer** | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsSipConfig.md b/jcapiv2/docs/SystemInsightsSipConfig.md new file mode 100644 index 0000000..2be2697 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsSipConfig.md @@ -0,0 +1,11 @@ +# JCAPIv2::SystemInsightsSipConfig + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**config_flag** | **String** | | [optional] +**enabled** | **Integer** | | [optional] +**enabled_nvram** | **Integer** | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsStartupItems.md b/jcapiv2/docs/SystemInsightsStartupItems.md new file mode 100644 index 0000000..a027f8c --- /dev/null +++ b/jcapiv2/docs/SystemInsightsStartupItems.md @@ -0,0 +1,14 @@ +# JCAPIv2::SystemInsightsStartupItems + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**args** | **String** | | [optional] +**name** | **String** | | [optional] +**path** | **String** | | [optional] +**source** | **String** | | [optional] +**status** | **String** | | [optional] +**system_id** | **String** | | [optional] +**type** | **String** | | [optional] +**username** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsSystemControls.md b/jcapiv2/docs/SystemInsightsSystemControls.md index c883656..149254e 100644 --- a/jcapiv2/docs/SystemInsightsSystemControls.md +++ b/jcapiv2/docs/SystemInsightsSystemControls.md @@ -13,4 +13,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **type** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsSystemInfo.md b/jcapiv2/docs/SystemInsightsSystemInfo.md index b2f1afb..0e62a2b 100644 --- a/jcapiv2/docs/SystemInsightsSystemInfo.md +++ b/jcapiv2/docs/SystemInsightsSystemInfo.md @@ -21,4 +21,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **uuid** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsTpmInfo.md b/jcapiv2/docs/SystemInsightsTpmInfo.md new file mode 100644 index 0000000..392b0c0 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsTpmInfo.md @@ -0,0 +1,17 @@ +# JCAPIv2::SystemInsightsTpmInfo + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**activated** | [**BigDecimal**](BigDecimal.md) | | [optional] +**collection_time** | **String** | | [optional] +**enabled** | [**BigDecimal**](BigDecimal.md) | | [optional] +**manufacturer_id** | [**BigDecimal**](BigDecimal.md) | | [optional] +**manufacturer_name** | **String** | | [optional] +**manufacturer_version** | **String** | | [optional] +**owned** | [**BigDecimal**](BigDecimal.md) | | [optional] +**physical_presence_version** | **String** | | [optional] +**product_name** | **String** | | [optional] +**spec_version** | **String** | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsUptime.md b/jcapiv2/docs/SystemInsightsUptime.md index 3d14f3f..8c1e93f 100644 --- a/jcapiv2/docs/SystemInsightsUptime.md +++ b/jcapiv2/docs/SystemInsightsUptime.md @@ -11,4 +11,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **total_seconds** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsUsbDevices.md b/jcapiv2/docs/SystemInsightsUsbDevices.md index 9af4d0b..5920bcd 100644 --- a/jcapiv2/docs/SystemInsightsUsbDevices.md +++ b/jcapiv2/docs/SystemInsightsUsbDevices.md @@ -18,4 +18,3 @@ Name | Type | Description | Notes **vendor_id** | **String** | | [optional] **version** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsUserGroups.md b/jcapiv2/docs/SystemInsightsUserGroups.md index 37ecb4f..40c05f2 100644 --- a/jcapiv2/docs/SystemInsightsUserGroups.md +++ b/jcapiv2/docs/SystemInsightsUserGroups.md @@ -8,4 +8,3 @@ Name | Type | Description | Notes **system_id** | **String** | | [optional] **uid** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsUserSshKeys.md b/jcapiv2/docs/SystemInsightsUserSshKeys.md new file mode 100644 index 0000000..bb18f5c --- /dev/null +++ b/jcapiv2/docs/SystemInsightsUserSshKeys.md @@ -0,0 +1,11 @@ +# JCAPIv2::SystemInsightsUserSshKeys + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**encrypted** | **Integer** | | [optional] +**path** | **String** | | [optional] +**system_id** | **String** | | [optional] +**uid** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsUserassist.md b/jcapiv2/docs/SystemInsightsUserassist.md new file mode 100644 index 0000000..ebb2aec --- /dev/null +++ b/jcapiv2/docs/SystemInsightsUserassist.md @@ -0,0 +1,12 @@ +# JCAPIv2::SystemInsightsUserassist + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**count** | [**BigDecimal**](BigDecimal.md) | | [optional] +**last_execution_time** | [**BigDecimal**](BigDecimal.md) | | [optional] +**path** | **String** | | [optional] +**sid** | **String** | | [optional] +**system_id** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsUsers.md b/jcapiv2/docs/SystemInsightsUsers.md index d103aa1..1969dc7 100644 --- a/jcapiv2/docs/SystemInsightsUsers.md +++ b/jcapiv2/docs/SystemInsightsUsers.md @@ -3,12 +3,18 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**ad_managed** | **BOOLEAN** | Indicates this account belongs to a AD-managed user | [optional] +**admin** | **BOOLEAN** | Indicates this account has local administrator privileges | [optional] **collection_time** | **String** | | [optional] **description** | **String** | | [optional] **directory** | **String** | | [optional] **gid** | **String** | | [optional] **gid_signed** | **String** | | [optional] +**last_login** | **String** | A Unix timestamp showing the last time this user logged in | [optional] +**managed** | **BOOLEAN** | Indicates this account belongs to a JumpCloud-managed user | [optional] +**real_user** | **BOOLEAN** | Indicates this account represents an interactive user account vs. a system or daemon account | [optional] **shell** | **String** | | [optional] +**suspended** | **BOOLEAN** | Indicates this account is suspended or locked out | [optional] **system_id** | **String** | | [optional] **type** | **String** | | [optional] **uid** | **String** | | [optional] @@ -16,4 +22,3 @@ Name | Type | Description | Notes **username** | **String** | | [optional] **uuid** | **String** | | [optional] - diff --git a/jcapiv2/docs/SystemInsightsWifiNetworks.md b/jcapiv2/docs/SystemInsightsWifiNetworks.md new file mode 100644 index 0000000..abd01e3 --- /dev/null +++ b/jcapiv2/docs/SystemInsightsWifiNetworks.md @@ -0,0 +1,20 @@ +# JCAPIv2::SystemInsightsWifiNetworks + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**auto_login** | [**BigDecimal**](BigDecimal.md) | | [optional] +**captive_portal** | [**BigDecimal**](BigDecimal.md) | | [optional] +**collection_time** | **String** | | [optional] +**disabled** | [**BigDecimal**](BigDecimal.md) | | [optional] +**last_connected** | [**BigDecimal**](BigDecimal.md) | | [optional] +**network_name** | **String** | | [optional] +**passpoint** | [**BigDecimal**](BigDecimal.md) | | [optional] +**possibly_hidden** | [**BigDecimal**](BigDecimal.md) | | [optional] +**roaming** | [**BigDecimal**](BigDecimal.md) | | [optional] +**roaming_profile** | **String** | | [optional] +**security_type** | **String** | | [optional] +**ssid** | **String** | | [optional] +**system_id** | **String** | | [optional] +**temporarily_disabled** | [**BigDecimal**](BigDecimal.md) | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsWifiStatus.md b/jcapiv2/docs/SystemInsightsWifiStatus.md new file mode 100644 index 0000000..f48757b --- /dev/null +++ b/jcapiv2/docs/SystemInsightsWifiStatus.md @@ -0,0 +1,21 @@ +# JCAPIv2::SystemInsightsWifiStatus + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**bssid** | **String** | | [optional] +**channel** | [**BigDecimal**](BigDecimal.md) | | [optional] +**channel_band** | [**BigDecimal**](BigDecimal.md) | | [optional] +**channel_width** | [**BigDecimal**](BigDecimal.md) | | [optional] +**collection_time** | **String** | | [optional] +**country_code** | **String** | | [optional] +**interface** | **String** | | [optional] +**mode** | **String** | | [optional] +**network_name** | **String** | | [optional] +**noise** | [**BigDecimal**](BigDecimal.md) | | [optional] +**rssi** | [**BigDecimal**](BigDecimal.md) | | [optional] +**security_type** | **String** | | [optional] +**ssid** | **String** | | [optional] +**system_id** | **String** | | [optional] +**transmit_rate** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsWindowsCrashes.md b/jcapiv2/docs/SystemInsightsWindowsCrashes.md deleted file mode 100644 index 54c2d96..0000000 --- a/jcapiv2/docs/SystemInsightsWindowsCrashes.md +++ /dev/null @@ -1,28 +0,0 @@ -# JCAPIv2::SystemInsightsWindowsCrashes - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**build_number** | **Integer** | | [optional] -**command_line** | **String** | | [optional] -**crash_path** | **String** | | [optional] -**current_directory** | **String** | | [optional] -**datetime** | **String** | | [optional] -**exception_address** | **String** | | [optional] -**exception_code** | **String** | | [optional] -**exception_message** | **String** | | [optional] -**machine_name** | **String** | | [optional] -**major_version** | **Integer** | | [optional] -**minor_version** | **Integer** | | [optional] -**_module** | **String** | | [optional] -**path** | **String** | | [optional] -**pid** | **String** | | [optional] -**process_uptime** | **String** | | [optional] -**registers** | **String** | | [optional] -**stack_trace** | **String** | | [optional] -**tid** | **String** | | [optional] -**type** | **String** | | [optional] -**username** | **String** | | [optional] -**version** | **String** | | [optional] - - diff --git a/jcapiv2/docs/SystemInsightsWindowsSecurityCenter.md b/jcapiv2/docs/SystemInsightsWindowsSecurityCenter.md new file mode 100644 index 0000000..8c1ec1c --- /dev/null +++ b/jcapiv2/docs/SystemInsightsWindowsSecurityCenter.md @@ -0,0 +1,15 @@ +# JCAPIv2::SystemInsightsWindowsSecurityCenter + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**antispyware** | **String** | | [optional] +**antivirus** | **String** | | [optional] +**autoupdate** | **String** | | [optional] +**collection_time** | **String** | | [optional] +**firewall** | **String** | | [optional] +**internet_settings** | **String** | | [optional] +**system_id** | **String** | | [optional] +**user_account_control** | **String** | | [optional] +**windows_security_center_service** | **String** | | [optional] + diff --git a/jcapiv2/docs/SystemInsightsWindowsSecurityProducts.md b/jcapiv2/docs/SystemInsightsWindowsSecurityProducts.md new file mode 100644 index 0000000..fb55bbc --- /dev/null +++ b/jcapiv2/docs/SystemInsightsWindowsSecurityProducts.md @@ -0,0 +1,14 @@ +# JCAPIv2::SystemInsightsWindowsSecurityProducts + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**collection_time** | **String** | | [optional] +**name** | **String** | | [optional] +**remediation_path** | **String** | | [optional] +**signatures_up_to_date** | [**BigDecimal**](BigDecimal.md) | | [optional] +**state** | **String** | | [optional] +**state_timestamp** | **String** | | [optional] +**system_id** | **String** | | [optional] +**type** | **String** | | [optional] + diff --git a/jcapiv2/docs/Systemfdekey.md b/jcapiv2/docs/Systemfdekey.md index 8cee410..5edf719 100644 --- a/jcapiv2/docs/Systemfdekey.md +++ b/jcapiv2/docs/Systemfdekey.md @@ -5,4 +5,3 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **key** | **String** | | - diff --git a/jcapiv2/docs/SystemsApi.md b/jcapiv2/docs/SystemsApi.md index 6445d52..57f648b 100644 --- a/jcapiv2/docs/SystemsApi.md +++ b/jcapiv2/docs/SystemsApi.md @@ -9,13 +9,14 @@ Method | HTTP request | Description [**graph_system_member_of**](SystemsApi.md#graph_system_member_of) | **GET** /systems/{system_id}/memberof | List the parent Groups of a System [**graph_system_traverse_command**](SystemsApi.md#graph_system_traverse_command) | **GET** /systems/{system_id}/commands | List the Commands bound to a System [**graph_system_traverse_policy**](SystemsApi.md#graph_system_traverse_policy) | **GET** /systems/{system_id}/policies | List the Policies bound to a System +[**graph_system_traverse_policy_group**](SystemsApi.md#graph_system_traverse_policy_group) | **GET** /systems/{system_id}/policygroups | List the Policy Groups bound to a System [**graph_system_traverse_user**](SystemsApi.md#graph_system_traverse_user) | **GET** /systems/{system_id}/users | List the Users bound to a System [**graph_system_traverse_user_group**](SystemsApi.md#graph_system_traverse_user_group) | **GET** /systems/{system_id}/usergroups | List the User Groups bound to a System [**systems_get_fde_key**](SystemsApi.md#systems_get_fde_key) | **GET** /systems/{system_id}/fdekey | Get System FDE Key - +[**systems_list_software_apps_with_statuses**](SystemsApi.md#systems_list_software_apps_with_statuses) | **GET** /systems/{system_id}/softwareappstatuses | List the associated Software Application Statuses of a System # **graph_system_associations_list** -> Array<GraphConnection> graph_system_associations_list(system_id, content_type, accepttargets, opts) +> Array<GraphConnection> graph_system_associations_list(system_id, targets, opts) List the associations of a System @@ -34,26 +35,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemsApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -targets = ["targets_example"] # Array | - +system_id = 'system_id_example' # String | ObjectID of the System. +targets = ['targets_example'] # Array | Targets which a \"system\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - x_org_id: "" # String | + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a System - result = api_instance.graph_system_associations_list(system_id, content_type, accepttargets, opts) + result = api_instance.graph_system_associations_list(system_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemsApi->graph_system_associations_list: #{e}" @@ -65,14 +59,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **targets** | [**Array<String>**](String.md)| | + **targets** | [**Array<String>**](String.md)| Targets which a \"system\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -84,17 +76,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_associations_post** -> graph_system_associations_post(system_id, content_type, accept, opts) +> graph_system_associations_post(system_id, opts) Manage associations of a System -This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` +This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` ### Example ```ruby @@ -109,23 +101,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemsApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { - body: JCAPIv2::SystemGraphManagementReq.new, # SystemGraphManagementReq | - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - x_org_id: "" # String | + body: JCAPIv2::GraphOperationSystem.new # GraphOperationSystem | + date: 'date_example' # String | Current date header for the System Context API + authorization: 'authorization_example' # String | Authorization header for the System Context API + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage associations of a System - api_instance.graph_system_associations_post(system_id, content_type, accept, opts) + api_instance.graph_system_associations_post(system_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling SystemsApi->graph_system_associations_post: #{e}" end @@ -136,12 +122,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**SystemGraphManagementReq**](SystemGraphManagementReq.md)| | [optional] + **body** | [**GraphOperationSystem**](GraphOperationSystem.md)| | [optional] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -154,12 +138,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_system_member_of** -> Array<GraphObjectWithPaths> graph_system_member_of(system_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_member_of(system_id, opts) List the parent Groups of a System @@ -178,26 +162,20 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemsApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the parent Groups of a System - result = api_instance.graph_system_member_of(system_id, content_type, accept, opts) + result = api_instance.graph_system_member_of(system_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemsApi->graph_system_member_of: #{e}" @@ -209,15 +187,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -229,13 +205,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_traverse_command** -> Array<GraphObjectWithPaths> graph_system_traverse_command(system_id, content_type, accept, opts) +> Array<CommandsGraphObjectWithPaths> graph_system_traverse_command(system_id, opts) List the Commands bound to a System @@ -254,23 +230,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemsApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + details: 'details_example' # String | This will provide detail descriptive response for the request. } begin #List the Commands bound to a System - result = api_instance.graph_system_traverse_command(system_id, content_type, accept, opts) + result = api_instance.graph_system_traverse_command(system_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemsApi->graph_system_traverse_command: #{e}" @@ -282,16 +253,15 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **details** | **String**| This will provide detail descriptive response for the request. | [optional] ### Return type -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) +[**Array<CommandsGraphObjectWithPaths>**](CommandsGraphObjectWithPaths.md) ### Authorization @@ -299,13 +269,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_traverse_policy** -> Array<GraphObjectWithPaths> graph_system_traverse_policy(system_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_traverse_policy(system_id, opts) List the Policies bound to a System @@ -324,26 +294,84 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0, # Integer | The offset into the records to return. + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` +} -system_id = "system_id_example" # String | ObjectID of the System. +begin + #List the Policies bound to a System + result = api_instance.graph_system_traverse_policy(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->graph_system_traverse_policy: #{e}" +end +``` -content_type = "application/json" # String | +### Parameters -accept = "application/json" # String | +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **system_id** | **String**| ObjectID of the System. | + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + +### Return type + +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_system_traverse_policy_group** +> Array<GraphObjectWithPaths> graph_system_traverse_policy_group(system_id, opts) + +List the Policy Groups bound to a System + +This endpoint will return all Policy Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin - #List the Policies bound to a System - result = api_instance.graph_system_traverse_policy(system_id, content_type, accept, opts) + #List the Policy Groups bound to a System + result = api_instance.graph_system_traverse_policy_group(system_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling SystemsApi->graph_system_traverse_policy: #{e}" + puts "Exception when calling SystemsApi->graph_system_traverse_policy_group: #{e}" end ``` @@ -352,12 +380,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **date** | **String**| Current date header for the System Context API | [optional] + **authorization** | **String**| Authorization header for the System Context API | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -369,13 +397,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_traverse_user** -> Array<GraphObjectWithPaths> graph_system_traverse_user(system_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_traverse_user(system_id, opts) List the Users bound to a System @@ -394,25 +422,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemsApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Users bound to a System - result = api_instance.graph_system_traverse_user(system_id, content_type, accept, opts) + result = api_instance.graph_system_traverse_user(system_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemsApi->graph_system_traverse_user: #{e}" @@ -424,14 +446,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -443,13 +463,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_system_traverse_user_group** -> Array<GraphObjectWithPaths> graph_system_traverse_user_group(system_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_system_traverse_user_group(system_id, opts) List the User Groups bound to a System @@ -468,25 +488,19 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemsApi.new - -system_id = "system_id_example" # String | ObjectID of the System. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +system_id = 'system_id_example' # String | ObjectID of the System. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - date: "date_example", # String | Current date header for the System Context API - authorization: "authorization_example", # String | Authorization header for the System Context API - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + date: 'date_example', # String | Current date header for the System Context API + authorization: 'authorization_example', # String | Authorization header for the System Context API + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the User Groups bound to a System - result = api_instance.graph_system_traverse_user_group(system_id, content_type, accept, opts) + result = api_instance.graph_system_traverse_user_group(system_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling SystemsApi->graph_system_traverse_user_group: #{e}" @@ -498,14 +512,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| ObjectID of the System. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **date** | **String**| Current date header for the System Context API | [optional] **authorization** | **String**| Authorization header for the System Context API | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -517,7 +529,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json @@ -542,11 +554,9 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::SystemsApi.new - -system_id = "system_id_example" # String | - +system_id = 'system_id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin @@ -563,7 +573,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **system_id** | **String**| | - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -575,7 +585,71 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systems_list_software_apps_with_statuses** +> Array<SoftwareAppWithStatus> systems_list_software_apps_with_statuses(system_id, opts) + +List the associated Software Application Statuses of a System + +This endpoint returns all the statuses of the associated Software Applications from the provided JumpCloud system ID. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{system_id}/softwareappstatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsApi.new +system_id = 'system_id_example' # String | ObjectID of the System. +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0, # Integer | The offset into the records to return. + sort: ['sort_example'] # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. +} + +begin + #List the associated Software Application Statuses of a System + result = api_instance.systems_list_software_apps_with_statuses(system_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsApi->systems_list_software_apps_with_statuses: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **system_id** | **String**| ObjectID of the System. | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] + +### Return type + +[**Array<SoftwareAppWithStatus>**](SoftwareAppWithStatus.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/SystemsOrganizationSettingsApi.md b/jcapiv2/docs/SystemsOrganizationSettingsApi.md new file mode 100644 index 0000000..43b3edb --- /dev/null +++ b/jcapiv2/docs/SystemsOrganizationSettingsApi.md @@ -0,0 +1,116 @@ +# JCAPIv2::SystemsOrganizationSettingsApi + +All URIs are relative to *https://console.jumpcloud.com/api/v2* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**systems_org_settings_get_sign_in_with_jump_cloud_settings**](SystemsOrganizationSettingsApi.md#systems_org_settings_get_sign_in_with_jump_cloud_settings) | **GET** /devices/settings/signinwithjumpcloud | Get the Sign In with JumpCloud Settings +[**systems_org_settings_set_sign_in_with_jump_cloud_settings**](SystemsOrganizationSettingsApi.md#systems_org_settings_set_sign_in_with_jump_cloud_settings) | **PUT** /devices/settings/signinwithjumpcloud | Set the Sign In with JumpCloud Settings + +# **systems_org_settings_get_sign_in_with_jump_cloud_settings** +> DevicesGetSignInWithJumpCloudSettingsResponse systems_org_settings_get_sign_in_with_jump_cloud_settings(opts) + +Get the Sign In with JumpCloud Settings + +Gets the Sign In with JumpCloud Settings for an Organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/devices/settings/signinwithjumpcloud \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsOrganizationSettingsApi.new +opts = { + organization_object_id: 'B' # String | +} + +begin + #Get the Sign In with JumpCloud Settings + result = api_instance.systems_org_settings_get_sign_in_with_jump_cloud_settings(opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsOrganizationSettingsApi->systems_org_settings_get_sign_in_with_jump_cloud_settings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **organization_object_id** | **String**| | [optional] + +### Return type + +[**DevicesGetSignInWithJumpCloudSettingsResponse**](DevicesGetSignInWithJumpCloudSettingsResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **systems_org_settings_set_sign_in_with_jump_cloud_settings** +> Object systems_org_settings_set_sign_in_with_jump_cloud_settings(body) + +Set the Sign In with JumpCloud Settings + +Sets the Sign In with JumpCloud Settings for an Organization. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/devices/settings/signinwithjumpcloud \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' \\ -d '{\"settings\":[{\"osFamily\":\"WINDOWS\",\"enabled\":true,\"defaultPermission\":\"STANDARD\"}]}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::SystemsOrganizationSettingsApi.new +body = JCAPIv2::DevicesSetSignInWithJumpCloudSettingsRequest.new # DevicesSetSignInWithJumpCloudSettingsRequest | + + +begin + #Set the Sign In with JumpCloud Settings + result = api_instance.systems_org_settings_set_sign_in_with_jump_cloud_settings(body) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling SystemsOrganizationSettingsApi->systems_org_settings_set_sign_in_with_jump_cloud_settings: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**DevicesSetSignInWithJumpCloudSettingsRequest**](DevicesSetSignInWithJumpCloudSettingsRequest.md)| | + +### Return type + +**Object** + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + + diff --git a/jcapiv2/docs/Systemuser.md b/jcapiv2/docs/Systemuser.md deleted file mode 100644 index 36ef625..0000000 --- a/jcapiv2/docs/Systemuser.md +++ /dev/null @@ -1,48 +0,0 @@ -# JCAPIv2::Systemuser - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**_id** | **String** | | [optional] -**account_locked** | **BOOLEAN** | | [optional] -**activated** | **BOOLEAN** | | [optional] -**allow_public_key** | **BOOLEAN** | | [optional] -**associated_tag_count** | **Integer** | | [optional] -**attributes** | **Array<Object>** | | [optional] -**company** | **String** | | [optional] -**cost_center** | **String** | | [optional] -**created** | **String** | | [optional] -**department** | **String** | | [optional] -**description** | **String** | | [optional] -**displayname** | **String** | | [optional] -**email** | **String** | | [optional] -**employee_identifier** | **String** | Must be unique per user. | [optional] -**employee_type** | **String** | | [optional] -**enable_managed_uid** | **BOOLEAN** | | [optional] -**enable_user_portal_multifactor** | **BOOLEAN** | | [optional] -**external_dn** | **String** | | [optional] -**external_source_type** | **String** | | [optional] -**externally_managed** | **BOOLEAN** | | [optional] -**firstname** | **String** | | [optional] -**job_title** | **String** | | [optional] -**lastname** | **String** | | [optional] -**ldap_binding_user** | **BOOLEAN** | | [optional] -**location** | **String** | | [optional] -**mfa** | [**Mfa**](Mfa.md) | | [optional] -**middlename** | **String** | | [optional] -**password_expiration_date** | **String** | | [optional] -**password_expired** | **BOOLEAN** | | [optional] -**password_never_expires** | **BOOLEAN** | | [optional] -**passwordless_sudo** | **BOOLEAN** | | [optional] -**public_key** | **String** | | [optional] -**samba_service_user** | **BOOLEAN** | | [optional] -**ssh_keys** | [**Array<Sshkeylist>**](Sshkeylist.md) | | [optional] -**sudo** | **BOOLEAN** | | [optional] -**suspended** | **BOOLEAN** | | [optional] -**tags** | **Array<String>** | | [optional] -**totp_enabled** | **BOOLEAN** | | [optional] -**unix_guid** | **Integer** | | [optional] -**unix_uid** | **Integer** | | [optional] -**username** | **String** | | [optional] - - diff --git a/jcapiv2/docs/Systemuserputpost.md b/jcapiv2/docs/Systemuserputpost.md deleted file mode 100644 index 812531a..0000000 --- a/jcapiv2/docs/Systemuserputpost.md +++ /dev/null @@ -1,45 +0,0 @@ -# JCAPIv2::Systemuserputpost - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**account_locked** | **BOOLEAN** | | [optional] -**activated** | **BOOLEAN** | | [optional] -**addresses** | [**Array<SystemuserputpostAddresses>**](SystemuserputpostAddresses.md) | | [optional] -**allow_public_key** | **BOOLEAN** | | [optional] -**attributes** | **Array<Object>** | | [optional] -**company** | **String** | | [optional] -**cost_center** | **String** | | [optional] -**department** | **String** | | [optional] -**description** | **String** | | [optional] -**displayname** | **String** | | [optional] -**email** | **String** | | -**employee_identifier** | **String** | Must be unique per user. | [optional] -**employee_type** | **String** | | [optional] -**enable_managed_uid** | **BOOLEAN** | | [optional] -**enable_user_portal_multifactor** | **BOOLEAN** | | [optional] -**external_dn** | **String** | | [optional] -**external_source_type** | **String** | | [optional] -**externally_managed** | **BOOLEAN** | | [optional] -**firstname** | **String** | | [optional] -**job_title** | **String** | | [optional] -**lastname** | **String** | | [optional] -**ldap_binding_user** | **BOOLEAN** | | [optional] -**location** | **String** | | [optional] -**mfa** | [**Mfa**](Mfa.md) | | [optional] -**middlename** | **String** | | [optional] -**password** | **String** | | [optional] -**password_never_expires** | **BOOLEAN** | | [optional] -**passwordless_sudo** | **BOOLEAN** | | [optional] -**phone_numbers** | [**Array<SystemuserputpostPhoneNumbers>**](SystemuserputpostPhoneNumbers.md) | | [optional] -**public_key** | **String** | | [optional] -**relationships** | **Array<Object>** | | [optional] -**samba_service_user** | **BOOLEAN** | | [optional] -**sudo** | **BOOLEAN** | | [optional] -**suspended** | **BOOLEAN** | | [optional] -**tags** | **Array<String>** | | [optional] -**unix_guid** | **Integer** | | [optional] -**unix_uid** | **Integer** | | [optional] -**username** | **String** | | - - diff --git a/jcapiv2/docs/TicketingIntegrationAlert.md b/jcapiv2/docs/TicketingIntegrationAlert.md new file mode 100644 index 0000000..a6ba430 --- /dev/null +++ b/jcapiv2/docs/TicketingIntegrationAlert.md @@ -0,0 +1,10 @@ +# JCAPIv2::TicketingIntegrationAlert + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**category** | **String** | | [optional] +**description** | **String** | | [optional] +**id** | **Integer** | | [optional] +**name** | **String** | | [optional] + diff --git a/jcapiv2/docs/TicketingIntegrationAlertsResp.md b/jcapiv2/docs/TicketingIntegrationAlertsResp.md new file mode 100644 index 0000000..12998c4 --- /dev/null +++ b/jcapiv2/docs/TicketingIntegrationAlertsResp.md @@ -0,0 +1,7 @@ +# JCAPIv2::TicketingIntegrationAlertsResp + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**records** | [**Array<TicketingIntegrationAlert>**](TicketingIntegrationAlert.md) | | + diff --git a/jcapiv2/docs/User.md b/jcapiv2/docs/User.md new file mode 100644 index 0000000..b878e23 --- /dev/null +++ b/jcapiv2/docs/User.md @@ -0,0 +1,19 @@ +# JCAPIv2::User + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**addresses** | [**Array<Address>**](Address.md) | | [optional] +**alternate_email** | **String** | | [optional] +**company** | **String** | | [optional] +**cost_center** | **String** | | [optional] +**department** | **String** | | [optional] +**email** | **String** | | [optional] +**employee_identifier** | **String** | Must be unique per user. | [optional] +**employee_type** | **String** | | [optional] +**firstname** | **String** | | [optional] +**job_title** | **String** | | [optional] +**lastname** | **String** | | [optional] +**location** | **String** | | [optional] +**phone_numbers** | [**Array<PhoneNumber>**](PhoneNumber.md) | | [optional] + diff --git a/jcapiv2/docs/UserGroup.md b/jcapiv2/docs/UserGroup.md index 91b577e..17e371b 100644 --- a/jcapiv2/docs/UserGroup.md +++ b/jcapiv2/docs/UserGroup.md @@ -3,9 +3,15 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**attributes** | [**UserGroupAttributes**](UserGroupAttributes.md) | | [optional] +**attributes** | [**GroupAttributesUserGroup**](GroupAttributesUserGroup.md) | | [optional] +**description** | **String** | Description of a User Group | [optional] +**email** | **String** | Email address of a User Group | [optional] **id** | **String** | ObjectId uniquely identifying a User Group. | [optional] +**member_query** | [**FilterQuery**](FilterQuery.md) | | [optional] +**member_query_exemptions** | [**Array<GraphObject>**](GraphObject.md) | Array of GraphObjects exempted from the query | [optional] +**member_suggestions_notify** | **BOOLEAN** | True if notification emails are to be sent for membership suggestions. | [optional] +**membership_method** | [**GroupMembershipMethodType**](GroupMembershipMethodType.md) | | [optional] **name** | **String** | Display name of a User Group. | [optional] +**suggestion_counts** | [**SuggestionCounts**](SuggestionCounts.md) | | [optional] **type** | **String** | The type of the group. | [optional] - diff --git a/jcapiv2/docs/UserGroupAssociationsApi.md b/jcapiv2/docs/UserGroupAssociationsApi.md index 8c96c50..bad0742 100644 --- a/jcapiv2/docs/UserGroupAssociationsApi.md +++ b/jcapiv2/docs/UserGroupAssociationsApi.md @@ -16,9 +16,8 @@ Method | HTTP request | Description [**graph_user_group_traverse_system**](UserGroupAssociationsApi.md#graph_user_group_traverse_system) | **GET** /usergroups/{group_id}/systems | List the Systems bound to a User Group [**graph_user_group_traverse_system_group**](UserGroupAssociationsApi.md#graph_user_group_traverse_system_group) | **GET** /usergroups/{group_id}/systemgroups | List the System Groups bound to User Groups - # **graph_user_group_associations_list** -> Array<GraphConnection> graph_user_group_associations_list(group_id, content_type, accepttargets, opts) +> Array<GraphConnection> graph_user_group_associations_list(group_id, targets, opts) List the associations of a User Group. @@ -37,24 +36,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -targets = ["targets_example"] # Array | - +group_id = 'group_id_example' # String | ObjectID of the User Group. +targets = ['targets_example'] # Array | Targets which a \"user_group\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a User Group. - result = api_instance.graph_user_group_associations_list(group_id, content_type, accepttargets, opts) + result = api_instance.graph_user_group_associations_list(group_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_associations_list: #{e}" @@ -66,12 +58,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **targets** | [**Array<String>**](String.md)| | + **targets** | [**Array<String>**](String.md)| Targets which a \"user_group\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -83,17 +73,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_associations_post** -> graph_user_group_associations_post(group_id, content_type, accept, opts) +> graph_user_group_associations_post(group_id, opts) Manage the associations of a User Group -This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` +This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` ### Example ```ruby @@ -108,21 +98,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { - body: JCAPIv2::UserGroupGraphManagementReq.new, # UserGroupGraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationUserGroup.new # GraphOperationUserGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a User Group - api_instance.graph_user_group_associations_post(group_id, content_type, accept, opts) + api_instance.graph_user_group_associations_post(group_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_associations_post: #{e}" end @@ -133,10 +117,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**UserGroupGraphManagementReq**](UserGroupGraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationUserGroup**](GraphOperationUserGroup.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -149,12 +131,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_user_group_traverse_active_directory** -> Array<GraphObjectWithPaths> graph_user_group_traverse_active_directory(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_active_directory(group_id, opts) List the Active Directories bound to a User Group @@ -173,23 +155,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Active Directories bound to a User Group - result = api_instance.graph_user_group_traverse_active_directory(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_active_directory(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_active_directory: #{e}" @@ -201,12 +177,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -218,13 +192,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_application** -> Array<GraphObjectWithPaths> graph_user_group_traverse_application(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_application(group_id, opts) List the Applications bound to a User Group @@ -243,23 +217,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Applications bound to a User Group - result = api_instance.graph_user_group_traverse_application(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_application(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_application: #{e}" @@ -271,12 +239,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -288,13 +254,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_directory** -> Array<GraphObjectWithPaths> graph_user_group_traverse_directory(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_directory(group_id, opts) List the Directories bound to a User Group @@ -313,23 +279,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Directories bound to a User Group - result = api_instance.graph_user_group_traverse_directory(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_directory(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_directory: #{e}" @@ -341,12 +301,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -358,13 +316,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_g_suite** -> Array<GraphObjectWithPaths> graph_user_group_traverse_g_suite(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_g_suite(group_id, opts) List the G Suite instances bound to a User Group @@ -383,23 +341,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the G Suite instances bound to a User Group - result = api_instance.graph_user_group_traverse_g_suite(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_g_suite(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_g_suite: #{e}" @@ -411,12 +363,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -428,13 +378,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_ldap_server** -> Array<GraphObjectWithPaths> graph_user_group_traverse_ldap_server(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_ldap_server(group_id, opts) List the LDAP Servers bound to a User Group @@ -453,23 +403,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the LDAP Servers bound to a User Group - result = api_instance.graph_user_group_traverse_ldap_server(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_ldap_server(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_ldap_server: #{e}" @@ -481,12 +425,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -498,13 +440,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_office365** -> Array<GraphObjectWithPaths> graph_user_group_traverse_office365(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_office365(group_id, opts) List the Office 365 instances bound to a User Group @@ -523,23 +465,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Office 365 instances bound to a User Group - result = api_instance.graph_user_group_traverse_office365(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_office365(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_office365: #{e}" @@ -551,12 +487,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -568,13 +502,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_radius_server** -> Array<GraphObjectWithPaths> graph_user_group_traverse_radius_server(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_radius_server(group_id, opts) List the RADIUS Servers bound to a User Group @@ -593,23 +527,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the RADIUS Servers bound to a User Group - result = api_instance.graph_user_group_traverse_radius_server(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_radius_server(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_radius_server: #{e}" @@ -621,12 +549,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -638,13 +564,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_system** -> Array<GraphObjectWithPaths> graph_user_group_traverse_system(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_system(group_id, opts) List the Systems bound to a User Group @@ -663,23 +589,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Systems bound to a User Group - result = api_instance.graph_user_group_traverse_system(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_system(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_system: #{e}" @@ -691,12 +611,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -708,13 +626,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_system_group** -> Array<GraphObjectWithPaths> graph_user_group_traverse_system_group(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_system_group(group_id, opts) List the System Groups bound to User Groups @@ -733,23 +651,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupAssociationsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the System Groups bound to User Groups - result = api_instance.graph_user_group_traverse_system_group(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_system_group(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupAssociationsApi->graph_user_group_traverse_system_group: #{e}" @@ -761,12 +673,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -778,7 +688,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/UserGroupAttributes.md b/jcapiv2/docs/UserGroupAttributes.md deleted file mode 100644 index fb87113..0000000 --- a/jcapiv2/docs/UserGroupAttributes.md +++ /dev/null @@ -1,9 +0,0 @@ -# JCAPIv2::UserGroupAttributes - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**posix_groups** | [**Array<UserGroupAttributesPosixGroups>**](UserGroupAttributesPosixGroups.md) | | [optional] -**samba_enabled** | **BOOLEAN** | | [optional] - - diff --git a/jcapiv2/docs/UserGroupMembersMembershipApi.md b/jcapiv2/docs/UserGroupMembersMembershipApi.md index c6dd8a3..52dead2 100644 --- a/jcapiv2/docs/UserGroupMembersMembershipApi.md +++ b/jcapiv2/docs/UserGroupMembersMembershipApi.md @@ -4,86 +4,12 @@ All URIs are relative to *https://console.jumpcloud.com/api/v2* Method | HTTP request | Description ------------- | ------------- | ------------- -[**graph_user_group_member_of**](UserGroupMembersMembershipApi.md#graph_user_group_member_of) | **GET** /usergroups/{group_id}/memberof | List the User Group's parents [**graph_user_group_members_list**](UserGroupMembersMembershipApi.md#graph_user_group_members_list) | **GET** /usergroups/{group_id}/members | List the members of a User Group [**graph_user_group_members_post**](UserGroupMembersMembershipApi.md#graph_user_group_members_post) | **POST** /usergroups/{group_id}/members | Manage the members of a User Group -[**graph_user_group_membership**](UserGroupMembersMembershipApi.md#graph_user_group_membership) | **GET** /usergroups/{group_id}/membership | List the User Group's membership - - -# **graph_user_group_member_of** -> Array<GraphObjectWithPaths> graph_user_group_member_of(group_id, content_type, accept, opts) - -List the User Group's parents - -This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::UserGroupMembersMembershipApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | -} - -begin - #List the User Group's parents - result = api_instance.graph_user_group_member_of(group_id, content_type, accept, opts) - p result -rescue JCAPIv2::ApiError => e - puts "Exception when calling UserGroupMembersMembershipApi->graph_user_group_member_of: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] - -### Return type - -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - +[**graph_user_group_membership**](UserGroupMembersMembershipApi.md#graph_user_group_membership) | **GET** /usergroups/{group_id}/membership | List the User Group's membership # **graph_user_group_members_list** -> Array<GraphConnection> graph_user_group_members_list(group_id, content_type, accept, opts) +> Array<GraphConnection> graph_user_group_members_list(group_id, opts) List the members of a User Group @@ -102,22 +28,16 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupMembersMembershipApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the members of a User Group - result = api_instance.graph_user_group_members_list(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_members_list(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupMembersMembershipApi->graph_user_group_members_list: #{e}" @@ -129,11 +49,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -145,17 +63,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_members_post** -> graph_user_group_members_post(group_id, content_type, accept, opts) +> graph_user_group_members_post(group_id, opts) Manage the members of a User Group -This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` +This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` ### Example ```ruby @@ -170,21 +88,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupMembersMembershipApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { - body: JCAPIv2::UserGroupMembersReq.new, # UserGroupMembersReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationUserGroupMember.new # GraphOperationUserGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the members of a User Group - api_instance.graph_user_group_members_post(group_id, content_type, accept, opts) + api_instance.graph_user_group_members_post(group_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupMembersMembershipApi->graph_user_group_members_post: #{e}" end @@ -195,10 +107,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**UserGroupMembersReq**](UserGroupMembersReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationUserGroupMember**](GraphOperationUserGroupMember.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -211,12 +121,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_user_group_membership** -> Array<GraphObjectWithPaths> graph_user_group_membership(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_membership(group_id, opts) List the User Group's membership @@ -235,24 +145,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupMembersMembershipApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the User Group's membership - result = api_instance.graph_user_group_membership(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_membership(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupMembersMembershipApi->graph_user_group_membership: #{e}" @@ -264,13 +168,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -282,7 +184,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/UserGroupMembersReq.md b/jcapiv2/docs/UserGroupMembersReq.md deleted file mode 100644 index af2cf77..0000000 --- a/jcapiv2/docs/UserGroupMembersReq.md +++ /dev/null @@ -1,10 +0,0 @@ -# JCAPIv2::UserGroupMembersReq - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**id** | **String** | The ObjectID of member being added or removed. | -**op** | **String** | How to modify the membership connection. | -**type** | **String** | The member type. | - - diff --git a/jcapiv2/docs/UserGroupPost.md b/jcapiv2/docs/UserGroupPost.md index 840363b..eccb04d 100644 --- a/jcapiv2/docs/UserGroupPost.md +++ b/jcapiv2/docs/UserGroupPost.md @@ -3,7 +3,12 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**attributes** | [**UserGroupAttributes**](UserGroupAttributes.md) | | [optional] +**attributes** | [**GroupAttributesUserGroup**](GroupAttributesUserGroup.md) | | [optional] +**description** | **String** | Description of a User Group | [optional] +**email** | **String** | Email address of a User Group | [optional] +**member_query** | [**FilterQuery**](FilterQuery.md) | | [optional] +**member_query_exemptions** | [**Array<GraphObject>**](GraphObject.md) | Array of GraphObjects exempted from the query | [optional] +**member_suggestions_notify** | **BOOLEAN** | True if notification emails are to be sent for membership suggestions. | [optional] +**membership_method** | [**GroupMembershipMethodType**](GroupMembershipMethodType.md) | | [optional] **name** | **String** | Display name of a User Group. | - diff --git a/jcapiv2/docs/UserGroupPut.md b/jcapiv2/docs/UserGroupPut.md index 0c7775b..58efebc 100644 --- a/jcapiv2/docs/UserGroupPut.md +++ b/jcapiv2/docs/UserGroupPut.md @@ -3,7 +3,12 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**attributes** | [**UserGroupAttributes**](UserGroupAttributes.md) | | [optional] +**attributes** | [**GroupAttributesUserGroup**](GroupAttributesUserGroup.md) | | [optional] +**description** | **String** | Description of a User Group | [optional] +**email** | **String** | Email address of a User Group | [optional] +**member_query** | [**FilterQuery**](FilterQuery.md) | | [optional] +**member_query_exemptions** | [**Array<GraphObject>**](GraphObject.md) | Array of GraphObjects exempted from the query | [optional] +**member_suggestions_notify** | **BOOLEAN** | True if notification emails are to be sent for membership suggestions. | [optional] +**membership_method** | [**GroupMembershipMethodType**](GroupMembershipMethodType.md) | | [optional] **name** | **String** | Display name of a User Group. | - diff --git a/jcapiv2/docs/UserGroupsApi.md b/jcapiv2/docs/UserGroupsApi.md index 4da88e1..9e46a28 100644 --- a/jcapiv2/docs/UserGroupsApi.md +++ b/jcapiv2/docs/UserGroupsApi.md @@ -6,10 +6,9 @@ Method | HTTP request | Description ------------- | ------------- | ------------- [**graph_user_group_associations_list**](UserGroupsApi.md#graph_user_group_associations_list) | **GET** /usergroups/{group_id}/associations | List the associations of a User Group. [**graph_user_group_associations_post**](UserGroupsApi.md#graph_user_group_associations_post) | **POST** /usergroups/{group_id}/associations | Manage the associations of a User Group -[**graph_user_group_member_of**](UserGroupsApi.md#graph_user_group_member_of) | **GET** /usergroups/{group_id}/memberof | List the User Group's parents [**graph_user_group_members_list**](UserGroupsApi.md#graph_user_group_members_list) | **GET** /usergroups/{group_id}/members | List the members of a User Group [**graph_user_group_members_post**](UserGroupsApi.md#graph_user_group_members_post) | **POST** /usergroups/{group_id}/members | Manage the members of a User Group -[**graph_user_group_membership**](UserGroupsApi.md#graph_user_group_membership) | **GET** /usergroups/{group_id}/membership | List the User Group's membership +[**graph_user_group_membership**](UserGroupsApi.md#graph_user_group_membership) | **GET** /usergroups/{group_id}/membership | List the User Group's membership [**graph_user_group_traverse_active_directory**](UserGroupsApi.md#graph_user_group_traverse_active_directory) | **GET** /usergroups/{group_id}/activedirectories | List the Active Directories bound to a User Group [**graph_user_group_traverse_application**](UserGroupsApi.md#graph_user_group_traverse_application) | **GET** /usergroups/{group_id}/applications | List the Applications bound to a User Group [**graph_user_group_traverse_directory**](UserGroupsApi.md#graph_user_group_traverse_directory) | **GET** /usergroups/{group_id}/directories | List the Directories bound to a User Group @@ -22,13 +21,13 @@ Method | HTTP request | Description [**groups_user_delete**](UserGroupsApi.md#groups_user_delete) | **DELETE** /usergroups/{id} | Delete a User Group [**groups_user_get**](UserGroupsApi.md#groups_user_get) | **GET** /usergroups/{id} | View an individual User Group details [**groups_user_list**](UserGroupsApi.md#groups_user_list) | **GET** /usergroups | List all User Groups -[**groups_user_patch**](UserGroupsApi.md#groups_user_patch) | **PATCH** /usergroups/{id} | Partial update a User Group [**groups_user_post**](UserGroupsApi.md#groups_user_post) | **POST** /usergroups | Create a new User Group [**groups_user_put**](UserGroupsApi.md#groups_user_put) | **PUT** /usergroups/{id} | Update a User Group - +[**groups_user_suggestions_get**](UserGroupsApi.md#groups_user_suggestions_get) | **GET** /usergroups/{group_id}/suggestions | List Suggestions for a User Group +[**groups_user_suggestions_post**](UserGroupsApi.md#groups_user_suggestions_post) | **POST** /usergroups/{group_id}/suggestions | Apply Suggestions for a User Group # **graph_user_group_associations_list** -> Array<GraphConnection> graph_user_group_associations_list(group_id, content_type, accepttargets, opts) +> Array<GraphConnection> graph_user_group_associations_list(group_id, targets, opts) List the associations of a User Group. @@ -47,24 +46,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -targets = ["targets_example"] # Array | - +group_id = 'group_id_example' # String | ObjectID of the User Group. +targets = ['targets_example'] # Array | Targets which a \"user_group\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a User Group. - result = api_instance.graph_user_group_associations_list(group_id, content_type, accepttargets, opts) + result = api_instance.graph_user_group_associations_list(group_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_associations_list: #{e}" @@ -76,12 +68,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **targets** | [**Array<String>**](String.md)| | + **targets** | [**Array<String>**](String.md)| Targets which a \"user_group\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -93,17 +83,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_associations_post** -> graph_user_group_associations_post(group_id, content_type, accept, opts) +> graph_user_group_associations_post(group_id, opts) Manage the associations of a User Group -This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` +This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` ### Example ```ruby @@ -118,21 +108,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { - body: JCAPIv2::UserGroupGraphManagementReq.new, # UserGroupGraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationUserGroup.new # GraphOperationUserGroup | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a User Group - api_instance.graph_user_group_associations_post(group_id, content_type, accept, opts) + api_instance.graph_user_group_associations_post(group_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_associations_post: #{e}" end @@ -143,10 +127,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**UserGroupGraphManagementReq**](UserGroupGraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationUserGroup**](GraphOperationUserGroup.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -159,84 +141,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json - - - -# **graph_user_group_member_of** -> Array<GraphObjectWithPaths> graph_user_group_member_of(group_id, content_type, accept, opts) - -List the User Group's parents - -This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - limit: 10, # Integer | The number of records to return at once. Limited to 100. - skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | -} - -begin - #List the User Group's parents - result = api_instance.graph_user_group_member_of(group_id, content_type, accept, opts) - p result -rescue JCAPIv2::ApiError => e - puts "Exception when calling UserGroupsApi->graph_user_group_member_of: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] - -### Return type - -[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_user_group_members_list** -> Array<GraphConnection> graph_user_group_members_list(group_id, content_type, accept, opts) +> Array<GraphConnection> graph_user_group_members_list(group_id, opts) List the members of a User Group @@ -255,22 +165,16 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the members of a User Group - result = api_instance.graph_user_group_members_list(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_members_list(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_members_list: #{e}" @@ -282,11 +186,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -298,17 +200,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_members_post** -> graph_user_group_members_post(group_id, content_type, accept, opts) +> graph_user_group_members_post(group_id, opts) Manage the members of a User Group -This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` +This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` ### Example ```ruby @@ -323,21 +225,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { - body: JCAPIv2::UserGroupMembersReq.new, # UserGroupMembersReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationUserGroupMember.new # GraphOperationUserGroupMember | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the members of a User Group - api_instance.graph_user_group_members_post(group_id, content_type, accept, opts) + api_instance.graph_user_group_members_post(group_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_members_post: #{e}" end @@ -348,10 +244,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**UserGroupMembersReq**](UserGroupMembersReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationUserGroupMember**](GraphOperationUserGroupMember.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -364,12 +258,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_user_group_membership** -> Array<GraphObjectWithPaths> graph_user_group_membership(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_membership(group_id, opts) List the User Group's membership @@ -388,24 +282,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the User Group's membership - result = api_instance.graph_user_group_membership(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_membership(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_membership: #{e}" @@ -417,13 +305,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -435,13 +321,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_active_directory** -> Array<GraphObjectWithPaths> graph_user_group_traverse_active_directory(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_active_directory(group_id, opts) List the Active Directories bound to a User Group @@ -460,23 +346,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Active Directories bound to a User Group - result = api_instance.graph_user_group_traverse_active_directory(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_active_directory(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_traverse_active_directory: #{e}" @@ -488,12 +368,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -505,13 +383,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_application** -> Array<GraphObjectWithPaths> graph_user_group_traverse_application(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_application(group_id, opts) List the Applications bound to a User Group @@ -530,23 +408,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Applications bound to a User Group - result = api_instance.graph_user_group_traverse_application(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_application(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_traverse_application: #{e}" @@ -558,12 +430,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -575,13 +445,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_directory** -> Array<GraphObjectWithPaths> graph_user_group_traverse_directory(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_directory(group_id, opts) List the Directories bound to a User Group @@ -600,23 +470,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Directories bound to a User Group - result = api_instance.graph_user_group_traverse_directory(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_directory(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_traverse_directory: #{e}" @@ -628,12 +492,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -645,13 +507,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_g_suite** -> Array<GraphObjectWithPaths> graph_user_group_traverse_g_suite(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_g_suite(group_id, opts) List the G Suite instances bound to a User Group @@ -670,23 +532,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the G Suite instances bound to a User Group - result = api_instance.graph_user_group_traverse_g_suite(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_g_suite(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_traverse_g_suite: #{e}" @@ -698,12 +554,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -715,13 +569,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_ldap_server** -> Array<GraphObjectWithPaths> graph_user_group_traverse_ldap_server(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_ldap_server(group_id, opts) List the LDAP Servers bound to a User Group @@ -740,23 +594,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the LDAP Servers bound to a User Group - result = api_instance.graph_user_group_traverse_ldap_server(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_ldap_server(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_traverse_ldap_server: #{e}" @@ -768,12 +616,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -785,13 +631,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_office365** -> Array<GraphObjectWithPaths> graph_user_group_traverse_office365(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_office365(group_id, opts) List the Office 365 instances bound to a User Group @@ -810,23 +656,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Office 365 instances bound to a User Group - result = api_instance.graph_user_group_traverse_office365(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_office365(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_traverse_office365: #{e}" @@ -838,12 +678,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -855,13 +693,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_radius_server** -> Array<GraphObjectWithPaths> graph_user_group_traverse_radius_server(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_radius_server(group_id, opts) List the RADIUS Servers bound to a User Group @@ -880,23 +718,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the RADIUS Servers bound to a User Group - result = api_instance.graph_user_group_traverse_radius_server(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_radius_server(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_traverse_radius_server: #{e}" @@ -908,12 +740,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -925,13 +755,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_system** -> Array<GraphObjectWithPaths> graph_user_group_traverse_system(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_system(group_id, opts) List the Systems bound to a User Group @@ -950,23 +780,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Systems bound to a User Group - result = api_instance.graph_user_group_traverse_system(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_system(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_traverse_system: #{e}" @@ -978,12 +802,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -995,13 +817,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_group_traverse_system_group** -> Array<GraphObjectWithPaths> graph_user_group_traverse_system_group(group_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_group_traverse_system_group(group_id, opts) List the System Groups bound to User Groups @@ -1020,23 +842,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -group_id = "group_id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +group_id = 'group_id_example' # String | ObjectID of the User Group. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the System Groups bound to User Groups - result = api_instance.graph_user_group_traverse_system_group(group_id, content_type, accept, opts) + result = api_instance.graph_user_group_traverse_system_group(group_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->graph_user_group_traverse_system_group: #{e}" @@ -1048,12 +864,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **group_id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -1065,13 +879,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **groups_user_delete** -> groups_user_delete(id, content_type, accept, opts) +> UserGroup groups_user_delete(id, opts) Delete a User Group @@ -1090,20 +904,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -id = "id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the User Group. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Delete a User Group - api_instance.groups_user_delete(id, content_type, accept, opts) + result = api_instance.groups_user_delete(id, opts) + p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->groups_user_delete: #{e}" end @@ -1114,13 +923,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -nil (empty response body) +[**UserGroup**](UserGroup.md) ### Authorization @@ -1128,13 +935,13 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **groups_user_get** -> UserGroup groups_user_get(id, content_type, accept, opts) +> UserGroup groups_user_get(id, opts) View an individual User Group details @@ -1153,20 +960,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -id = "id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the User Group. opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #View an individual User Group details - result = api_instance.groups_user_get(id, content_type, accept, opts) + result = api_instance.groups_user_get(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->groups_user_get: #{e}" @@ -1178,9 +979,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1192,17 +991,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **groups_user_list** -> Array<UserGroup> groups_user_list(content_type, accept, opts) +> Array<UserGroup> groups_user_list(opts) List all User Groups -This endpoint returns all User Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint returns all User Groups. Available filter fields: - `name` - `disabled` - `type` - `suggestionCounts.add` - `suggestionCounts.remove` - `suggestionCounts.total` - `attributes.sudo.enabled` - `attributes.sudo.withoutPassword` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -1217,23 +1016,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List all User Groups - result = api_instance.groups_user_list(content_type, accept, opts) + result = api_instance.groups_user_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UserGroupsApi->groups_user_list: #{e}" @@ -1244,14 +1038,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1263,17 +1055,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **groups_user_patch** -> UserGroup groups_user_patch(id, content_type, accept, opts) +# **groups_user_post** +> UserGroup groups_user_post(opts) -Partial update a User Group +Create a new User Group -We have hidden PATCH on the systemgroups and usergroups for now; we don't have that implemented correctly yet, people should use PUT until we do a true PATCH operation. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{id} ``` +This endpoint allows you to create a new User Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` ### Example ```ruby @@ -1288,24 +1080,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -id = "id_example" # String | ObjectID of the User Group. - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - body: JCAPIv2::UserGroupPost.new, # UserGroupPost | - x_org_id: "" # String | + body: JCAPIv2::UserGroupPost.new # UserGroupPost | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Partial update a User Group - result = api_instance.groups_user_patch(id, content_type, accept, opts) + #Create a new User Group + result = api_instance.groups_user_post(opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling UserGroupsApi->groups_user_patch: #{e}" + puts "Exception when calling UserGroupsApi->groups_user_post: #{e}" end ``` @@ -1313,11 +1098,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**UserGroupPost**](UserGroupPost.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1334,12 +1116,12 @@ Name | Type | Description | Notes -# **groups_user_post** -> UserGroup groups_user_post(content_type, accept, opts) +# **groups_user_put** +> UserGroup groups_user_put(id, opts) -Create a new User Group +Update a User Group -This endpoint allows you to create a new User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` +This endpoint allows you to do a full update of the User Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"group_update\" }' ``` ### Example ```ruby @@ -1354,22 +1136,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | ObjectID of the User Group. opts = { - body: JCAPIv2::UserGroupPost.new, # UserGroupPost | - x_org_id: "" # String | + body: JCAPIv2::UserGroupPut.new # UserGroupPut | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Create a new User Group - result = api_instance.groups_user_post(content_type, accept, opts) + #Update a User Group + result = api_instance.groups_user_put(id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling UserGroupsApi->groups_user_post: #{e}" + puts "Exception when calling UserGroupsApi->groups_user_put: #{e}" end ``` @@ -1377,10 +1155,9 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**UserGroupPost**](UserGroupPost.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **id** | **String**| ObjectID of the User Group. | + **body** | [**UserGroupPut**](UserGroupPut.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -1397,12 +1174,12 @@ Name | Type | Description | Notes -# **groups_user_put** -> UserGroup groups_user_put(id, content_type, accept, opts) +# **groups_user_suggestions_get** +> Array<MemberSuggestion> groups_user_suggestions_get(group_id, opts) -Update a User Group +List Suggestions for a User Group -This endpoint allows you to do a full update of the User Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY' \\ -d '{ \"name\": \"group_update\" }' ``` +This endpoint returns available suggestions for a given group #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -1417,24 +1194,78 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UserGroupsApi.new +group_id = 'group_id_example' # String | ID of the group +opts = { + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + limit: 10, # Integer | The number of records to return at once. Limited to 100. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List Suggestions for a User Group + result = api_instance.groups_user_suggestions_get(group_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UserGroupsApi->groups_user_suggestions_get: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **group_id** | **String**| ID of the group | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] + +### Return type + +[**Array<MemberSuggestion>**](MemberSuggestion.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json -id = "id_example" # String | ObjectID of the User Group. -content_type = "application/json" # String | -accept = "application/json" # String | +# **groups_user_suggestions_post** +> Array<MemberSuggestionsPostResult> groups_user_suggestions_post(bodygroup_id, opts) +Apply Suggestions for a User Group + +This endpoint applies the suggestions for the specified user group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"user_ids\": [\"212345678901234567890123\", \"123456789012345678901234\"] }' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UserGroupsApi.new +body = JCAPIv2::GroupIdSuggestionsBody1.new # GroupIdSuggestionsBody1 | +group_id = 'group_id_example' # String | ID of the group opts = { - body: JCAPIv2::UserGroupPut.new, # UserGroupPut | - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Update a User Group - result = api_instance.groups_user_put(id, content_type, accept, opts) + #Apply Suggestions for a User Group + result = api_instance.groups_user_suggestions_post(bodygroup_id, opts) p result rescue JCAPIv2::ApiError => e - puts "Exception when calling UserGroupsApi->groups_user_put: #{e}" + puts "Exception when calling UserGroupsApi->groups_user_suggestions_post: #{e}" end ``` @@ -1442,15 +1273,13 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **id** | **String**| ObjectID of the User Group. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**UserGroupPut**](UserGroupPut.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GroupIdSuggestionsBody1**](GroupIdSuggestionsBody1.md)| | + **group_id** | **String**| ID of the group | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -[**UserGroup**](UserGroup.md) +[**Array<MemberSuggestionsPostResult>**](MemberSuggestionsPostResult.md) ### Authorization diff --git a/jcapiv2/docs/UsersApi.md b/jcapiv2/docs/UsersApi.md index 5a86110..baf1337 100644 --- a/jcapiv2/docs/UsersApi.md +++ b/jcapiv2/docs/UsersApi.md @@ -7,6 +7,7 @@ Method | HTTP request | Description [**graph_user_associations_list**](UsersApi.md#graph_user_associations_list) | **GET** /users/{user_id}/associations | List the associations of a User [**graph_user_associations_post**](UsersApi.md#graph_user_associations_post) | **POST** /users/{user_id}/associations | Manage the associations of a User [**graph_user_member_of**](UsersApi.md#graph_user_member_of) | **GET** /users/{user_id}/memberof | List the parent Groups of a User +[**graph_user_traverse_active_directory**](UsersApi.md#graph_user_traverse_active_directory) | **GET** /users/{user_id}/activedirectories | List the Active Directory instances bound to a User [**graph_user_traverse_application**](UsersApi.md#graph_user_traverse_application) | **GET** /users/{user_id}/applications | List the Applications bound to a User [**graph_user_traverse_directory**](UsersApi.md#graph_user_traverse_directory) | **GET** /users/{user_id}/directories | List the Directories bound to a User [**graph_user_traverse_g_suite**](UsersApi.md#graph_user_traverse_g_suite) | **GET** /users/{user_id}/gsuites | List the G Suite instances bound to a User @@ -15,11 +16,13 @@ Method | HTTP request | Description [**graph_user_traverse_radius_server**](UsersApi.md#graph_user_traverse_radius_server) | **GET** /users/{user_id}/radiusservers | List the RADIUS Servers bound to a User [**graph_user_traverse_system**](UsersApi.md#graph_user_traverse_system) | **GET** /users/{user_id}/systems | List the Systems bound to a User [**graph_user_traverse_system_group**](UsersApi.md#graph_user_traverse_system_group) | **GET** /users/{user_id}/systemgroups | List the System Groups bound to a User -[**users_send_emails**](UsersApi.md#users_send_emails) | **POST** /users/{user_id}/emails | Send User Emails - +[**push_endpoints_delete**](UsersApi.md#push_endpoints_delete) | **DELETE** /users/{user_id}/pushendpoints/{push_endpoint_id} | Delete a Push Endpoint associated with a User +[**push_endpoints_get**](UsersApi.md#push_endpoints_get) | **GET** /users/{user_id}/pushendpoints/{push_endpoint_id} | Get a push endpoint associated with a User +[**push_endpoints_list**](UsersApi.md#push_endpoints_list) | **GET** /users/{user_id}/pushendpoints | List Push Endpoints associated with a User +[**push_endpoints_patch**](UsersApi.md#push_endpoints_patch) | **PATCH** /users/{user_id}/pushendpoints/{push_endpoint_id} | Update a push endpoint associated with a User # **graph_user_associations_list** -> Array<GraphConnection> graph_user_associations_list(user_id, content_type, accepttargets, opts) +> Array<GraphConnection> graph_user_associations_list(user_id, targets, opts) List the associations of a User @@ -38,24 +41,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - -targets = ["targets_example"] # Array | - +user_id = 'user_id_example' # String | ObjectID of the User. +targets = ['targets_example'] # Array | Targets which a \"user\" can be associated to. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the associations of a User - result = api_instance.graph_user_associations_list(user_id, content_type, accepttargets, opts) + result = api_instance.graph_user_associations_list(user_id, targets, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_associations_list: #{e}" @@ -67,12 +63,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **targets** | [**Array<String>**](String.md)| | + **targets** | [**Array<String>**](String.md)| Targets which a \"user\" can be associated to. | **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -84,17 +78,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_associations_post** -> graph_user_associations_post(user_id, content_type, accept, opts) +> graph_user_associations_post(user_id, opts) Manage the associations of a User -This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' +This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' ``` ### Example ```ruby @@ -109,21 +103,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { - body: JCAPIv2::UserGraphManagementReq.new, # UserGraphManagementReq | - x_org_id: "" # String | + body: JCAPIv2::GraphOperationUser.new # GraphOperationUser | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Manage the associations of a User - api_instance.graph_user_associations_post(user_id, content_type, accept, opts) + api_instance.graph_user_associations_post(user_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_associations_post: #{e}" end @@ -134,10 +122,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**UserGraphManagementReq**](UserGraphManagementReq.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **body** | [**GraphOperationUser**](GraphOperationUser.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -150,12 +136,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **graph_user_member_of** -> Array<GraphObjectWithPaths> graph_user_member_of(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_member_of(user_id, opts) List the parent Groups of a User @@ -174,24 +160,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List the parent Groups of a User - result = api_instance.graph_user_member_of(user_id, content_type, accept, opts) + result = api_instance.graph_user_member_of(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_member_of: #{e}" @@ -203,13 +183,11 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -221,17 +199,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **graph_user_traverse_application** -> Array<GraphObjectWithPaths> graph_user_traverse_application(user_id, content_type, accept, opts) +# **graph_user_traverse_active_directory** +> Array<GraphObjectWithPaths> graph_user_traverse_active_directory(user_id, opts) -List the Applications bound to a User +List the Active Directory instances bound to a User -This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` +This endpoint will return all Active Directory Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Active Directory instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` ### Example ```ruby @@ -246,23 +224,79 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. +opts = { + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + limit: 10, # Integer | The number of records to return at once. Limited to 100. + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. + skip: 0 # Integer | The offset into the records to return. +} + +begin + #List the Active Directory instances bound to a User + result = api_instance.graph_user_traverse_active_directory(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->graph_user_traverse_active_directory: #{e}" +end +``` -user_id = "user_id_example" # String | ObjectID of the User. +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **user_id** | **String**| ObjectID of the User. | + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] -content_type = "application/json" # String | +### Return type -accept = "application/json" # String | +[**Array<GraphObjectWithPaths>**](GraphObjectWithPaths.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **graph_user_traverse_application** +> Array<GraphObjectWithPaths> graph_user_traverse_application(user_id, opts) + +List the Applications bound to a User + +This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Applications bound to a User - result = api_instance.graph_user_traverse_application(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_application(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_traverse_application: #{e}" @@ -274,12 +308,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -291,13 +323,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_directory** -> Array<GraphObjectWithPaths> graph_user_traverse_directory(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_directory(user_id, opts) List the Directories bound to a User @@ -316,23 +348,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Directories bound to a User - result = api_instance.graph_user_traverse_directory(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_directory(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_traverse_directory: #{e}" @@ -344,12 +370,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -361,13 +385,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_g_suite** -> Array<GraphObjectWithPaths> graph_user_traverse_g_suite(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_g_suite(user_id, opts) List the G Suite instances bound to a User @@ -386,23 +410,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the G Suite instances bound to a User - result = api_instance.graph_user_traverse_g_suite(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_g_suite(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_traverse_g_suite: #{e}" @@ -414,12 +432,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -431,13 +447,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_ldap_server** -> Array<GraphObjectWithPaths> graph_user_traverse_ldap_server(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_ldap_server(user_id, opts) List the LDAP servers bound to a User @@ -456,23 +472,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the LDAP servers bound to a User - result = api_instance.graph_user_traverse_ldap_server(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_ldap_server(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_traverse_ldap_server: #{e}" @@ -484,12 +494,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -501,13 +509,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_office365** -> Array<GraphObjectWithPaths> graph_user_traverse_office365(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_office365(user_id, opts) List the Office 365 instances bound to a User @@ -526,23 +534,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Office 365 instances bound to a User - result = api_instance.graph_user_traverse_office365(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_office365(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_traverse_office365: #{e}" @@ -554,12 +556,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -571,13 +571,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_radius_server** -> Array<GraphObjectWithPaths> graph_user_traverse_radius_server(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_radius_server(user_id, opts) List the RADIUS Servers bound to a User @@ -596,23 +596,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the RADIUS Servers bound to a User - result = api_instance.graph_user_traverse_radius_server(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_radius_server(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_traverse_radius_server: #{e}" @@ -624,12 +618,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -641,13 +633,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_system** -> Array<GraphObjectWithPaths> graph_user_traverse_system(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_system(user_id, opts) List the Systems bound to a User @@ -666,23 +658,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the Systems bound to a User - result = api_instance.graph_user_traverse_system(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_system(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_traverse_system: #{e}" @@ -694,12 +680,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -711,13 +695,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **graph_user_traverse_system_group** -> Array<GraphObjectWithPaths> graph_user_traverse_system_group(user_id, content_type, accept, opts) +> Array<GraphObjectWithPaths> graph_user_traverse_system_group(user_id, opts) List the System Groups bound to a User @@ -736,23 +720,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new - -user_id = "user_id_example" # String | ObjectID of the User. - -content_type = "application/json" # String | - -accept = "application/json" # String | - +user_id = 'user_id_example' # String | ObjectID of the User. opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. - x_org_id: "" # String | + x_org_id: 'x_org_id_example', # String | Organization identifier that can be obtained from console settings. skip: 0, # Integer | The offset into the records to return. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + filter: ['filter_example'] # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` } begin #List the System Groups bound to a User - result = api_instance.graph_user_traverse_system_group(user_id, content_type, accept, opts) + result = api_instance.graph_user_traverse_system_group(user_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling UsersApi->graph_user_traverse_system_group: #{e}" @@ -764,12 +742,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] ### Return type @@ -781,17 +757,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json -# **users_send_emails** -> users_send_emails(user_id, content_type, accept, opts) +# **push_endpoints_delete** +> PushEndpointResponse push_endpoints_delete(user_id, push_endpoint_id, opts) -Send User Emails +Delete a Push Endpoint associated with a User -This endpoint allows you to send a specific email to a user without waiting for or triggering a workflow. +This endpoint will delete a push endpoint associated with a user. ### Example ```ruby @@ -806,23 +782,76 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | +push_endpoint_id = 'push_endpoint_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Delete a Push Endpoint associated with a User + result = api_instance.push_endpoints_delete(user_id, push_endpoint_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->push_endpoints_delete: #{e}" +end +``` -user_id = "user_id_example" # String | ObjectID of the User. +### Parameters -content_type = "application/json" # String | +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **user_id** | **String**| | + **push_endpoint_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type -accept = "application/json" # String | +[**PushEndpointResponse**](PushEndpointResponse.md) +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **push_endpoints_get** +> PushEndpointResponse push_endpoints_get(user_id, push_endpoint_id, opts) + +Get a push endpoint associated with a User + +This endpoint will retrieve a push endpoint associated with a user. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | +push_endpoint_id = 'push_endpoint_id_example' # String | opts = { - body: JCAPIv2::Emailrequest.new, # Emailrequest | - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin - #Send User Emails - api_instance.users_send_emails(user_id, content_type, accept, opts) + #Get a push endpoint associated with a User + result = api_instance.push_endpoints_get(user_id, push_endpoint_id, opts) + p result rescue JCAPIv2::ApiError => e - puts "Exception when calling UsersApi->users_send_emails: #{e}" + puts "Exception when calling UsersApi->push_endpoints_get: #{e}" end ``` @@ -830,15 +859,129 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **user_id** | **String**| ObjectID of the User. | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **body** | [**Emailrequest**](Emailrequest.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **user_id** | **String**| | + **push_endpoint_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -nil (empty response body) +[**PushEndpointResponse**](PushEndpointResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **push_endpoints_list** +> Array<PushEndpointResponse> push_endpoints_list(user_id, opts) + +List Push Endpoints associated with a User + +This endpoint returns the list of push endpoints associated with a user. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/pushendpoints \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: ${API_KEY}' ``` + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | +opts = { + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #List Push Endpoints associated with a User + result = api_instance.push_endpoints_list(user_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->push_endpoints_list: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **user_id** | **String**| | + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**Array<PushEndpointResponse>**](PushEndpointResponse.md) + +### Authorization + +[x-api-key](../README.md#x-api-key) + +### HTTP request headers + + - **Content-Type**: Not defined + - **Accept**: application/json + + + +# **push_endpoints_patch** +> PushEndpointResponse push_endpoints_patch(user_idpush_endpoint_id, opts) + +Update a push endpoint associated with a User + +This endpoint will update a push endpoint associated with a user. + +### Example +```ruby +# load the gem +require 'jcapiv2' +# setup authorization +JCAPIv2.configure do |config| + # Configure API key authorization: x-api-key + config.api_key['x-api-key'] = 'YOUR API KEY' + # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) + #config.api_key_prefix['x-api-key'] = 'Bearer' +end + +api_instance = JCAPIv2::UsersApi.new +user_id = 'user_id_example' # String | +push_endpoint_id = 'push_endpoint_id_example' # String | +opts = { + body: JCAPIv2::PushendpointsPushEndpointIdBody.new # PushendpointsPushEndpointIdBody | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. +} + +begin + #Update a push endpoint associated with a User + result = api_instance.push_endpoints_patch(user_idpush_endpoint_id, opts) + p result +rescue JCAPIv2::ApiError => e + puts "Exception when calling UsersApi->push_endpoints_patch: #{e}" +end +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **user_id** | **String**| | + **push_endpoint_id** | **String**| | + **body** | [**PushendpointsPushEndpointIdBody**](PushendpointsPushEndpointIdBody.md)| | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] + +### Return type + +[**PushEndpointResponse**](PushEndpointResponse.md) ### Authorization diff --git a/jcapiv2/docs/WorkdayFields.md b/jcapiv2/docs/WorkdayFields.md index 930dd75..5b4519e 100644 --- a/jcapiv2/docs/WorkdayFields.md +++ b/jcapiv2/docs/WorkdayFields.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **name** | **String** | | [optional] **report_url** | **String** | | [optional] - diff --git a/jcapiv2/docs/WorkdayImportApi.md b/jcapiv2/docs/WorkdayImportApi.md index a46418d..7140ff5 100644 --- a/jcapiv2/docs/WorkdayImportApi.md +++ b/jcapiv2/docs/WorkdayImportApi.md @@ -6,19 +6,16 @@ Method | HTTP request | Description ------------- | ------------- | ------------- [**workdays_authorize**](WorkdayImportApi.md#workdays_authorize) | **POST** /workdays/{workday_id}/auth | Authorize Workday [**workdays_deauthorize**](WorkdayImportApi.md#workdays_deauthorize) | **DELETE** /workdays/{workday_id}/auth | Deauthorize Workday -[**workdays_delete**](WorkdayImportApi.md#workdays_delete) | **DELETE** /workdays/{id} | Delete Workday [**workdays_get**](WorkdayImportApi.md#workdays_get) | **GET** /workdays/{id} | Get Workday [**workdays_import**](WorkdayImportApi.md#workdays_import) | **POST** /workdays/{workday_id}/import | Workday Import [**workdays_importresults**](WorkdayImportApi.md#workdays_importresults) | **GET** /workdays/{id}/import/{job_id}/results | List Import Results [**workdays_list**](WorkdayImportApi.md#workdays_list) | **GET** /workdays | List Workdays [**workdays_post**](WorkdayImportApi.md#workdays_post) | **POST** /workdays | Create new Workday [**workdays_put**](WorkdayImportApi.md#workdays_put) | **PUT** /workdays/{id} | Update Workday -[**workdays_settings**](WorkdayImportApi.md#workdays_settings) | **GET** /workdays/settings | Get Workday Settings (incomplete) [**workdays_workers**](WorkdayImportApi.md#workdays_workers) | **GET** /workdays/{workday_id}/workers | List Workday Workers - # **workdays_authorize** -> workdays_authorize(workday_id, content_type, accept, opts) +> workdays_authorize(workday_id, opts) Authorize Workday @@ -37,21 +34,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::WorkdayImportApi.new - -workday_id = "workday_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +workday_id = 'workday_id_example' # String | opts = { - body: JCAPIv2::AuthInputObject.new, # AuthInputObject | - x_org_id: "" # String | + body: JCAPIv2::AuthInputObject.new # AuthInputObject | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Authorize Workday - api_instance.workdays_authorize(workday_id, content_type, accept, opts) + api_instance.workdays_authorize(workday_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling WorkdayImportApi->workdays_authorize: #{e}" end @@ -62,10 +53,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **workday_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**AuthInputObject**](AuthInputObject.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -78,12 +67,12 @@ nil (empty response body) ### HTTP request headers - **Content-Type**: application/json - - **Accept**: application/json + - **Accept**: Not defined # **workdays_deauthorize** -> workdays_deauthorize(workday_id, content_type, accept, opts) +> workdays_deauthorize(workday_id, opts) Deauthorize Workday @@ -102,20 +91,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::WorkdayImportApi.new - -workday_id = "workday_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +workday_id = 'workday_id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Deauthorize Workday - api_instance.workdays_deauthorize(workday_id, content_type, accept, opts) + api_instance.workdays_deauthorize(workday_id, opts) rescue JCAPIv2::ApiError => e puts "Exception when calling WorkdayImportApi->workdays_deauthorize: #{e}" end @@ -126,9 +109,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **workday_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -140,77 +121,13 @@ nil (empty response body) ### HTTP request headers - - **Content-Type**: application/json - - **Accept**: application/json - - - -# **workdays_delete** -> Object workdays_delete(id, content_type, accept, opts) - -Delete Workday - -This endpoint allows you to delete an instance of Workday. **This functionality is currently not enable for users.** - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::WorkdayImportApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - -opts = { - x_org_id: "" # String | -} - -begin - #Delete Workday - result = api_instance.workdays_delete(id, content_type, accept, opts) - p result -rescue JCAPIv2::ApiError => e - puts "Exception when calling WorkdayImportApi->workdays_delete: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] - -### Return type - -**Object** - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json + - **Content-Type**: Not defined + - **Accept**: Not defined # **workdays_get** -> WorkdayOutput workdays_get(id, content_type, accept, opts) +> WorkdayOutput workdays_get(id, opts) Get Workday @@ -229,20 +146,14 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::WorkdayImportApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Get Workday - result = api_instance.workdays_get(id, content_type, accept, opts) + result = api_instance.workdays_get(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling WorkdayImportApi->workdays_get: #{e}" @@ -254,9 +165,7 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -268,13 +177,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **workdays_import** -> JobId workdays_import(workday_id, content_type, accept, opts) +> JobId workdays_import(workday_id, opts) Workday Import @@ -293,21 +202,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::WorkdayImportApi.new - -workday_id = "workday_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +workday_id = 'workday_id_example' # String | opts = { - body: [JCAPIv2::BulkUserCreate.new], # Array | - x_org_id: "" # String | + body: [JCAPIv2::BulkUserCreate.new] # Array | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Workday Import - result = api_instance.workdays_import(workday_id, content_type, accept, opts) + result = api_instance.workdays_import(workday_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling WorkdayImportApi->workdays_import: #{e}" @@ -319,10 +222,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **workday_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**Array<BulkUserCreate>**](BulkUserCreate.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -340,7 +241,7 @@ Name | Type | Description | Notes # **workdays_importresults** -> Array<JobWorkresult> workdays_importresults(id, job_id, content_type, accept, opts) +> Array<JobWorkresult> workdays_importresults(id, job_id, opts) List Import Results @@ -359,24 +260,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::WorkdayImportApi.new - -id = "id_example" # String | - -job_id = "job_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | +job_id = 'job_id_example' # String | opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - x_org_id: "" # String | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List Import Results - result = api_instance.workdays_importresults(id, job_id, content_type, accept, opts) + result = api_instance.workdays_importresults(id, job_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling WorkdayImportApi->workdays_importresults: #{e}" @@ -389,11 +283,9 @@ Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | **job_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -405,13 +297,13 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **workdays_list** -> Array<WorkdayOutput> workdays_list(content_type, accept, opts) +> Array<WorkdayOutput> workdays_list(opts) List Workdays @@ -430,23 +322,18 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::WorkdayImportApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - fields: ["fields_example"], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + fields: ['fields_example'], # Array | The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - filter: ["filter_example"], # Array | Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + filter: ['filter_example'], # Array | A filter to apply to the query. **Filter structure**: `::`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List Workdays - result = api_instance.workdays_list(content_type, accept, opts) + result = api_instance.workdays_list(opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling WorkdayImportApi->workdays_list: #{e}" @@ -457,14 +344,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **fields** | [**Array<String>**](String.md)| The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. | [optional] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **filter** | [**Array<String>**](String.md)| Supported operators are: eq, ne, gt, ge, lt, le, between, search, in | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **filter** | [**Array<String>**](String.md)| A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` | [optional] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -476,17 +361,17 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json # **workdays_post** -> workdays_post(content_type, accept, opts) +> WorkdayOutput workdays_post(opts) Create new Workday -This endpoint allows you to create a new workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. Currently, only one instance is allowed and it must be `Workday Import`. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Workday2\", \"reportUrl\":\"https://workday.com/ccx/service/customreport2/gms/user/reportname?format=json\", \"auth\": { \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` +This endpoint allows you to create a new workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. Currently, only one instance is allowed and it must be `Workday Import`. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Workday2\", \"reportUrl\":\"https://workday.com/ccx/service/customreport2/gms/user/reportname?format=json\", \"auth\": { \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` ### Example ```ruby @@ -501,19 +386,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::WorkdayImportApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - opts = { - body: JCAPIv2::WorkdayInput.new, # WorkdayInput | - x_org_id: "" # String | + body: JCAPIv2::WorkdayInput.new # WorkdayInput | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Create new Workday - api_instance.workdays_post(content_type, accept, opts) + result = api_instance.workdays_post(opts) + p result rescue JCAPIv2::ApiError => e puts "Exception when calling WorkdayImportApi->workdays_post: #{e}" end @@ -523,14 +404,12 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**WorkdayInput**](WorkdayInput.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type -nil (empty response body) +[**WorkdayOutput**](WorkdayOutput.md) ### Authorization @@ -544,7 +423,7 @@ nil (empty response body) # **workdays_put** -> WorkdayOutput workdays_put(id, content_type, accept, opts) +> WorkdayOutput workdays_put(id, opts) Update Workday @@ -563,21 +442,15 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::WorkdayImportApi.new - -id = "id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +id = 'id_example' # String | opts = { - body: JCAPIv2::WorkdayFields.new, # WorkdayFields | - x_org_id: "" # String | + body: JCAPIv2::WorkdayFields.new # WorkdayFields | + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #Update Workday - result = api_instance.workdays_put(id, content_type, accept, opts) + result = api_instance.workdays_put(id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling WorkdayImportApi->workdays_put: #{e}" @@ -589,10 +462,8 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **body** | [**WorkdayFields**](WorkdayFields.md)| | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -609,70 +480,8 @@ Name | Type | Description | Notes -# **workdays_settings** -> workdays_settings(content_type, accept, opts) - -Get Workday Settings (incomplete) - -This endpoint allows you to obtain all settings needed for creating a workday instance, specifically the URL to initiate Basic Authentication with WorkDay. **This functionality is currently not enable for users.** - -### Example -```ruby -# load the gem -require 'jcapiv2' -# setup authorization -JCAPIv2.configure do |config| - # Configure API key authorization: x-api-key - config.api_key['x-api-key'] = 'YOUR API KEY' - # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil) - #config.api_key_prefix['x-api-key'] = 'Bearer' -end - -api_instance = JCAPIv2::WorkdayImportApi.new - -content_type = "application/json" # String | - -accept = "application/json" # String | - -opts = { - state: "state_example", # String | - x_org_id: "" # String | -} - -begin - #Get Workday Settings (incomplete) - api_instance.workdays_settings(content_type, accept, opts) -rescue JCAPIv2::ApiError => e - puts "Exception when calling WorkdayImportApi->workdays_settings: #{e}" -end -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] - **state** | **String**| | [optional] - **x_org_id** | **String**| | [optional] [default to ] - -### Return type - -nil (empty response body) - -### Authorization - -[x-api-key](../README.md#x-api-key) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - - # **workdays_workers** -> Array<WorkdayWorker> workdays_workers(workday_id, content_type, accept, opts) +> Array<WorkdayWorker> workdays_workers(workday_id, opts) List Workday Workers @@ -691,23 +500,17 @@ JCAPIv2.configure do |config| end api_instance = JCAPIv2::WorkdayImportApi.new - -workday_id = "workday_id_example" # String | - -content_type = "application/json" # String | - -accept = "application/json" # String | - +workday_id = 'workday_id_example' # String | opts = { limit: 10, # Integer | The number of records to return at once. Limited to 100. skip: 0, # Integer | The offset into the records to return. - sort: ["sort_example"], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - x_org_id: "" # String | + sort: ['sort_example'], # Array | The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + x_org_id: 'x_org_id_example' # String | Organization identifier that can be obtained from console settings. } begin #List Workday Workers - result = api_instance.workdays_workers(workday_id, content_type, accept, opts) + result = api_instance.workdays_workers(workday_id, opts) p result rescue JCAPIv2::ApiError => e puts "Exception when calling WorkdayImportApi->workdays_workers: #{e}" @@ -719,12 +522,10 @@ end Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **workday_id** | **String**| | - **content_type** | **String**| | [default to application/json] - **accept** | **String**| | [default to application/json] **limit** | **Integer**| The number of records to return at once. Limited to 100. | [optional] [default to 10] **skip** | **Integer**| The offset into the records to return. | [optional] [default to 0] **sort** | [**Array<String>**](String.md)| The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. | [optional] - **x_org_id** | **String**| | [optional] [default to ] + **x_org_id** | **String**| Organization identifier that can be obtained from console settings. | [optional] ### Return type @@ -736,7 +537,7 @@ Name | Type | Description | Notes ### HTTP request headers - - **Content-Type**: application/json + - **Content-Type**: Not defined - **Accept**: application/json diff --git a/jcapiv2/docs/WorkdayInput.md b/jcapiv2/docs/WorkdayInput.md index 619011c..dc037c4 100644 --- a/jcapiv2/docs/WorkdayInput.md +++ b/jcapiv2/docs/WorkdayInput.md @@ -7,4 +7,3 @@ Name | Type | Description | Notes **name** | **String** | | [optional] **report_url** | **String** | | [optional] - diff --git a/jcapiv2/docs/WorkdayOutput.md b/jcapiv2/docs/WorkdayOutput.md index 3e912c9..97154d9 100644 --- a/jcapiv2/docs/WorkdayOutput.md +++ b/jcapiv2/docs/WorkdayOutput.md @@ -9,4 +9,3 @@ Name | Type | Description | Notes **name** | **String** | | [optional] **report_url** | **String** | | [optional] - diff --git a/jcapiv2/docs/WorkdayWorker.md b/jcapiv2/docs/WorkdayWorker.md index 752e4b0..5bffe9b 100644 --- a/jcapiv2/docs/WorkdayWorker.md +++ b/jcapiv2/docs/WorkdayWorker.md @@ -9,4 +9,3 @@ Name | Type | Description | Notes **last_name** | **String** | | [optional] **username** | **String** | | [optional] - diff --git a/jcapiv2/docs/WorkdayoutputAuth.md b/jcapiv2/docs/WorkdayoutputAuth.md index 216aa26..e1e4c92 100644 --- a/jcapiv2/docs/WorkdayoutputAuth.md +++ b/jcapiv2/docs/WorkdayoutputAuth.md @@ -6,4 +6,3 @@ Name | Type | Description | Notes **basic** | [**AuthInfo**](AuthInfo.md) | | [optional] **oauth** | [**AuthInfo**](AuthInfo.md) | | [optional] - diff --git a/jcapiv2/jcapiv2.gemspec b/jcapiv2/jcapiv2.gemspec index 31e0276..db076ef 100644 --- a/jcapiv2/jcapiv2.gemspec +++ b/jcapiv2/jcapiv2.gemspec @@ -1,15 +1,14 @@ # -*- encoding: utf-8 -*- -# + =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end $:.push File.expand_path("../lib", __FILE__) @@ -20,26 +19,19 @@ Gem::Specification.new do |s| s.version = JCAPIv2::VERSION s.platform = Gem::Platform::RUBY s.authors = ["Swagger-Codegen"] - s.email = [""] + s.email = ["support@jumpcloud.com"] s.homepage = "https://github.com/swagger-api/swagger-codegen" - s.summary = "JumpCloud APIs Ruby Gem" - s.description = " JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph." - # TODO uncommnet and update below with a proper license - #s.license = "Apache 2.0" + s.summary = "JumpCloud API Ruby Gem" + s.description = "# Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) " + s.license = "Unlicense" s.required_ruby_version = ">= 1.9" s.add_runtime_dependency 'typhoeus', '~> 1.0', '>= 1.0.1' s.add_runtime_dependency 'json', '~> 2.1', '>= 2.1.0' s.add_development_dependency 'rspec', '~> 3.6', '>= 3.6.0' - s.add_development_dependency 'vcr', '~> 3.0', '>= 3.0.1' - s.add_development_dependency 'webmock', '~> 1.24', '>= 1.24.3' - s.add_development_dependency 'autotest', '~> 4.4', '>= 4.4.6' - s.add_development_dependency 'autotest-rails-pure', '~> 4.1', '>= 4.1.2' - s.add_development_dependency 'autotest-growl', '~> 0.2', '>= 0.2.16' - s.add_development_dependency 'autotest-fsevent', '~> 0.2', '>= 0.2.12' - - s.files = `find *`.split("\n").uniq.sort.select{|f| !f.empty? } + + s.files = `find *`.split("\n").uniq.sort.select { |f| !f.empty? } s.test_files = `find spec/*`.split("\n") s.executables = [] s.require_paths = ["lib"] diff --git a/jcapiv2/lib/jcapiv2.rb b/jcapiv2/lib/jcapiv2.rb index 614a114..0101559 100644 --- a/jcapiv2/lib/jcapiv2.rb +++ b/jcapiv2/lib/jcapiv2.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end # Common files @@ -17,66 +16,298 @@ require 'jcapiv2/configuration' # Models -require 'jcapiv2/models/active_directory_agent_get_output' -require 'jcapiv2/models/active_directory_agent_input' -require 'jcapiv2/models/active_directory_agent_list_output' -require 'jcapiv2/models/active_directory_input' +require 'jcapiv2/models/ade' +require 'jcapiv2/models/ades' +require 'jcapiv2/models/active_directory' +require 'jcapiv2/models/active_directory_agent' +require 'jcapiv2/models/active_directory_agent_get' +require 'jcapiv2/models/active_directory_agent_list' +require 'jcapiv2/models/address' require 'jcapiv2/models/administrator' +require 'jcapiv2/models/administrator_organization_link' +require 'jcapiv2/models/administrator_organization_link_req' +require 'jcapiv2/models/all_of_autotask_ticketing_alert_configuration_list_records_items' +require 'jcapiv2/models/all_of_connect_wise_ticketing_alert_configuration_list_records_items' +require 'jcapiv2/models/all_of_pwm_all_users_results_items' +require 'jcapiv2/models/all_of_pwm_items_metadata_results_items' +require 'jcapiv2/models/all_of_syncro_ticketing_alert_configuration_list_records_items' +require 'jcapiv2/models/any_value' require 'jcapiv2/models/apple_mdm' -require 'jcapiv2/models/apple_mdm_patch_input' +require 'jcapiv2/models/apple_mdm_device' +require 'jcapiv2/models/apple_mdm_device_info' +require 'jcapiv2/models/apple_mdm_device_security_info' +require 'jcapiv2/models/apple_mdm_patch' +require 'jcapiv2/models/apple_mdm_public_key_cert' +require 'jcapiv2/models/apple_mdm_signed_csr_plist' +require 'jcapiv2/models/application_id_logo_body' +require 'jcapiv2/models/apps' +require 'jcapiv2/models/apps_inner' require 'jcapiv2/models/auth_info' require 'jcapiv2/models/auth_input' require 'jcapiv2/models/auth_input_object' require 'jcapiv2/models/authinput_basic' require 'jcapiv2/models/authinput_oauth' -require 'jcapiv2/models/body' -require 'jcapiv2/models/body_1' -require 'jcapiv2/models/body_2' -require 'jcapiv2/models/body_3' +require 'jcapiv2/models/authn_policy' +require 'jcapiv2/models/authn_policy_effect' +require 'jcapiv2/models/authn_policy_obligations' +require 'jcapiv2/models/authn_policy_obligations_external_identity_provider' +require 'jcapiv2/models/authn_policy_obligations_mfa' +require 'jcapiv2/models/authn_policy_obligations_user_verification' +require 'jcapiv2/models/authn_policy_resource_target' +require 'jcapiv2/models/authn_policy_targets' +require 'jcapiv2/models/authn_policy_type' +require 'jcapiv2/models/authn_policy_user_attribute_filter' +require 'jcapiv2/models/authn_policy_user_attribute_target' +require 'jcapiv2/models/authn_policy_user_group_target' +require 'jcapiv2/models/authn_policy_user_target' +require 'jcapiv2/models/autotask_company' +require 'jcapiv2/models/autotask_company_resp' +require 'jcapiv2/models/autotask_company_type_resp' +require 'jcapiv2/models/autotask_contract' +require 'jcapiv2/models/autotask_contract_field' +require 'jcapiv2/models/autotask_contract_field_values' +require 'jcapiv2/models/autotask_integration' +require 'jcapiv2/models/autotask_integration_patch_req' +require 'jcapiv2/models/autotask_integration_req' +require 'jcapiv2/models/autotask_mapping_request' +require 'jcapiv2/models/autotask_mapping_request_company' +require 'jcapiv2/models/autotask_mapping_request_contract' +require 'jcapiv2/models/autotask_mapping_request_data' +require 'jcapiv2/models/autotask_mapping_request_organization' +require 'jcapiv2/models/autotask_mapping_request_service' +require 'jcapiv2/models/autotask_mapping_response' +require 'jcapiv2/models/autotask_mapping_response_company' +require 'jcapiv2/models/autotask_mapping_response_contract' +require 'jcapiv2/models/autotask_mapping_response_organization' +require 'jcapiv2/models/autotask_mapping_response_service' +require 'jcapiv2/models/autotask_service' +require 'jcapiv2/models/autotask_settings' +require 'jcapiv2/models/autotask_settings_patch_req' +require 'jcapiv2/models/autotask_ticketing_alert_configuration' +require 'jcapiv2/models/autotask_ticketing_alert_configuration_list' +require 'jcapiv2/models/autotask_ticketing_alert_configuration_option' +require 'jcapiv2/models/autotask_ticketing_alert_configuration_option_values' +require 'jcapiv2/models/autotask_ticketing_alert_configuration_options' +require 'jcapiv2/models/autotask_ticketing_alert_configuration_priority' +require 'jcapiv2/models/autotask_ticketing_alert_configuration_request' +require 'jcapiv2/models/autotask_ticketing_alert_configuration_resource' +require 'jcapiv2/models/billing_integration_company_type' +require 'jcapiv2/models/bulk_scheduled_statechange_create' require 'jcapiv2/models/bulk_user_create' +require 'jcapiv2/models/bulk_user_expire' +require 'jcapiv2/models/bulk_user_unlock' require 'jcapiv2/models/bulk_user_update' +require 'jcapiv2/models/cases_response' +require 'jcapiv2/models/command_result_list' +require 'jcapiv2/models/command_result_list_results' +require 'jcapiv2/models/commands_graph_object_with_paths' +require 'jcapiv2/models/configured_policy_template' +require 'jcapiv2/models/configured_policy_template_value' +require 'jcapiv2/models/connect_wise_mapping_request' +require 'jcapiv2/models/connect_wise_mapping_request_company' +require 'jcapiv2/models/connect_wise_mapping_request_data' +require 'jcapiv2/models/connect_wise_mapping_request_organization' +require 'jcapiv2/models/connect_wise_mapping_response' +require 'jcapiv2/models/connect_wise_mapping_response_addition' +require 'jcapiv2/models/connect_wise_settings' +require 'jcapiv2/models/connect_wise_settings_patch_req' +require 'jcapiv2/models/connect_wise_ticketing_alert_configuration' +require 'jcapiv2/models/connect_wise_ticketing_alert_configuration_list' +require 'jcapiv2/models/connect_wise_ticketing_alert_configuration_option' +require 'jcapiv2/models/connect_wise_ticketing_alert_configuration_options' +require 'jcapiv2/models/connect_wise_ticketing_alert_configuration_request' +require 'jcapiv2/models/connectwise_addition' +require 'jcapiv2/models/connectwise_agreement' +require 'jcapiv2/models/connectwise_company' +require 'jcapiv2/models/connectwise_company_resp' +require 'jcapiv2/models/connectwise_company_type_resp' +require 'jcapiv2/models/connectwise_integration' +require 'jcapiv2/models/connectwise_integration_patch_req' +require 'jcapiv2/models/connectwise_integration_req' +require 'jcapiv2/models/create_organization' +require 'jcapiv2/models/custom_email' +require 'jcapiv2/models/custom_email_template' +require 'jcapiv2/models/custom_email_template_field' +require 'jcapiv2/models/custom_email_type' +require 'jcapiv2/models/dep' +require 'jcapiv2/models/dep_setup_assistant_option' +require 'jcapiv2/models/dep_welcome_screen' +require 'jcapiv2/models/default_domain' +require 'jcapiv2/models/device_id_erase_body' +require 'jcapiv2/models/device_id_lock_body' +require 'jcapiv2/models/device_id_resetpassword_body' +require 'jcapiv2/models/device_id_restart_body' +require 'jcapiv2/models/device_package_v1_device' +require 'jcapiv2/models/device_package_v1_list_devices_response' +require 'jcapiv2/models/devices_get_sign_in_with_jump_cloud_settings_response' +require 'jcapiv2/models/devices_set_sign_in_with_jump_cloud_settings_request' +require 'jcapiv2/models/devices_sign_in_with_jump_cloud_setting' +require 'jcapiv2/models/devices_sign_in_with_jump_cloud_setting_os_family' +require 'jcapiv2/models/devices_sign_in_with_jump_cloud_setting_permission' require 'jcapiv2/models/directory' +require 'jcapiv2/models/directory_default_domain' require 'jcapiv2/models/duo_account' require 'jcapiv2/models/duo_application' require 'jcapiv2/models/duo_application_req' require 'jcapiv2/models/duo_application_update_req' -require 'jcapiv2/models/duo_registration_application' -require 'jcapiv2/models/duo_registration_application_req' -require 'jcapiv2/models/emailrequest' -require 'jcapiv2/models/enrollment_profile' +require 'jcapiv2/models/enterprises_enterprise_id_body' require 'jcapiv2/models/error' -require 'jcapiv2/models/errorresponse' +require 'jcapiv2/models/error_details' +require 'jcapiv2/models/feature' +require 'jcapiv2/models/feature_trial_data' +require 'jcapiv2/models/filter' +require 'jcapiv2/models/filter_query' require 'jcapiv2/models/g_suite_builtin_translation' +require 'jcapiv2/models/g_suite_direction_translation' require 'jcapiv2/models/g_suite_translation_rule' require 'jcapiv2/models/g_suite_translation_rule_request' +require 'jcapiv2/models/google_protobuf_any' +require 'jcapiv2/models/google_rpc_status' +require 'jcapiv2/models/graph_attribute_ldap_groups' +require 'jcapiv2/models/graph_attribute_posix_groups' +require 'jcapiv2/models/graph_attribute_posix_groups_posix_groups' +require 'jcapiv2/models/graph_attribute_radius' +require 'jcapiv2/models/graph_attribute_radius_radius' +require 'jcapiv2/models/graph_attribute_radius_radius_reply' +require 'jcapiv2/models/graph_attribute_samba_enabled' +require 'jcapiv2/models/graph_attribute_sudo' +require 'jcapiv2/models/graph_attribute_sudo_sudo' +require 'jcapiv2/models/graph_attributes' require 'jcapiv2/models/graph_connection' -require 'jcapiv2/models/graph_management_req' require 'jcapiv2/models/graph_object' require 'jcapiv2/models/graph_object_with_paths' +require 'jcapiv2/models/graph_operation' +require 'jcapiv2/models/graph_operation_active_directory' +require 'jcapiv2/models/graph_operation_application' +require 'jcapiv2/models/graph_operation_command' +require 'jcapiv2/models/graph_operation_g_suite' +require 'jcapiv2/models/graph_operation_ldap_server' +require 'jcapiv2/models/graph_operation_office365' +require 'jcapiv2/models/graph_operation_policy' +require 'jcapiv2/models/graph_operation_policy_group' +require 'jcapiv2/models/graph_operation_policy_group_member' +require 'jcapiv2/models/graph_operation_radius_server' +require 'jcapiv2/models/graph_operation_software_app' +require 'jcapiv2/models/graph_operation_system' +require 'jcapiv2/models/graph_operation_system_group' +require 'jcapiv2/models/graph_operation_system_group_member' +require 'jcapiv2/models/graph_operation_user' +require 'jcapiv2/models/graph_operation_user_group' +require 'jcapiv2/models/graph_operation_user_group_member' require 'jcapiv2/models/graph_type' require 'jcapiv2/models/group' +require 'jcapiv2/models/group_attributes_user_group' +require 'jcapiv2/models/group_id_suggestions_body' +require 'jcapiv2/models/group_id_suggestions_body_1' +require 'jcapiv2/models/group_membership_method_type' +require 'jcapiv2/models/group_pwm' require 'jcapiv2/models/group_type' -require 'jcapiv2/models/gsuite_output' -require 'jcapiv2/models/gsuite_patch_input' +require 'jcapiv2/models/groups' +require 'jcapiv2/models/groups_inner' +require 'jcapiv2/models/gsuite' +require 'jcapiv2/models/ip_list' +require 'jcapiv2/models/ip_list_request' +require 'jcapiv2/models/import_operation' +require 'jcapiv2/models/import_user' +require 'jcapiv2/models/import_user_address' +require 'jcapiv2/models/import_user_phone_number' +require 'jcapiv2/models/import_users_request' +require 'jcapiv2/models/import_users_response' require 'jcapiv2/models/inline_response_200' require 'jcapiv2/models/inline_response_200_1' +require 'jcapiv2/models/inline_response_200_10' +require 'jcapiv2/models/inline_response_200_11' +require 'jcapiv2/models/inline_response_200_12' +require 'jcapiv2/models/inline_response_200_12_users' +require 'jcapiv2/models/inline_response_200_13' +require 'jcapiv2/models/inline_response_200_14' +require 'jcapiv2/models/inline_response_200_15' +require 'jcapiv2/models/inline_response_200_2' +require 'jcapiv2/models/inline_response_200_2_users' +require 'jcapiv2/models/inline_response_200_3' +require 'jcapiv2/models/inline_response_200_4' +require 'jcapiv2/models/inline_response_200_5' +require 'jcapiv2/models/inline_response_200_6' +require 'jcapiv2/models/inline_response_200_7' +require 'jcapiv2/models/inline_response_200_8' +require 'jcapiv2/models/inline_response_200_9' require 'jcapiv2/models/inline_response_201' require 'jcapiv2/models/inline_response_400' -require 'jcapiv2/models/jc_enrollment_profile' -require 'jcapiv2/models/job_details' +require 'jcapiv2/models/install_action_type' +require 'jcapiv2/models/integration' +require 'jcapiv2/models/integration_sync_error' +require 'jcapiv2/models/integration_sync_error_resp' +require 'jcapiv2/models/integration_type' +require 'jcapiv2/models/integrations_response' require 'jcapiv2/models/job_id' require 'jcapiv2/models/job_workresult' +require 'jcapiv2/models/jumpcloud_gapps_domain' +require 'jcapiv2/models/jumpcloud_gapps_domain_list_response' +require 'jcapiv2/models/jumpcloud_gapps_domain_response' +require 'jcapiv2/models/jumpcloud_google_emm_allow_personal_usage' +require 'jcapiv2/models/jumpcloud_google_emm_command_response' +require 'jcapiv2/models/jumpcloud_google_emm_common_criteria_mode_info' +require 'jcapiv2/models/jumpcloud_google_emm_connection_status' +require 'jcapiv2/models/jumpcloud_google_emm_create_enrollment_token_request' +require 'jcapiv2/models/jumpcloud_google_emm_create_enrollment_token_response' +require 'jcapiv2/models/jumpcloud_google_emm_create_enterprise_request' +require 'jcapiv2/models/jumpcloud_google_emm_create_web_token_request' +require 'jcapiv2/models/jumpcloud_google_emm_device' +require 'jcapiv2/models/jumpcloud_google_emm_device_android_policy' +require 'jcapiv2/models/jumpcloud_google_emm_device_data' +require 'jcapiv2/models/jumpcloud_google_emm_device_information' +require 'jcapiv2/models/jumpcloud_google_emm_device_settings' +require 'jcapiv2/models/jumpcloud_google_emm_device_state_info' +require 'jcapiv2/models/jumpcloud_google_emm_emm_enrollment_info' +require 'jcapiv2/models/jumpcloud_google_emm_enterprise' +require 'jcapiv2/models/jumpcloud_google_emm_feature' +require 'jcapiv2/models/jumpcloud_google_emm_hardware_info' +require 'jcapiv2/models/jumpcloud_google_emm_list_devices_response' +require 'jcapiv2/models/jumpcloud_google_emm_list_enterprises_response' +require 'jcapiv2/models/jumpcloud_google_emm_memory_info' +require 'jcapiv2/models/jumpcloud_google_emm_network_info' +require 'jcapiv2/models/jumpcloud_google_emm_security_posture' +require 'jcapiv2/models/jumpcloud_google_emm_signup_url' +require 'jcapiv2/models/jumpcloud_google_emm_software_info' +require 'jcapiv2/models/jumpcloud_google_emm_system_update_info' +require 'jcapiv2/models/jumpcloud_google_emm_telephony_info' +require 'jcapiv2/models/jumpcloud_google_emm_web_token' +require 'jcapiv2/models/jumpcloud_msp_get_details_response' +require 'jcapiv2/models/jumpcloud_msp_product' +require 'jcapiv2/models/jumpcloud_package_validator_apple_package_details' +require 'jcapiv2/models/jumpcloud_package_validator_validate_application_install_package_request' +require 'jcapiv2/models/jumpcloud_package_validator_validate_application_install_package_response' +require 'jcapiv2/models/ldap_group' +require 'jcapiv2/models/ldap_server' require 'jcapiv2/models/ldap_server_action' -require 'jcapiv2/models/ldap_server_input' -require 'jcapiv2/models/mfa' +require 'jcapiv2/models/ldapservers_id_body' +require 'jcapiv2/models/member_suggestion' +require 'jcapiv2/models/member_suggestions_post_result' require 'jcapiv2/models/mobileconfig' -require 'jcapiv2/models/oauth_code_input' +require 'jcapiv2/models/model_case' +require 'jcapiv2/models/o365_domain' +require 'jcapiv2/models/o365_domain_response' +require 'jcapiv2/models/o365_domains_list_response' +require 'jcapiv2/models/os_restriction' +require 'jcapiv2/models/os_restriction_apple_restrictions' +require 'jcapiv2/models/object_storage_item' +require 'jcapiv2/models/object_storage_version' +require 'jcapiv2/models/office365' require 'jcapiv2/models/office365_builtin_translation' +require 'jcapiv2/models/office365_direction_translation' +require 'jcapiv2/models/office365_id_domains_body' require 'jcapiv2/models/office365_translation_rule' require 'jcapiv2/models/office365_translation_rule_request' -require 'jcapiv2/models/org_crypto_settings' -require 'jcapiv2/models/orgcryptosettings_ssh_keys' +require 'jcapiv2/models/organization' +require 'jcapiv2/models/passwords_security' +require 'jcapiv2/models/phone_number' require 'jcapiv2/models/policy' +require 'jcapiv2/models/policy_group' +require 'jcapiv2/models/policy_group_data' +require 'jcapiv2/models/policy_group_template' +require 'jcapiv2/models/policy_group_template_member' +require 'jcapiv2/models/policy_group_template_members' +require 'jcapiv2/models/policy_group_templates' require 'jcapiv2/models/policy_request' require 'jcapiv2/models/policy_request_template' require 'jcapiv2/models/policy_result' @@ -89,97 +320,198 @@ require 'jcapiv2/models/policy_with_details' require 'jcapiv2/models/provider' require 'jcapiv2/models/provider_admin_req' -require 'jcapiv2/models/provider_contact' -require 'jcapiv2/models/salesforce_knowledge_list_output' -require 'jcapiv2/models/salesforceknowledgelistoutput_inner' -require 'jcapiv2/models/samba_domain_input' -require 'jcapiv2/models/sshkeylist' -require 'jcapiv2/models/system_graph_management_req' -require 'jcapiv2/models/system_graph_management_req_attributes' -require 'jcapiv2/models/system_graph_management_req_attributes_sudo' +require 'jcapiv2/models/provider_invoice' +require 'jcapiv2/models/provider_invoice_response' +require 'jcapiv2/models/push_endpoint_response' +require 'jcapiv2/models/push_endpoint_response_device' +require 'jcapiv2/models/pushendpoints_push_endpoint_id_body' +require 'jcapiv2/models/pwm_all_users' +require 'jcapiv2/models/pwm_cloud_backup_restores' +require 'jcapiv2/models/pwm_item_history' +require 'jcapiv2/models/pwm_items_count_by_type' +require 'jcapiv2/models/pwm_items_metadata' +require 'jcapiv2/models/pwm_overview_app_versions' +require 'jcapiv2/models/pwm_overview_app_versions_results' +require 'jcapiv2/models/pwm_overview_main' +require 'jcapiv2/models/pwm_overview_main_devices' +require 'jcapiv2/models/pwm_user' +require 'jcapiv2/models/pwm_user_by_id' +require 'jcapiv2/models/pwm_user_item' +require 'jcapiv2/models/pwm_user_items' +require 'jcapiv2/models/pwm_user_shared_folders' +require 'jcapiv2/models/pwm_user_shared_folders_results' +require 'jcapiv2/models/query' +require 'jcapiv2/models/queued_command_list' +require 'jcapiv2/models/queued_command_list_results' +require 'jcapiv2/models/samba_domain' +require 'jcapiv2/models/schedule_os_update' +require 'jcapiv2/models/scheduled_userstate_result' +require 'jcapiv2/models/setup_assistant_option' +require 'jcapiv2/models/shared_folder' +require 'jcapiv2/models/shared_folder_access_levels' +require 'jcapiv2/models/shared_folder_access_levels_results' +require 'jcapiv2/models/shared_folder_details' +require 'jcapiv2/models/shared_folder_groups' +require 'jcapiv2/models/shared_folder_users' +require 'jcapiv2/models/shared_folder_users_results' +require 'jcapiv2/models/shared_folders_list' +require 'jcapiv2/models/software_app' +require 'jcapiv2/models/software_app_apple_vpp' +require 'jcapiv2/models/software_app_create' +require 'jcapiv2/models/software_app_google_android' +require 'jcapiv2/models/software_app_permission_grants' +require 'jcapiv2/models/software_app_reclaim_licenses' +require 'jcapiv2/models/software_app_settings' +require 'jcapiv2/models/software_app_status' +require 'jcapiv2/models/software_app_with_status' +require 'jcapiv2/models/software_apps_retry_installation_request' +require 'jcapiv2/models/subscription' +require 'jcapiv2/models/suggestion_counts' +require 'jcapiv2/models/syncro_billing_mapping_configuration_option' +require 'jcapiv2/models/syncro_billing_mapping_configuration_option_value' +require 'jcapiv2/models/syncro_billing_mapping_configuration_option_value_line' +require 'jcapiv2/models/syncro_billing_mapping_configuration_options_resp' +require 'jcapiv2/models/syncro_company' +require 'jcapiv2/models/syncro_company_resp' +require 'jcapiv2/models/syncro_integration' +require 'jcapiv2/models/syncro_integration_patch_req' +require 'jcapiv2/models/syncro_integration_req' +require 'jcapiv2/models/syncro_mapping_request' +require 'jcapiv2/models/syncro_mapping_request_billing_configurations' +require 'jcapiv2/models/syncro_mapping_request_billing_configurations_fields' +require 'jcapiv2/models/syncro_mapping_request_billing_configurations_fields_line_item_id' +require 'jcapiv2/models/syncro_mapping_request_billing_configurations_fields_line_item_name' +require 'jcapiv2/models/syncro_mapping_request_data' +require 'jcapiv2/models/syncro_mapping_response' +require 'jcapiv2/models/syncro_settings' +require 'jcapiv2/models/syncro_settings_patch_req' +require 'jcapiv2/models/syncro_ticketing_alert_configuration' +require 'jcapiv2/models/syncro_ticketing_alert_configuration_list' +require 'jcapiv2/models/syncro_ticketing_alert_configuration_option' +require 'jcapiv2/models/syncro_ticketing_alert_configuration_options' +require 'jcapiv2/models/syncro_ticketing_alert_configuration_request' require 'jcapiv2/models/system_group' -require 'jcapiv2/models/system_group_data' -require 'jcapiv2/models/system_group_graph_management_req' -require 'jcapiv2/models/system_group_members_req' +require 'jcapiv2/models/system_group_post' +require 'jcapiv2/models/system_group_put' +require 'jcapiv2/models/system_insights_alf' +require 'jcapiv2/models/system_insights_alf_exceptions' +require 'jcapiv2/models/system_insights_alf_explicit_auths' +require 'jcapiv2/models/system_insights_appcompat_shims' require 'jcapiv2/models/system_insights_apps' +require 'jcapiv2/models/system_insights_authorized_keys' +require 'jcapiv2/models/system_insights_azure_instance_metadata' +require 'jcapiv2/models/system_insights_azure_instance_tags' require 'jcapiv2/models/system_insights_battery' require 'jcapiv2/models/system_insights_bitlocker_info' require 'jcapiv2/models/system_insights_browser_plugins' +require 'jcapiv2/models/system_insights_certificates' +require 'jcapiv2/models/system_insights_chassis_info' require 'jcapiv2/models/system_insights_chrome_extensions' +require 'jcapiv2/models/system_insights_connectivity' require 'jcapiv2/models/system_insights_crashes' +require 'jcapiv2/models/system_insights_cups_destinations' require 'jcapiv2/models/system_insights_disk_encryption' require 'jcapiv2/models/system_insights_disk_info' +require 'jcapiv2/models/system_insights_dns_resolvers' require 'jcapiv2/models/system_insights_etc_hosts' require 'jcapiv2/models/system_insights_firefox_addons' require 'jcapiv2/models/system_insights_groups' require 'jcapiv2/models/system_insights_ie_extensions' require 'jcapiv2/models/system_insights_interface_addresses' +require 'jcapiv2/models/system_insights_interface_details' require 'jcapiv2/models/system_insights_kernel_info' require 'jcapiv2/models/system_insights_launchd' +require 'jcapiv2/models/system_insights_linux_packages' require 'jcapiv2/models/system_insights_logged_in_users' -require 'jcapiv2/models/system_insights_logical_drvies' +require 'jcapiv2/models/system_insights_logical_drives' +require 'jcapiv2/models/system_insights_managed_policies' require 'jcapiv2/models/system_insights_mounts' require 'jcapiv2/models/system_insights_os_version' require 'jcapiv2/models/system_insights_patches' require 'jcapiv2/models/system_insights_programs' +require 'jcapiv2/models/system_insights_python_packages' require 'jcapiv2/models/system_insights_safari_extensions' +require 'jcapiv2/models/system_insights_scheduled_tasks' +require 'jcapiv2/models/system_insights_secureboot' +require 'jcapiv2/models/system_insights_services' +require 'jcapiv2/models/system_insights_shadow' +require 'jcapiv2/models/system_insights_shared_folders' +require 'jcapiv2/models/system_insights_shared_resources' +require 'jcapiv2/models/system_insights_sharing_preferences' +require 'jcapiv2/models/system_insights_sip_config' +require 'jcapiv2/models/system_insights_startup_items' require 'jcapiv2/models/system_insights_system_controls' require 'jcapiv2/models/system_insights_system_info' +require 'jcapiv2/models/system_insights_tpm_info' require 'jcapiv2/models/system_insights_uptime' require 'jcapiv2/models/system_insights_usb_devices' require 'jcapiv2/models/system_insights_user_groups' +require 'jcapiv2/models/system_insights_user_ssh_keys' +require 'jcapiv2/models/system_insights_userassist' require 'jcapiv2/models/system_insights_users' -require 'jcapiv2/models/system_insights_windows_crashes' +require 'jcapiv2/models/system_insights_wifi_networks' +require 'jcapiv2/models/system_insights_wifi_status' +require 'jcapiv2/models/system_insights_windows_security_center' +require 'jcapiv2/models/system_insights_windows_security_products' require 'jcapiv2/models/systemfdekey' -require 'jcapiv2/models/systemuser' -require 'jcapiv2/models/systemuserputpost' -require 'jcapiv2/models/systemuserputpost_addresses' -require 'jcapiv2/models/systemuserputpost_phone_numbers' -require 'jcapiv2/models/user_graph_management_req' +require 'jcapiv2/models/ticketing_integration_alert' +require 'jcapiv2/models/ticketing_integration_alerts_resp' +require 'jcapiv2/models/user' require 'jcapiv2/models/user_group' -require 'jcapiv2/models/user_group_attributes' -require 'jcapiv2/models/user_group_attributes_posix_groups' -require 'jcapiv2/models/user_group_graph_management_req' -require 'jcapiv2/models/user_group_members_req' require 'jcapiv2/models/user_group_post' require 'jcapiv2/models/user_group_put' require 'jcapiv2/models/workday_fields' require 'jcapiv2/models/workday_input' require 'jcapiv2/models/workday_output' -require 'jcapiv2/models/workday_request' require 'jcapiv2/models/workday_worker' require 'jcapiv2/models/workdayoutput_auth' -require 'jcapiv2/models/active_directory_output' -require 'jcapiv2/models/ldap_server_output' -require 'jcapiv2/models/samba_domain_output' # APIs require 'jcapiv2/api/active_directory_api' +require 'jcapiv2/api/administrators_api' require 'jcapiv2/api/apple_mdm_api' require 'jcapiv2/api/applications_api' +require 'jcapiv2/api/authentication_policies_api' require 'jcapiv2/api/bulk_job_requests_api' +require 'jcapiv2/api/command_results_api' require 'jcapiv2/api/commands_api' -require 'jcapiv2/api/default_api' +require 'jcapiv2/api/custom_emails_api' require 'jcapiv2/api/directories_api' require 'jcapiv2/api/duo_api' require 'jcapiv2/api/fde_api' +require 'jcapiv2/api/feature_trials_api' require 'jcapiv2/api/g_suite_api' +require 'jcapiv2/api/g_suite_import_api' +require 'jcapiv2/api/google_emm_api' require 'jcapiv2/api/graph_api' require 'jcapiv2/api/groups_api' -require 'jcapiv2/api/knowledge_api' +require 'jcapiv2/api/ip_lists_api' +require 'jcapiv2/api/image_api' require 'jcapiv2/api/ldap_servers_api' +require 'jcapiv2/api/logos_api' +require 'jcapiv2/api/managed_service_provider_api' require 'jcapiv2/api/office365_api' +require 'jcapiv2/api/office365_import_api' require 'jcapiv2/api/organizations_api' +require 'jcapiv2/api/password_manager_api' require 'jcapiv2/api/policies_api' +require 'jcapiv2/api/policy_group_associations_api' +require 'jcapiv2/api/policy_group_members_membership_api' +require 'jcapiv2/api/policy_group_templates_api' +require 'jcapiv2/api/policy_groups_api' require 'jcapiv2/api/policytemplates_api' require 'jcapiv2/api/providers_api' require 'jcapiv2/api/radius_servers_api' +require 'jcapiv2/api/scim_import_api' require 'jcapiv2/api/samba_domains_api' +require 'jcapiv2/api/software_apps_api' +require 'jcapiv2/api/subscriptions_api' require 'jcapiv2/api/system_group_associations_api' require 'jcapiv2/api/system_group_members_membership_api' require 'jcapiv2/api/system_groups_api' require 'jcapiv2/api/system_insights_api' require 'jcapiv2/api/systems_api' +require 'jcapiv2/api/systems_organization_settings_api' require 'jcapiv2/api/user_group_associations_api' require 'jcapiv2/api/user_group_members_membership_api' require 'jcapiv2/api/user_groups_api' diff --git a/jcapiv2/lib/jcapiv2/api/active_directory_api.rb b/jcapiv2/lib/jcapiv2/api/active_directory_api.rb index dd1ee24..665fbac 100644 --- a/jcapiv2/lib/jcapiv2/api/active_directory_api.rb +++ b/jcapiv2/lib/jcapiv2/api/active_directory_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class ActiveDirectoryApi attr_accessor :api_client @@ -19,33 +16,28 @@ class ActiveDirectoryApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Delete Active Directory Agent - # + # This endpoint deletes an Active Directory agent. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id # @param agent_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def activedirectories_agents_delete(activedirectory_id, agent_id, content_type, accept, opts = {}) - activedirectories_agents_delete_with_http_info(activedirectory_id, agent_id, content_type, accept, opts) - return nil + def activedirectories_agents_delete(activedirectory_id, agent_id, opts = {}) + activedirectories_agents_delete_with_http_info(activedirectory_id, agent_id, opts) + nil end # Delete Active Directory Agent - # + # This endpoint deletes an Active Directory agent. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id # @param agent_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def activedirectories_agents_delete_with_http_info(activedirectory_id, agent_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def activedirectories_agents_delete_with_http_info(activedirectory_id, agent_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.activedirectories_agents_delete ..." + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.activedirectories_agents_delete ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? @@ -55,74 +47,60 @@ def activedirectories_agents_delete_with_http_info(activedirectory_id, agent_id, if @api_client.config.client_side_validation && agent_id.nil? fail ArgumentError, "Missing the required parameter 'agent_id' when calling ActiveDirectoryApi.activedirectories_agents_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.activedirectories_agents_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.activedirectories_agents_delete" - end # resource path - local_var_path = "/activedirectories/{activedirectory_id}/agents/{agent_id}".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s).sub('{' + 'agent_id' + '}', agent_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/agents/{agent_id}'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s).sub('{' + 'agent_id' + '}', agent_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept + header_params = opts[:header_params] || {} header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = [] + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#activedirectories_agents_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get Active Directory Agent - # This endpoint returns a specific active directory agent. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns an Active Directory agent. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id # @param agent_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [ActiveDirectoryAgentListOutput] - def activedirectories_agents_get(activedirectory_id, agent_id, content_type, accept, opts = {}) - data, _status_code, _headers = activedirectories_agents_get_with_http_info(activedirectory_id, agent_id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [ActiveDirectoryAgentList] + def activedirectories_agents_get(activedirectory_id, agent_id, opts = {}) + data, _status_code, _headers = activedirectories_agents_get_with_http_info(activedirectory_id, agent_id, opts) + data end # Get Active Directory Agent - # This endpoint returns a specific active directory agent. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns an Active Directory agent. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id # @param agent_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(ActiveDirectoryAgentListOutput, Fixnum, Hash)>] ActiveDirectoryAgentListOutput data, response status code and response headers - def activedirectories_agents_get_with_http_info(activedirectory_id, agent_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(ActiveDirectoryAgentList, Integer, Hash)>] ActiveDirectoryAgentList data, response status code and response headers + def activedirectories_agents_get_with_http_info(activedirectory_id, agent_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.activedirectories_agents_get ..." + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.activedirectories_agents_get ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? @@ -132,401 +110,323 @@ def activedirectories_agents_get_with_http_info(activedirectory_id, agent_id, co if @api_client.config.client_side_validation && agent_id.nil? fail ArgumentError, "Missing the required parameter 'agent_id' when calling ActiveDirectoryApi.activedirectories_agents_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.activedirectories_agents_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.activedirectories_agents_get" - end # resource path - local_var_path = "/activedirectories/{activedirectory_id}/agents/{agent_id}".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s).sub('{' + 'agent_id' + '}', agent_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/agents/{agent_id}'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s).sub('{' + 'agent_id' + '}', agent_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = [] + post_body = opts[:body] + + return_type = opts[:return_type] || 'ActiveDirectoryAgentList' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'ActiveDirectoryAgentListOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#activedirectories_agents_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List Active Directory Agents # This endpoint allows you to list all your Active Directory Agents for a given Instance. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def activedirectories_agents_list(activedirectory_id, content_type, accept, opts = {}) - data, _status_code, _headers = activedirectories_agents_list_with_http_info(activedirectory_id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def activedirectories_agents_list(activedirectory_id, opts = {}) + data, _status_code, _headers = activedirectories_agents_list_with_http_info(activedirectory_id, opts) + data end # List Active Directory Agents - # This endpoint allows you to list all your Active Directory Agents for a given Instance. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to list all your Active Directory Agents for a given Instance. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def activedirectories_agents_list_with_http_info(activedirectory_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def activedirectories_agents_list_with_http_info(activedirectory_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.activedirectories_agents_list ..." + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.activedirectories_agents_list ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? fail ArgumentError, "Missing the required parameter 'activedirectory_id' when calling ActiveDirectoryApi.activedirectories_agents_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.activedirectories_agents_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.activedirectories_agents_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling ActiveDirectoryApi.activedirectories_agents_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/activedirectories/{activedirectory_id}/agents".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/agents'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#activedirectories_agents_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create a new Active Directory Agent # This endpoint allows you to create a new Active Directory Agent. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [ActiveDirectoryAgentInput] :body - # @option opts [String] :x_org_id (default to ) - # @return [ActiveDirectoryAgentGetOutput] - def activedirectories_agents_post(activedirectory_id, content_type, accept, opts = {}) - data, _status_code, _headers = activedirectories_agents_post_with_http_info(activedirectory_id, content_type, accept, opts) - return data + # @option opts [ActiveDirectoryAgent] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [ActiveDirectoryAgentGet] + def activedirectories_agents_post(activedirectory_id, opts = {}) + data, _status_code, _headers = activedirectories_agents_post_with_http_info(activedirectory_id, opts) + data end # Create a new Active Directory Agent - # This endpoint allows you to create a new Active Directory Agent. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # This endpoint allows you to create a new Active Directory Agent. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [ActiveDirectoryAgentInput] :body - # @option opts [String] :x_org_id - # @return [Array<(ActiveDirectoryAgentGetOutput, Fixnum, Hash)>] ActiveDirectoryAgentGetOutput data, response status code and response headers - def activedirectories_agents_post_with_http_info(activedirectory_id, content_type, accept, opts = {}) + # @option opts [ActiveDirectoryAgent] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(ActiveDirectoryAgentGet, Integer, Hash)>] ActiveDirectoryAgentGet data, response status code and response headers + def activedirectories_agents_post_with_http_info(activedirectory_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.activedirectories_agents_post ..." + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.activedirectories_agents_post ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? fail ArgumentError, "Missing the required parameter 'activedirectory_id' when calling ActiveDirectoryApi.activedirectories_agents_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.activedirectories_agents_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.activedirectories_agents_post" - end # resource path - local_var_path = "/activedirectories/{activedirectory_id}/agents".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/agents'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'ActiveDirectoryAgentGet' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'ActiveDirectoryAgentGetOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#activedirectories_agents_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Delete an Active Directory - # This endpoint allows you to delete an Active Directory Instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY' ``` + # This endpoint allows you to delete an Active Directory Instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of this Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def activedirectories_delete(id, content_type, accept, opts = {}) - activedirectories_delete_with_http_info(id, content_type, accept, opts) - return nil + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [ActiveDirectory] + def activedirectories_delete(id, opts = {}) + data, _status_code, _headers = activedirectories_delete_with_http_info(id, opts) + data end # Delete an Active Directory - # This endpoint allows you to delete an Active Directory Instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY' ``` + # This endpoint allows you to delete an Active Directory Instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of this Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def activedirectories_delete_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(ActiveDirectory, Integer, Hash)>] ActiveDirectory data, response status code and response headers + def activedirectories_delete_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.activedirectories_delete ..." + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.activedirectories_delete ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling ActiveDirectoryApi.activedirectories_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.activedirectories_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.activedirectories_delete" - end # resource path - local_var_path = "/activedirectories/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/activedirectories/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'ActiveDirectory' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#activedirectories_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get an Active Directory # This endpoint returns a specific Active Directory. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of this Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [ActiveDirectoryOutput] - def activedirectories_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = activedirectories_get_with_http_info(id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [ActiveDirectory] + def activedirectories_get(id, opts = {}) + data, _status_code, _headers = activedirectories_get_with_http_info(id, opts) + data end # Get an Active Directory - # This endpoint returns a specific Active Directory. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific Active Directory. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of this Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(ActiveDirectoryOutput, Fixnum, Hash)>] ActiveDirectoryOutput data, response status code and response headers - def activedirectories_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(ActiveDirectory, Integer, Hash)>] ActiveDirectory data, response status code and response headers + def activedirectories_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.activedirectories_get ..." + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.activedirectories_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling ActiveDirectoryApi.activedirectories_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.activedirectories_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.activedirectories_get" - end # resource path - local_var_path = "/activedirectories/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/activedirectories/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'ActiveDirectory' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'ActiveDirectoryOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#activedirectories_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List Active Directories # This endpoint allows you to list all your Active Directory Instances. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def activedirectories_list(content_type, accept, opts = {}) - data, _status_code, _headers = activedirectories_list_with_http_info(content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def activedirectories_list(opts = {}) + data, _status_code, _headers = activedirectories_list_with_http_info(opts) + data end # List Active Directories - # This endpoint allows you to list all your Active Directory Instances. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint allows you to list all your Active Directory Instances. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def activedirectories_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def activedirectories_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.activedirectories_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.activedirectories_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.activedirectories_list" + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.activedirectories_list ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling ActiveDirectoryApi.activedirectories_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/activedirectories" + local_var_path = '/activedirectories' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -534,132 +434,116 @@ def activedirectories_list_with_http_info(content_type, accept, opts = {}) query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#activedirectories_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create a new Active Directory - # This endpoint allows you to create a new Active Directory. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"domain\": \"{DC=AD_domain_name;DC=com}\" } ' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new Active Directory. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"domain\": \"{DC=AD_domain_name;DC=com}\" }' ``` # @param [Hash] opts the optional parameters - # @option opts [ActiveDirectoryInput] :body - # @option opts [String] :x_org_id (default to ) - # @return [ActiveDirectoryOutput] - def activedirectories_post(content_type, accept, opts = {}) - data, _status_code, _headers = activedirectories_post_with_http_info(content_type, accept, opts) - return data + # @option opts [ActiveDirectory] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [ActiveDirectory] + def activedirectories_post(opts = {}) + data, _status_code, _headers = activedirectories_post_with_http_info(opts) + data end # Create a new Active Directory - # This endpoint allows you to create a new Active Directory. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"domain\": \"{DC=AD_domain_name;DC=com}\" } ' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new Active Directory. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"domain\": \"{DC=AD_domain_name;DC=com}\" }' ``` # @param [Hash] opts the optional parameters - # @option opts [ActiveDirectoryInput] :body - # @option opts [String] :x_org_id - # @return [Array<(ActiveDirectoryOutput, Fixnum, Hash)>] ActiveDirectoryOutput data, response status code and response headers - def activedirectories_post_with_http_info(content_type, accept, opts = {}) + # @option opts [ActiveDirectory] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(ActiveDirectory, Integer, Hash)>] ActiveDirectory data, response status code and response headers + def activedirectories_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.activedirectories_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.activedirectories_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.activedirectories_post" + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.activedirectories_post ...' end # resource path - local_var_path = "/activedirectories" + local_var_path = '/activedirectories' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'ActiveDirectory' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'ActiveDirectoryOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#activedirectories_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of an Active Directory instance # This endpoint returns the direct associations of this Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/associations?targets=user \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"active_directory\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_active_directory_associations_list(activedirectory_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_active_directory_associations_list_with_http_info(activedirectory_id, targets, content_type, accept, opts) - return data + def graph_active_directory_associations_list(activedirectory_id, targets, opts = {}) + data, _status_code, _headers = graph_active_directory_associations_list_with_http_info(activedirectory_id, targets, opts) + data end # List the associations of an Active Directory instance - # This endpoint returns the direct associations of this Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/associations?targets=user \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the direct associations of this Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/associations?targets=user \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"active_directory\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_active_directory_associations_list_with_http_info(activedirectory_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_active_directory_associations_list_with_http_info(activedirectory_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.graph_active_directory_associations_list ..." + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.graph_active_directory_associations_list ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? @@ -669,208 +553,235 @@ def graph_active_directory_associations_list_with_http_info(activedirectory_id, if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling ActiveDirectoryApi.graph_active_directory_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.graph_active_directory_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.graph_active_directory_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling ActiveDirectoryApi.graph_active_directory_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/activedirectories/{activedirectory_id}/associations".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/associations'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#graph_active_directory_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of an Active Directory instance - # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" } ' ``` + # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationActiveDirectory] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_active_directory_associations_post(activedirectory_id, content_type, accept, opts = {}) - graph_active_directory_associations_post_with_http_info(activedirectory_id, content_type, accept, opts) - return nil + def graph_active_directory_associations_post(activedirectory_id, opts = {}) + graph_active_directory_associations_post_with_http_info(activedirectory_id, opts) + nil end # Manage the associations of an Active Directory instance - # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" } ' ``` + # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_active_directory_associations_post_with_http_info(activedirectory_id, content_type, accept, opts = {}) + # @option opts [GraphOperationActiveDirectory] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_active_directory_associations_post_with_http_info(activedirectory_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.graph_active_directory_associations_post ..." + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.graph_active_directory_associations_post ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? fail ArgumentError, "Missing the required parameter 'activedirectory_id' when calling ActiveDirectoryApi.graph_active_directory_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.graph_active_directory_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.graph_active_directory_associations_post" - end # resource path - local_var_path = "/activedirectories/{activedirectory_id}/associations".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/associations'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#graph_active_directory_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # List the Users bound to an Active Directory instance + # This endpoint will return all Users bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param activedirectory_id ObjectID of the Active Directory instance. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def graph_active_directory_traverse_user(activedirectory_id, opts = {}) + data, _status_code, _headers = graph_active_directory_traverse_user_with_http_info(activedirectory_id, opts) + data + end + + # List the Users bound to an Active Directory instance + # This endpoint will return all Users bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param activedirectory_id ObjectID of the Active Directory instance. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_active_directory_traverse_user_with_http_info(activedirectory_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.graph_active_directory_traverse_user ...' + end + # verify the required parameter 'activedirectory_id' is set + if @api_client.config.client_side_validation && activedirectory_id.nil? + fail ArgumentError, "Missing the required parameter 'activedirectory_id' when calling ActiveDirectoryApi.graph_active_directory_traverse_user" + end + # resource path + local_var_path = '/activedirectories/{activedirectory_id}/users'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ActiveDirectoryApi#graph_active_directory_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # List the User Groups bound to an Active Directory instance # This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id ObjectID of the Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_active_directory_traverse_user_group(activedirectory_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_active_directory_traverse_user_group_with_http_info(activedirectory_id, content_type, accept, opts) - return data + def graph_active_directory_traverse_user_group(activedirectory_id, opts = {}) + data, _status_code, _headers = graph_active_directory_traverse_user_group_with_http_info(activedirectory_id, opts) + data end # List the User Groups bound to an Active Directory instance - # This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id ObjectID of the Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_active_directory_traverse_user_group_with_http_info(activedirectory_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_active_directory_traverse_user_group_with_http_info(activedirectory_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ActiveDirectoryApi.graph_active_directory_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: ActiveDirectoryApi.graph_active_directory_traverse_user_group ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? fail ArgumentError, "Missing the required parameter 'activedirectory_id' when calling ActiveDirectoryApi.graph_active_directory_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ActiveDirectoryApi.graph_active_directory_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ActiveDirectoryApi.graph_active_directory_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling ActiveDirectoryApi.graph_active_directory_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/activedirectories/{activedirectory_id}/usergroups".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/usergroups'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ActiveDirectoryApi#graph_active_directory_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/administrators_api.rb b/jcapiv2/lib/jcapiv2/api/administrators_api.rb new file mode 100644 index 0000000..481de6c --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/administrators_api.rb @@ -0,0 +1,266 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class AdministratorsApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Allow Adminstrator access to an Organization. + # This endpoint allows you to grant Administrator access to an Organization. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [AdministratorOrganizationLinkReq] :body + # @return [AdministratorOrganizationLink] + def administrator_organizations_create_by_administrator(id, opts = {}) + data, _status_code, _headers = administrator_organizations_create_by_administrator_with_http_info(id, opts) + data + end + + # Allow Adminstrator access to an Organization. + # This endpoint allows you to grant Administrator access to an Organization. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [AdministratorOrganizationLinkReq] :body + # @return [Array<(AdministratorOrganizationLink, Integer, Hash)>] AdministratorOrganizationLink data, response status code and response headers + def administrator_organizations_create_by_administrator_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AdministratorsApi.administrator_organizations_create_by_administrator ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling AdministratorsApi.administrator_organizations_create_by_administrator" + end + # resource path + local_var_path = '/administrators/{id}/organizationlinks'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'AdministratorOrganizationLink' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AdministratorsApi#administrator_organizations_create_by_administrator\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the association links between an Administrator and Organizations. + # This endpoint returns the association links between an Administrator and Organizations. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def administrator_organizations_list_by_administrator(id, opts = {}) + data, _status_code, _headers = administrator_organizations_list_by_administrator_with_http_info(id, opts) + data + end + + # List the association links between an Administrator and Organizations. + # This endpoint returns the association links between an Administrator and Organizations. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def administrator_organizations_list_by_administrator_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AdministratorsApi.administrator_organizations_list_by_administrator ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling AdministratorsApi.administrator_organizations_list_by_administrator" + end + # resource path + local_var_path = '/administrators/{id}/organizationlinks'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AdministratorsApi#administrator_organizations_list_by_administrator\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the association links between an Organization and Administrators. + # This endpoint returns the association links between an Organization and Administrators. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def administrator_organizations_list_by_organization(id, opts = {}) + data, _status_code, _headers = administrator_organizations_list_by_organization_with_http_info(id, opts) + data + end + + # List the association links between an Organization and Administrators. + # This endpoint returns the association links between an Organization and Administrators. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def administrator_organizations_list_by_organization_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AdministratorsApi.administrator_organizations_list_by_organization ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling AdministratorsApi.administrator_organizations_list_by_organization" + end + # resource path + local_var_path = '/organizations/{id}/administratorlinks'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AdministratorsApi#administrator_organizations_list_by_organization\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Remove association between an Administrator and an Organization. + # This endpoint removes the association link between an Administrator and an Organization. + # @param administrator_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def administrator_organizations_remove_by_administrator(administrator_id, id, opts = {}) + administrator_organizations_remove_by_administrator_with_http_info(administrator_id, id, opts) + nil + end + + # Remove association between an Administrator and an Organization. + # This endpoint removes the association link between an Administrator and an Organization. + # @param administrator_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def administrator_organizations_remove_by_administrator_with_http_info(administrator_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AdministratorsApi.administrator_organizations_remove_by_administrator ...' + end + # verify the required parameter 'administrator_id' is set + if @api_client.config.client_side_validation && administrator_id.nil? + fail ArgumentError, "Missing the required parameter 'administrator_id' when calling AdministratorsApi.administrator_organizations_remove_by_administrator" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling AdministratorsApi.administrator_organizations_remove_by_administrator" + end + # resource path + local_var_path = '/administrators/{administrator_id}/organizationlinks/{id}'.sub('{' + 'administrator_id' + '}', administrator_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AdministratorsApi#administrator_organizations_remove_by_administrator\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/apple_mdm_api.rb b/jcapiv2/lib/jcapiv2/api/apple_mdm_api.rb index d404146..ed4aa9a 100644 --- a/jcapiv2/lib/jcapiv2/api/apple_mdm_api.rb +++ b/jcapiv2/lib/jcapiv2/api/apple_mdm_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class AppleMDMApi attr_accessor :api_client @@ -19,433 +16,1228 @@ class AppleMDMApi def initialize(api_client = ApiClient.default) @api_client = api_client end + # Get Apple MDM CSR Plist + # Retrieves an Apple MDM signed CSR Plist for an organization. The user must supply the returned plist to Apple for signing, and then provide the certificate provided by Apple back into the PUT API. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/csr \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AppleMdmSignedCsrPlist] + def applemdms_csrget(apple_mdm_id, opts = {}) + data, _status_code, _headers = applemdms_csrget_with_http_info(apple_mdm_id, opts) + data + end + + # Get Apple MDM CSR Plist + # Retrieves an Apple MDM signed CSR Plist for an organization. The user must supply the returned plist to Apple for signing, and then provide the certificate provided by Apple back into the PUT API. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/csr \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(AppleMdmSignedCsrPlist, Integer, Hash)>] AppleMdmSignedCsrPlist data, response status code and response headers + def applemdms_csrget_with_http_info(apple_mdm_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_csrget ...' + end + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_csrget" + end + # resource path + local_var_path = '/applemdms/{apple_mdm_id}/csr'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/octet-stream']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AppleMdmSignedCsrPlist' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_csrget\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # Delete an Apple MDM # Removes an Apple MDM configuration. Warning: This is a destructive operation and will remove your Apple Push Certificates. We will no longer be able to manage your devices and the only recovery option is to re-register all devices into MDM. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param apple_mdm_id - # @param content_type - # @param accept + # @param id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [AppleMDM] - def applemdms_delete(apple_mdm_id, content_type, accept, opts = {}) - data, _status_code, _headers = applemdms_delete_with_http_info(apple_mdm_id, content_type, accept, opts) - return data + def applemdms_delete(id, opts = {}) + data, _status_code, _headers = applemdms_delete_with_http_info(id, opts) + data end # Delete an Apple MDM - # Removes an Apple MDM configuration. Warning: This is a destructive operation and will remove your Apple Push Certificates. We will no longer be able to manage your devices and the only recovery option is to re-register all devices into MDM. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Removes an Apple MDM configuration. Warning: This is a destructive operation and will remove your Apple Push Certificates. We will no longer be able to manage your devices and the only recovery option is to re-register all devices into MDM. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(AppleMDM, Integer, Hash)>] AppleMDM data, response status code and response headers + def applemdms_delete_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_delete ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling AppleMDMApi.applemdms_delete" + end + # resource path + local_var_path = '/applemdms/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AppleMDM' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Remove an Apple MDM Device's Enrollment + # Remove a single Apple MDM device from MDM enrollment. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id} \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AppleMdmDevice] + def applemdms_deletedevice(apple_mdm_id, device_id, opts = {}) + data, _status_code, _headers = applemdms_deletedevice_with_http_info(apple_mdm_id, device_id, opts) + data + end + + # Remove an Apple MDM Device's Enrollment + # Remove a single Apple MDM device from MDM enrollment. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id} \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param apple_mdm_id - # @param content_type - # @param accept + # @param device_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(AppleMDM, Fixnum, Hash)>] AppleMDM data, response status code and response headers - def applemdms_delete_with_http_info(apple_mdm_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(AppleMdmDevice, Integer, Hash)>] AppleMdmDevice data, response status code and response headers + def applemdms_deletedevice_with_http_info(apple_mdm_id, device_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: AppleMDMApi.applemdms_delete ..." + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_deletedevice ...' end # verify the required parameter 'apple_mdm_id' is set if @api_client.config.client_side_validation && apple_mdm_id.nil? - fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_delete" + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_deletedevice" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling AppleMDMApi.applemdms_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling AppleMDMApi.applemdms_delete" + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling AppleMDMApi.applemdms_deletedevice" end # resource path - local_var_path = "/applemdms/{apple_mdm_id}".sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s) + local_var_path = '/applemdms/{apple_mdm_id}/devices/{device_id}'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'device_id' + '}', device_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'AppleMdmDevice' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'AppleMDM') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_deletedevice\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Get Apple MDM DEP Public Key + # Retrieves an Apple MDM DEP Public Key. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/depkey \\ -H 'accept: application/x-pem-file' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AppleMdmPublicKeyCert] + def applemdms_depkeyget(apple_mdm_id, opts = {}) + data, _status_code, _headers = applemdms_depkeyget_with_http_info(apple_mdm_id, opts) + data + end - # List Apple MDMs - # Get a list of all Apple MDM configurations. An empty topic indicates that a signed certificate from Apple has not been provided to the PUT endpoint yet. Note: currently only one MDM configuration per organization is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # Get Apple MDM DEP Public Key + # Retrieves an Apple MDM DEP Public Key. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/depkey \\ -H 'accept: application/x-pem-file' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def applemdms_list(content_type, accept, opts = {}) - data, _status_code, _headers = applemdms_list_with_http_info(content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(AppleMdmPublicKeyCert, Integer, Hash)>] AppleMdmPublicKeyCert data, response status code and response headers + def applemdms_depkeyget_with_http_info(apple_mdm_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_depkeyget ...' + end + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_depkeyget" + end + # resource path + local_var_path = '/applemdms/{apple_mdm_id}/depkey'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/x-pem-file']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AppleMdmPublicKeyCert' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_depkeyget\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Clears the Activation Lock for a Device + # Clears the activation lock on the specified device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/clearActivationLock \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applemdms_devices_clear_activation_lock(apple_mdm_id, device_id, opts = {}) + applemdms_devices_clear_activation_lock_with_http_info(apple_mdm_id, device_id, opts) + nil end - # List Apple MDMs - # Get a list of all Apple MDM configurations. An empty topic indicates that a signed certificate from Apple has not been provided to the PUT endpoint yet. Note: currently only one MDM configuration per organization is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # Clears the Activation Lock for a Device + # Clears the activation lock on the specified device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/clearActivationLock \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def applemdms_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applemdms_devices_clear_activation_lock_with_http_info(apple_mdm_id, device_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: AppleMDMApi.applemdms_list ..." + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_devices_clear_activation_lock ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling AppleMDMApi.applemdms_list" + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_devices_clear_activation_lock" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling AppleMDMApi.applemdms_list" + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling AppleMDMApi.applemdms_devices_clear_activation_lock" end # resource path - local_var_path = "/applemdms" + local_var_path = '/applemdms/{apple_mdm_id}/devices/{device_id}/clearActivationLock'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'device_id' + '}', device_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_devices_clear_activation_lock\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Create Apple MDM - # Creates an Apple MDM Enrollment for an organization. Only one enrollment per organization will be allowed. Note that this is the first step in completly setting up an MDM Enrollment. The user must supply the returned plist to Apple for signing, and then provide the certificate provided by Apple back into the PUT API. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/organizations/{Organization_ID}/mdm \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` - # @param content_type - # @param accept + # Request the status of an OS update for a device + # Pass through to request the status of an OS update #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/osUpdateStatus \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id # @param [Hash] opts the optional parameters - # @option opts [Body] :body - # @option opts [String] :x_org_id (default to ) - # @return [InlineResponse201] - def applemdms_post(content_type, accept, opts = {}) - data, _status_code, _headers = applemdms_post_with_http_info(content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applemdms_devices_os_update_status(apple_mdm_id, device_id, opts = {}) + applemdms_devices_os_update_status_with_http_info(apple_mdm_id, device_id, opts) + nil end - # Create Apple MDM - # Creates an Apple MDM Enrollment for an organization. Only one enrollment per organization will be allowed. Note that this is the first step in completly setting up an MDM Enrollment. The user must supply the returned plist to Apple for signing, and then provide the certificate provided by Apple back into the PUT API. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/organizations/{Organization_ID}/mdm \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` - # @param content_type - # @param accept + # Request the status of an OS update for a device + # Pass through to request the status of an OS update #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/osUpdateStatus \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id # @param [Hash] opts the optional parameters - # @option opts [Body] :body - # @option opts [String] :x_org_id - # @return [Array<(InlineResponse201, Fixnum, Hash)>] InlineResponse201 data, response status code and response headers - def applemdms_post_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applemdms_devices_os_update_status_with_http_info(apple_mdm_id, device_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: AppleMDMApi.applemdms_post ..." + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_devices_os_update_status ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling AppleMDMApi.applemdms_post" + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_devices_os_update_status" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling AppleMDMApi.applemdms_post" + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling AppleMDMApi.applemdms_devices_os_update_status" end # resource path - local_var_path = "/applemdms" + local_var_path = '/applemdms/{apple_mdm_id}/devices/{device_id}/osUpdateStatus'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'device_id' + '}', device_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'InlineResponse201') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_devices_os_update_status\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Update an Apple MDM - # Updates an Apple MDM configuration. This endpoint is used to supply JumpCloud with a signed certificate from Apple in order to finalize the setup and allow JumpCloud to manage your devices. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/applemdms/{ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"MDM name\", \"appleSignedCert\": \"{CERTIFICATE}\" }' ``` + # Refresh activation lock information for a device + # Refreshes the activation lock information for a device #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/refreshActivationLockInformation \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param apple_mdm_id - # @param content_type - # @param accept + # @param device_id # @param [Hash] opts the optional parameters - # @option opts [AppleMdmPatchInput] :body - # @option opts [String] :x_org_id (default to ) - # @return [AppleMDM] - def applemdms_put(apple_mdm_id, content_type, accept, opts = {}) - data, _status_code, _headers = applemdms_put_with_http_info(apple_mdm_id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applemdms_devices_refresh_activation_lock_information(apple_mdm_id, device_id, opts = {}) + applemdms_devices_refresh_activation_lock_information_with_http_info(apple_mdm_id, device_id, opts) + nil end - # Update an Apple MDM - # Updates an Apple MDM configuration. This endpoint is used to supply JumpCloud with a signed certificate from Apple in order to finalize the setup and allow JumpCloud to manage your devices. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/applemdms/{ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"MDM name\", \"appleSignedCert\": \"{CERTIFICATE}\" }' ``` + # Refresh activation lock information for a device + # Refreshes the activation lock information for a device #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/refreshActivationLockInformation \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param apple_mdm_id - # @param content_type - # @param accept + # @param device_id # @param [Hash] opts the optional parameters - # @option opts [AppleMdmPatchInput] :body - # @option opts [String] :x_org_id - # @return [Array<(AppleMDM, Fixnum, Hash)>] AppleMDM data, response status code and response headers - def applemdms_put_with_http_info(apple_mdm_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applemdms_devices_refresh_activation_lock_information_with_http_info(apple_mdm_id, device_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: AppleMDMApi.applemdms_put ..." + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_devices_refresh_activation_lock_information ...' end # verify the required parameter 'apple_mdm_id' is set if @api_client.config.client_side_validation && apple_mdm_id.nil? - fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_put" + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_devices_refresh_activation_lock_information" + end + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling AppleMDMApi.applemdms_devices_refresh_activation_lock_information" + end + # resource path + local_var_path = '/applemdms/{apple_mdm_id}/devices/{device_id}/refreshActivationLockInformation'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'device_id' + '}', device_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_devices_refresh_activation_lock_information\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Schedule an OS update for a device + # Schedules an OS update for a device #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/scheduleOSUpdate \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"install_action\": \"INSTALL_ASAP\", \"product_key\": \"key\"}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [ScheduleOSUpdate] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applemdms_devices_schedule_os_update(apple_mdm_id, device_id, opts = {}) + applemdms_devices_schedule_os_update_with_http_info(apple_mdm_id, device_id, opts) + nil + end + + # Schedule an OS update for a device + # Schedules an OS update for a device #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/scheduleOSUpdate \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"install_action\": \"INSTALL_ASAP\", \"product_key\": \"key\"}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [ScheduleOSUpdate] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applemdms_devices_schedule_os_update_with_http_info(apple_mdm_id, device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_devices_schedule_os_update ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling AppleMDMApi.applemdms_put" + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_devices_schedule_os_update" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling AppleMDMApi.applemdms_put" + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling AppleMDMApi.applemdms_devices_schedule_os_update" end # resource path - local_var_path = "/applemdms/{apple_mdm_id}".sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s) + local_var_path = '/applemdms/{apple_mdm_id}/devices/{device_id}/scheduleOSUpdate'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'device_id' + '}', device_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'AppleMDM') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_devices_schedule_os_update\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Get an Apple MDM Enrollment Profile - # Get an enrollment profile Currently only requesting the mobileconfig is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles/{ENROLLMENT_PROFILE_ID} \\ -H 'accept: application/x-apple-aspen-config' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Erase Device + # Erases a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/erase \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param apple_mdm_id - # @param enrollment_profile_id - # @param content_type - # @param accept + # @param device_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [Mobileconfig] - def enrollmentprofiles_get(apple_mdm_id, enrollment_profile_id, content_type, accept, opts = {}) - data, _status_code, _headers = enrollmentprofiles_get_with_http_info(apple_mdm_id, enrollment_profile_id, content_type, accept, opts) - return data + # @option opts [DeviceIdEraseBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applemdms_deviceserase(apple_mdm_id, device_id, opts = {}) + applemdms_deviceserase_with_http_info(apple_mdm_id, device_id, opts) + nil end - # Get an Apple MDM Enrollment Profile - # Get an enrollment profile Currently only requesting the mobileconfig is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles/{ENROLLMENT_PROFILE_ID} \\ -H 'accept: application/x-apple-aspen-config' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Erase Device + # Erases a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/erase \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param apple_mdm_id - # @param enrollment_profile_id - # @param content_type - # @param accept + # @param device_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(Mobileconfig, Fixnum, Hash)>] Mobileconfig data, response status code and response headers - def enrollmentprofiles_get_with_http_info(apple_mdm_id, enrollment_profile_id, content_type, accept, opts = {}) + # @option opts [DeviceIdEraseBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applemdms_deviceserase_with_http_info(apple_mdm_id, device_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: AppleMDMApi.enrollmentprofiles_get ..." + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_deviceserase ...' end # verify the required parameter 'apple_mdm_id' is set if @api_client.config.client_side_validation && apple_mdm_id.nil? - fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.enrollmentprofiles_get" - end - # verify the required parameter 'enrollment_profile_id' is set - if @api_client.config.client_side_validation && enrollment_profile_id.nil? - fail ArgumentError, "Missing the required parameter 'enrollment_profile_id' when calling AppleMDMApi.enrollmentprofiles_get" + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_deviceserase" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling AppleMDMApi.enrollmentprofiles_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling AppleMDMApi.enrollmentprofiles_get" + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling AppleMDMApi.applemdms_deviceserase" end # resource path - local_var_path = "/applemdms/{apple_mdm_id}/enrollmentprofiles/{enrollment_profile_id}".sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'enrollment_profile_id' + '}', enrollment_profile_id.to_s) + local_var_path = '/applemdms/{apple_mdm_id}/devices/{device_id}/erase'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'device_id' + '}', device_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/x-apple-aspen-config']) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Mobileconfig') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: AppleMDMApi#enrollmentprofiles_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_deviceserase\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List Apple MDM Enrollment Profiles - # Get a list of enrollment profiles for an apple mdm. Note: currently only one enrollment profile is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List AppleMDM Devices + # Lists all Apple MDM devices. The filter and sort queries will allow the following fields: `createdAt` `depRegistered` `enrolled` `id` `osVersion` `serialNumber` `udid` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param apple_mdm_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def enrollmentprofiles_list(apple_mdm_id, content_type, accept, opts = {}) - data, _status_code, _headers = enrollmentprofiles_list_with_http_info(apple_mdm_id, content_type, accept, opts) - return data + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :x_total_count + # @return [Array] + def applemdms_deviceslist(apple_mdm_id, opts = {}) + data, _status_code, _headers = applemdms_deviceslist_with_http_info(apple_mdm_id, opts) + data end - # List Apple MDM Enrollment Profiles - # Get a list of enrollment profiles for an apple mdm. Note: currently only one enrollment profile is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List AppleMDM Devices + # Lists all Apple MDM devices. The filter and sort queries will allow the following fields: `createdAt` `depRegistered` `enrolled` `id` `osVersion` `serialNumber` `udid` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param apple_mdm_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def enrollmentprofiles_list_with_http_info(apple_mdm_id, content_type, accept, opts = {}) + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :x_total_count + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def applemdms_deviceslist_with_http_info(apple_mdm_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: AppleMDMApi.enrollmentprofiles_list ..." + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_deviceslist ...' end # verify the required parameter 'apple_mdm_id' is set if @api_client.config.client_side_validation && apple_mdm_id.nil? - fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.enrollmentprofiles_list" + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_deviceslist" + end + # resource path + local_var_path = '/applemdms/{apple_mdm_id}/devices'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + header_params[:'x-total-count'] = opts[:'x_total_count'] if !opts[:'x_total_count'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_deviceslist\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Lock Device + # Locks a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/lock \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [DeviceIdLockBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applemdms_deviceslock(apple_mdm_id, device_id, opts = {}) + applemdms_deviceslock_with_http_info(apple_mdm_id, device_id, opts) + nil + end + + # Lock Device + # Locks a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/lock \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [DeviceIdLockBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applemdms_deviceslock_with_http_info(apple_mdm_id, device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_deviceslock ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling AppleMDMApi.enrollmentprofiles_list" + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_deviceslock" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling AppleMDMApi.enrollmentprofiles_list" + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling AppleMDMApi.applemdms_deviceslock" end # resource path - local_var_path = "/applemdms/{apple_mdm_id}/enrollmentprofiles".sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s) + local_var_path = '/applemdms/{apple_mdm_id}/devices/{device_id}/lock'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'device_id' + '}', device_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_deviceslock\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Restart Device + # Restarts a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/restart \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"kextPaths\": [\"Path1\", \"Path2\"]}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [DeviceIdRestartBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applemdms_devicesrestart(apple_mdm_id, device_id, opts = {}) + applemdms_devicesrestart_with_http_info(apple_mdm_id, device_id, opts) + nil + end + + # Restart Device + # Restarts a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/restart \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"kextPaths\": [\"Path1\", \"Path2\"]}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [DeviceIdRestartBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applemdms_devicesrestart_with_http_info(apple_mdm_id, device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_devicesrestart ...' + end + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_devicesrestart" + end + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling AppleMDMApi.applemdms_devicesrestart" + end + # resource path + local_var_path = '/applemdms/{apple_mdm_id}/devices/{device_id}/restart'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'device_id' + '}', device_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_devicesrestart\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Shut Down Device + # Shuts down a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/shutdown \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applemdms_devicesshutdown(apple_mdm_id, device_id, opts = {}) + applemdms_devicesshutdown_with_http_info(apple_mdm_id, device_id, opts) + nil + end + + # Shut Down Device + # Shuts down a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/shutdown \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applemdms_devicesshutdown_with_http_info(apple_mdm_id, device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_devicesshutdown ...' + end + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_devicesshutdown" + end + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling AppleMDMApi.applemdms_devicesshutdown" + end + # resource path + local_var_path = '/applemdms/{apple_mdm_id}/devices/{device_id}/shutdown'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'device_id' + '}', device_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_devicesshutdown\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get an Apple MDM Enrollment Profile + # Get an enrollment profile Currently only requesting the mobileconfig is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles/{ID} \\ -H 'accept: application/x-apple-aspen-config' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Mobileconfig] + def applemdms_enrollmentprofilesget(apple_mdm_id, id, opts = {}) + data, _status_code, _headers = applemdms_enrollmentprofilesget_with_http_info(apple_mdm_id, id, opts) + data + end + + # Get an Apple MDM Enrollment Profile + # Get an enrollment profile Currently only requesting the mobileconfig is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles/{ID} \\ -H 'accept: application/x-apple-aspen-config' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Mobileconfig, Integer, Hash)>] Mobileconfig data, response status code and response headers + def applemdms_enrollmentprofilesget_with_http_info(apple_mdm_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_enrollmentprofilesget ...' + end + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_enrollmentprofilesget" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling AppleMDMApi.applemdms_enrollmentprofilesget" + end + # resource path + local_var_path = '/applemdms/{apple_mdm_id}/enrollmentprofiles/{id}'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/x-apple-aspen-config']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Mobileconfig' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_enrollmentprofilesget\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List Apple MDM Enrollment Profiles + # Get a list of enrollment profiles for an apple mdm. Note: currently only one enrollment profile is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def applemdms_enrollmentprofileslist(apple_mdm_id, opts = {}) + data, _status_code, _headers = applemdms_enrollmentprofileslist_with_http_info(apple_mdm_id, opts) + data + end + + # List Apple MDM Enrollment Profiles + # Get a list of enrollment profiles for an apple mdm. Note: currently only one enrollment profile is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def applemdms_enrollmentprofileslist_with_http_info(apple_mdm_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_enrollmentprofileslist ...' + end + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_enrollmentprofileslist" + end + # resource path + local_var_path = '/applemdms/{apple_mdm_id}/enrollmentprofiles'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_enrollmentprofileslist\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Details of an AppleMDM Device + # Gets a single Apple MDM device. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id} \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AppleMdmDevice] + def applemdms_getdevice(apple_mdm_id, device_id, opts = {}) + data, _status_code, _headers = applemdms_getdevice_with_http_info(apple_mdm_id, device_id, opts) + data + end + + # Details of an AppleMDM Device + # Gets a single Apple MDM device. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id} \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(AppleMdmDevice, Integer, Hash)>] AppleMdmDevice data, response status code and response headers + def applemdms_getdevice_with_http_info(apple_mdm_id, device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_getdevice ...' + end + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_getdevice" + end + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling AppleMDMApi.applemdms_getdevice" + end + # resource path + local_var_path = '/applemdms/{apple_mdm_id}/devices/{device_id}'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s).sub('{' + 'device_id' + '}', device_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AppleMdmDevice' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_getdevice\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List Apple MDMs + # Get a list of all Apple MDM configurations. An empty topic indicates that a signed certificate from Apple has not been provided to the PUT endpoint yet. Note: currently only one MDM configuration per organization is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 1) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def applemdms_list(opts = {}) + data, _status_code, _headers = applemdms_list_with_http_info(opts) + data + end + + # List Apple MDMs + # Get a list of all Apple MDM configurations. An empty topic indicates that a signed certificate from Apple has not been provided to the PUT endpoint yet. Note: currently only one MDM configuration per organization is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def applemdms_list_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_list ...' + end + # resource path + local_var_path = '/applemdms' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update an Apple MDM + # Updates an Apple MDM configuration. This endpoint is used to supply JumpCloud with a signed certificate from Apple in order to finalize the setup and allow JumpCloud to manage your devices. It may also be used to update the DEP Settings. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/applemdms/{ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"MDM name\", \"appleSignedCert\": \"{CERTIFICATE}\", \"encryptedDepServerToken\": \"{SERVER_TOKEN}\", \"dep\": { \"welcomeScreen\": { \"title\": \"Welcome\", \"paragraph\": \"In just a few steps, you will be working securely from your Mac.\", \"button\": \"continue\", }, }, }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [AppleMdmPatch] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AppleMDM] + def applemdms_put(id, opts = {}) + data, _status_code, _headers = applemdms_put_with_http_info(id, opts) + data + end + + # Update an Apple MDM + # Updates an Apple MDM configuration. This endpoint is used to supply JumpCloud with a signed certificate from Apple in order to finalize the setup and allow JumpCloud to manage your devices. It may also be used to update the DEP Settings. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/applemdms/{ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"MDM name\", \"appleSignedCert\": \"{CERTIFICATE}\", \"encryptedDepServerToken\": \"{SERVER_TOKEN}\", \"dep\": { \"welcomeScreen\": { \"title\": \"Welcome\", \"paragraph\": \"In just a few steps, you will be working securely from your Mac.\", \"button\": \"continue\", }, }, }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [AppleMdmPatch] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(AppleMDM, Integer, Hash)>] AppleMDM data, response status code and response headers + def applemdms_put_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_put ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling AppleMDMApi.applemdms_put" + end + # resource path + local_var_path = '/applemdms/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'AppleMDM' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Refresh DEP Devices + # Refreshes the list of devices that a JumpCloud admin has added to their virtual MDM in Apple Business Manager - ABM so that they can be DEP enrolled with JumpCloud. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/refreshdepdevices \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applemdms_refreshdepdevices(apple_mdm_id, opts = {}) + applemdms_refreshdepdevices_with_http_info(apple_mdm_id, opts) + nil + end + + # Refresh DEP Devices + # Refreshes the list of devices that a JumpCloud admin has added to their virtual MDM in Apple Business Manager - ABM so that they can be DEP enrolled with JumpCloud. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/refreshdepdevices \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applemdms_refreshdepdevices_with_http_info(apple_mdm_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AppleMDMApi.applemdms_refreshdepdevices ...' + end + # verify the required parameter 'apple_mdm_id' is set + if @api_client.config.client_side_validation && apple_mdm_id.nil? + fail ArgumentError, "Missing the required parameter 'apple_mdm_id' when calling AppleMDMApi.applemdms_refreshdepdevices" + end + # resource path + local_var_path = '/applemdms/{apple_mdm_id}/refreshdepdevices'.sub('{' + 'apple_mdm_id' + '}', apple_mdm_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: AppleMDMApi#enrollmentprofiles_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: AppleMDMApi#applemdms_refreshdepdevices\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv2/lib/jcapiv2/api/applications_api.rb b/jcapiv2/lib/jcapiv2/api/applications_api.rb index d926348..7b5817d 100644 --- a/jcapiv2/lib/jcapiv2/api/applications_api.rb +++ b/jcapiv2/lib/jcapiv2/api/applications_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class ApplicationsApi attr_accessor :api_client @@ -19,37 +16,214 @@ class ApplicationsApi def initialize(api_client = ApiClient.default) @api_client = api_client end + # Delete application image + # Deletes the specified image from an application + # @param application_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applications_delete_logo(application_id, opts = {}) + applications_delete_logo_with_http_info(application_id, opts) + nil + end + + # Delete application image + # Deletes the specified image from an application + # @param application_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applications_delete_logo_with_http_info(application_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ApplicationsApi.applications_delete_logo ...' + end + # verify the required parameter 'application_id' is set + if @api_client.config.client_side_validation && application_id.nil? + fail ArgumentError, "Missing the required parameter 'application_id' when calling ApplicationsApi.applications_delete_logo" + end + # resource path + local_var_path = '/applications/{application_id}/logo'.sub('{' + 'application_id' + '}', application_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ApplicationsApi#applications_delete_logo\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get an Application + # The endpoint retrieves an Application. + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Object] + def applications_get(application_id, opts = {}) + data, _status_code, _headers = applications_get_with_http_info(application_id, opts) + data + end + + # Get an Application + # The endpoint retrieves an Application. + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Object, Integer, Hash)>] Object data, response status code and response headers + def applications_get_with_http_info(application_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ApplicationsApi.applications_get ...' + end + # verify the required parameter 'application_id' is set + if @api_client.config.client_side_validation && application_id.nil? + fail ArgumentError, "Missing the required parameter 'application_id' when calling ApplicationsApi.applications_get" + end + # resource path + local_var_path = '/applications/{application_id}'.sub('{' + 'application_id' + '}', application_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Object' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ApplicationsApi#applications_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Save application logo + # This endpoint sets the logo for an application. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/logo \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param application_id + # @param [Hash] opts the optional parameters + # @option opts [String] :image + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applications_post_logo(application_id, opts = {}) + applications_post_logo_with_http_info(application_id, opts) + nil + end + + # Save application logo + # This endpoint sets the logo for an application. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/logo \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param application_id + # @param [Hash] opts the optional parameters + # @option opts [String] :image + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applications_post_logo_with_http_info(application_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ApplicationsApi.applications_post_logo ...' + end + # verify the required parameter 'application_id' is set + if @api_client.config.client_side_validation && application_id.nil? + fail ArgumentError, "Missing the required parameter 'application_id' when calling ApplicationsApi.applications_post_logo" + end + # resource path + local_var_path = '/applications/{application_id}/logo'.sub('{' + 'application_id' + '}', application_id.to_s) + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['multipart/form-data']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + form_params['image'] = opts[:'image'] if !opts[:'image'].nil? + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ApplicationsApi#applications_post_logo\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # List the associations of an Application # This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"application\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_application_associations_list(application_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_application_associations_list_with_http_info(application_id, targets, content_type, accept, opts) - return data + def graph_application_associations_list(application_id, targets, opts = {}) + data, _status_code, _headers = graph_application_associations_list_with_http_info(application_id, targets, opts) + data end # List the associations of an Application - # This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"application\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_application_associations_list_with_http_info(application_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_application_associations_list_with_http_info(application_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationsApi.graph_application_associations_list ..." + @api_client.config.logger.debug 'Calling API: ApplicationsApi.graph_application_associations_list ...' end # verify the required parameter 'application_id' is set if @api_client.config.client_side_validation && application_id.nil? @@ -59,295 +233,383 @@ def graph_application_associations_list_with_http_info(application_id, targets, if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling ApplicationsApi.graph_application_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ApplicationsApi.graph_application_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ApplicationsApi.graph_application_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling ApplicationsApi.graph_application_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/applications/{application_id}/associations".sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/applications/{application_id}/associations'.sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ApplicationsApi#graph_application_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of an Application - # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationApplication] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_application_associations_post(application_id, content_type, accept, opts = {}) - graph_application_associations_post_with_http_info(application_id, content_type, accept, opts) - return nil + def graph_application_associations_post(application_id, opts = {}) + graph_application_associations_post_with_http_info(application_id, opts) + nil end # Manage the associations of an Application - # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_application_associations_post_with_http_info(application_id, content_type, accept, opts = {}) + # @option opts [GraphOperationApplication] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_application_associations_post_with_http_info(application_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationsApi.graph_application_associations_post ..." + @api_client.config.logger.debug 'Calling API: ApplicationsApi.graph_application_associations_post ...' end # verify the required parameter 'application_id' is set if @api_client.config.client_side_validation && application_id.nil? fail ArgumentError, "Missing the required parameter 'application_id' when calling ApplicationsApi.graph_application_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ApplicationsApi.graph_application_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ApplicationsApi.graph_application_associations_post" - end # resource path - local_var_path = "/applications/{application_id}/associations".sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/applications/{application_id}/associations'.sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ApplicationsApi#graph_application_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to an Application # This endpoint will return all Users bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_application_traverse_user(application_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_application_traverse_user_with_http_info(application_id, content_type, accept, opts) - return data + def graph_application_traverse_user(application_id, opts = {}) + data, _status_code, _headers = graph_application_traverse_user_with_http_info(application_id, opts) + data end # List the Users bound to an Application - # This endpoint will return all Users bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_application_traverse_user_with_http_info(application_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_application_traverse_user_with_http_info(application_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationsApi.graph_application_traverse_user ..." + @api_client.config.logger.debug 'Calling API: ApplicationsApi.graph_application_traverse_user ...' end # verify the required parameter 'application_id' is set if @api_client.config.client_side_validation && application_id.nil? fail ArgumentError, "Missing the required parameter 'application_id' when calling ApplicationsApi.graph_application_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ApplicationsApi.graph_application_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ApplicationsApi.graph_application_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling ApplicationsApi.graph_application_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/applications/{application_id}/users".sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/applications/{application_id}/users'.sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: ApplicationsApi#graph_application_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to an Application # This endpoint will return all Users Groups bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_application_traverse_user_group(application_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_application_traverse_user_group_with_http_info(application_id, content_type, accept, opts) - return data + def graph_application_traverse_user_group(application_id, opts = {}) + data, _status_code, _headers = graph_application_traverse_user_group_with_http_info(application_id, opts) + data end # List the User Groups bound to an Application - # This endpoint will return all Users Groups bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_application_traverse_user_group_with_http_info(application_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_application_traverse_user_group_with_http_info(application_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ApplicationsApi.graph_application_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: ApplicationsApi.graph_application_traverse_user_group ...' end # verify the required parameter 'application_id' is set if @api_client.config.client_side_validation && application_id.nil? fail ArgumentError, "Missing the required parameter 'application_id' when calling ApplicationsApi.graph_application_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ApplicationsApi.graph_application_traverse_user_group" + # resource path + local_var_path = '/applications/{application_id}/usergroups'.sub('{' + 'application_id' + '}', application_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ApplicationsApi#graph_application_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create an import job + # This endpoint allows you to create a user import job that will import new users and/or update existing users in JumpCloud from the application. The endpoint can currently only be used for applications that have an active Identity Management custom API integration. The request will fail with a “Not found” error for applications if that type of integration is not configured. To learn more about configuring this type of integration, read [Import users from an external identity source using a custom API integration](https://support.jumpcloud.com/support/s/article/Import-users-from-a-custom-rest-API-integration). #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applications/{application_id}/import/jobs \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' \\ -d '{ \"allowUserReactivation\": true, \"operations\": [ \"users.create\", \"users.update\" ] \"queryString\": \"location=Chicago&department=IT\" }' ``` + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [ImportUsersRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [JobId] + def import_create(application_id, opts = {}) + data, _status_code, _headers = import_create_with_http_info(application_id, opts) + data + end + + # Create an import job + # This endpoint allows you to create a user import job that will import new users and/or update existing users in JumpCloud from the application. The endpoint can currently only be used for applications that have an active Identity Management custom API integration. The request will fail with a “Not found” error for applications if that type of integration is not configured. To learn more about configuring this type of integration, read [Import users from an external identity source using a custom API integration](https://support.jumpcloud.com/support/s/article/Import-users-from-a-custom-rest-API-integration). #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applications/{application_id}/import/jobs \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' \\ -d '{ \"allowUserReactivation\": true, \"operations\": [ \"users.create\", \"users.update\" ] \"queryString\": \"location=Chicago&department=IT\" }' ``` + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [ImportUsersRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(JobId, Integer, Hash)>] JobId data, response status code and response headers + def import_create_with_http_info(application_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ApplicationsApi.import_create ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ApplicationsApi.graph_application_traverse_user_group" + # verify the required parameter 'application_id' is set + if @api_client.config.client_side_validation && application_id.nil? + fail ArgumentError, "Missing the required parameter 'application_id' when calling ApplicationsApi.import_create" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling ApplicationsApi.graph_application_traverse_user_group, must be greater than or equal to 0.' + # resource path + local_var_path = '/applications/{application_id}/import/jobs'.sub('{' + 'application_id' + '}', application_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'JobId' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ApplicationsApi#import_create\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end + return data, status_code, headers + end + # Get a list of users to import from an Application IdM service provider + # Get a list of users to import from an Application IdM service provider. + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [String] :filter Filter users by a search term + # @option opts [String] :query URL query to merge with the service provider request + # @option opts [String] :sort Sort users by supported fields + # @option opts [String] :sort_order (default to asc) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [ImportUsersResponse] + def import_users(application_id, opts = {}) + data, _status_code, _headers = import_users_with_http_info(application_id, opts) + data + end + # Get a list of users to import from an Application IdM service provider + # Get a list of users to import from an Application IdM service provider. + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [String] :filter Filter users by a search term + # @option opts [String] :query URL query to merge with the service provider request + # @option opts [String] :sort Sort users by supported fields + # @option opts [String] :sort_order + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(ImportUsersResponse, Integer, Hash)>] ImportUsersResponse data, response status code and response headers + def import_users_with_http_info(application_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ApplicationsApi.import_users ...' + end + # verify the required parameter 'application_id' is set + if @api_client.config.client_side_validation && application_id.nil? + fail ArgumentError, "Missing the required parameter 'application_id' when calling ApplicationsApi.import_users" + end + if @api_client.config.client_side_validation && opts[:'sort'] && !['', 'firstname', 'lastname', 'email'].include?(opts[:'sort']) + fail ArgumentError, 'invalid value for "sort", must be one of , firstname, lastname, email' + end + if @api_client.config.client_side_validation && opts[:'sort_order'] && !['asc', 'desc'].include?(opts[:'sort_order']) + fail ArgumentError, 'invalid value for "sort_order", must be one of asc, desc' + end # resource path - local_var_path = "/applications/{application_id}/usergroups".sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/applications/{application_id}/import/users'.sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil? + query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? + query_params[:'sortOrder'] = opts[:'sort_order'] if !opts[:'sort_order'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'ImportUsersResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: ApplicationsApi#graph_application_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: ApplicationsApi#import_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv2/lib/jcapiv2/api/authentication_policies_api.rb b/jcapiv2/lib/jcapiv2/api/authentication_policies_api.rb new file mode 100644 index 0000000..06a469f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/authentication_policies_api.rb @@ -0,0 +1,326 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class AuthenticationPoliciesApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Delete Authentication Policy + # Delete the specified authentication policy. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id Unique identifier of the authentication policy + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AuthnPolicy] + def authnpolicies_delete(id, opts = {}) + data, _status_code, _headers = authnpolicies_delete_with_http_info(id, opts) + data + end + + # Delete Authentication Policy + # Delete the specified authentication policy. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id Unique identifier of the authentication policy + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(AuthnPolicy, Integer, Hash)>] AuthnPolicy data, response status code and response headers + def authnpolicies_delete_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AuthenticationPoliciesApi.authnpolicies_delete ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling AuthenticationPoliciesApi.authnpolicies_delete" + end + # resource path + local_var_path = '/authn/policies/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AuthnPolicy' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AuthenticationPoliciesApi#authnpolicies_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get an authentication policy + # Return a specific authentication policy. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id Unique identifier of the authentication policy + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AuthnPolicy] + def authnpolicies_get(id, opts = {}) + data, _status_code, _headers = authnpolicies_get_with_http_info(id, opts) + data + end + + # Get an authentication policy + # Return a specific authentication policy. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id Unique identifier of the authentication policy + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(AuthnPolicy, Integer, Hash)>] AuthnPolicy data, response status code and response headers + def authnpolicies_get_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AuthenticationPoliciesApi.authnpolicies_get ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling AuthenticationPoliciesApi.authnpolicies_get" + end + # resource path + local_var_path = '/authn/policies/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AuthnPolicy' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AuthenticationPoliciesApi#authnpolicies_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List Authentication Policies + # Get a list of all authentication policies. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/authn/policies \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :x_total_count + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + def authnpolicies_list(opts = {}) + data, _status_code, _headers = authnpolicies_list_with_http_info(opts) + data + end + + # List Authentication Policies + # Get a list of all authentication policies. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/authn/policies \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :x_total_count + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def authnpolicies_list_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AuthenticationPoliciesApi.authnpolicies_list ...' + end + # resource path + local_var_path = '/authn/policies' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + header_params[:'x-total-count'] = opts[:'x_total_count'] if !opts[:'x_total_count'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AuthenticationPoliciesApi#authnpolicies_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Patch Authentication Policy + # Patch the specified authentication policy. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"disabled\": false }' ``` + # @param id Unique identifier of the authentication policy + # @param [Hash] opts the optional parameters + # @option opts [AuthnPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AuthnPolicy] + def authnpolicies_patch(id, opts = {}) + data, _status_code, _headers = authnpolicies_patch_with_http_info(id, opts) + data + end + + # Patch Authentication Policy + # Patch the specified authentication policy. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"disabled\": false }' ``` + # @param id Unique identifier of the authentication policy + # @param [Hash] opts the optional parameters + # @option opts [AuthnPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(AuthnPolicy, Integer, Hash)>] AuthnPolicy data, response status code and response headers + def authnpolicies_patch_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AuthenticationPoliciesApi.authnpolicies_patch ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling AuthenticationPoliciesApi.authnpolicies_patch" + end + # resource path + local_var_path = '/authn/policies/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'AuthnPolicy' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AuthenticationPoliciesApi#authnpolicies_patch\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create an Authentication Policy + # Create an authentication policy. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/authn/policies \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample Policy\", \"disabled\": false, \"effect\": { \"action\": \"allow\" }, \"targets\": { \"users\": { \"inclusions\": [\"ALL\"] }, \"userGroups\": { \"exclusions\": [{USER_GROUP_ID}] }, \"resources\": [ {\"type\": \"user_portal\" } ] }, \"conditions\":{ \"ipAddressIn\": [{IP_LIST_ID}] } }' ``` + # @param [Hash] opts the optional parameters + # @option opts [AuthnPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AuthnPolicy] + def authnpolicies_post(opts = {}) + data, _status_code, _headers = authnpolicies_post_with_http_info(opts) + data + end + + # Create an Authentication Policy + # Create an authentication policy. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/authn/policies \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample Policy\", \"disabled\": false, \"effect\": { \"action\": \"allow\" }, \"targets\": { \"users\": { \"inclusions\": [\"ALL\"] }, \"userGroups\": { \"exclusions\": [{USER_GROUP_ID}] }, \"resources\": [ {\"type\": \"user_portal\" } ] }, \"conditions\":{ \"ipAddressIn\": [{IP_LIST_ID}] } }' ``` + # @param [Hash] opts the optional parameters + # @option opts [AuthnPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(AuthnPolicy, Integer, Hash)>] AuthnPolicy data, response status code and response headers + def authnpolicies_post_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: AuthenticationPoliciesApi.authnpolicies_post ...' + end + # resource path + local_var_path = '/authn/policies' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'AuthnPolicy' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: AuthenticationPoliciesApi#authnpolicies_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/bulk_job_requests_api.rb b/jcapiv2/lib/jcapiv2/api/bulk_job_requests_api.rb index 0584659..f64ad4e 100644 --- a/jcapiv2/lib/jcapiv2/api/bulk_job_requests_api.rb +++ b/jcapiv2/lib/jcapiv2/api/bulk_job_requests_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class BulkJobRequestsApi attr_accessor :api_client @@ -19,375 +16,546 @@ class BulkJobRequestsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - - # Bulk Users Create - # The endpoint allows you to create a bulk job to asynchronously create users. See [Create a System User](https://docs.jumpcloud.com/1.0/systemusers/create-a-system-user) for full list of attributes. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ {\"name\":\"EmployeeID\",\"value\":\"0000\"}, {\"name\":\"Custom\",\"value\":\"attribute\"} ] } ] ``` - # @param content_type - # @param accept + # Bulk Expire Users + # The endpoint allows you to start a bulk job to asynchronously expire users. # @param [Hash] opts the optional parameters - # @option opts [Array] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [JobId] - def bulk_users_create(content_type, accept, opts = {}) - data, _status_code, _headers = bulk_users_create_with_http_info(content_type, accept, opts) - return data + def bulk_user_expires(opts = {}) + data, _status_code, _headers = bulk_user_expires_with_http_info(opts) + data end - # Bulk Users Create - # The endpoint allows you to create a bulk job to asynchronously create users. See [Create a System User](https://docs.jumpcloud.com/1.0/systemusers/create-a-system-user) for full list of attributes. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ {\"name\":\"EmployeeID\",\"value\":\"0000\"}, {\"name\":\"Custom\",\"value\":\"attribute\"} ] } ] ``` - # @param content_type - # @param accept + # Bulk Expire Users + # The endpoint allows you to start a bulk job to asynchronously expire users. # @param [Hash] opts the optional parameters - # @option opts [Array] :body - # @option opts [String] :x_org_id - # @return [Array<(JobId, Fixnum, Hash)>] JobId data, response status code and response headers - def bulk_users_create_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(JobId, Integer, Hash)>] JobId data, response status code and response headers + def bulk_user_expires_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: BulkJobRequestsApi.bulk_users_create ..." + @api_client.config.logger.debug 'Calling API: BulkJobRequestsApi.bulk_user_expires ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling BulkJobRequestsApi.bulk_users_create" + # resource path + local_var_path = '/bulk/user/expires' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'JobId' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_user_expires\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling BulkJobRequestsApi.bulk_users_create" + return data, status_code, headers + end + # Create Scheduled Userstate Job + # This endpoint allows you to create scheduled statechange jobs. #### Sample Request ``` curl -X POST \"https://console.jumpcloud.com/api/v2/bulk/userstates\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -d '{ \"user_ids\": [\"{User_ID_1}\", \"{User_ID_2}\", \"{User_ID_3}\"], \"state\": \"SUSPENDED\", \"start_date\": \"2000-01-01T00:00:00.000Z\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [BulkScheduledStatechangeCreate] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def bulk_user_states_create(opts = {}) + data, _status_code, _headers = bulk_user_states_create_with_http_info(opts) + data + end + + # Create Scheduled Userstate Job + # This endpoint allows you to create scheduled statechange jobs. #### Sample Request ``` curl -X POST \"https://console.jumpcloud.com/api/v2/bulk/userstates\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -d '{ \"user_ids\": [\"{User_ID_1}\", \"{User_ID_2}\", \"{User_ID_3}\"], \"state\": \"SUSPENDED\", \"start_date\": \"2000-01-01T00:00:00.000Z\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [BulkScheduledStatechangeCreate] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def bulk_user_states_create_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: BulkJobRequestsApi.bulk_user_states_create ...' end # resource path - local_var_path = "/bulk/users" + local_var_path = '/bulk/userstates' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'JobId') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_users_create\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_user_states_create\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Delete Scheduled Userstate Job + # This endpoint deletes a scheduled statechange job. #### Sample Request ``` curl -X DELETE \"https://console.jumpcloud.com/api/v2/bulk/userstates/{ScheduledJob_ID}\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' ``` + # @param id Unique identifier of the scheduled statechange job. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def bulk_user_states_delete(id, opts = {}) + bulk_user_states_delete_with_http_info(id, opts) + nil + end - # List Bulk Users Results - # This endpoint will return the results of particular user import or update job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/bulk/users/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param job_id - # @param content_type - # @param accept + # Delete Scheduled Userstate Job + # This endpoint deletes a scheduled statechange job. #### Sample Request ``` curl -X DELETE \"https://console.jumpcloud.com/api/v2/bulk/userstates/{ScheduledJob_ID}\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' ``` + # @param id Unique identifier of the scheduled statechange job. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def bulk_user_states_delete_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: BulkJobRequestsApi.bulk_user_states_delete ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling BulkJobRequestsApi.bulk_user_states_delete" + end + # resource path + local_var_path = '/bulk/userstates/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_user_states_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get the next scheduled state change for a list of users + # This endpoint is used to lookup the next upcoming scheduled state change for each user in the given list. The users parameter is limited to 100 items per request. The results are also limited to 100 items. This endpoint returns a max of 1 event per state per user. For example, if a user has 3 ACTIVATED events scheduled it will return the next upcoming activation event. However, if a user also has a SUSPENDED event scheduled along with the ACTIVATED events it will return the next upcoming activation event _and_ the next upcoming suspension event. + # @param users A list of system user IDs, limited to 100 items. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def bulk_users_create_results(job_id, content_type, accept, opts = {}) - data, _status_code, _headers = bulk_users_create_results_with_http_info(job_id, content_type, accept, opts) - return data + # @return [InlineResponse200] + def bulk_user_states_get_next_scheduled(users, opts = {}) + data, _status_code, _headers = bulk_user_states_get_next_scheduled_with_http_info(users, opts) + data end - # List Bulk Users Results - # This endpoint will return the results of particular user import or update job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/bulk/users/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param job_id - # @param content_type - # @param accept + # Get the next scheduled state change for a list of users + # This endpoint is used to lookup the next upcoming scheduled state change for each user in the given list. The users parameter is limited to 100 items per request. The results are also limited to 100 items. This endpoint returns a max of 1 event per state per user. For example, if a user has 3 ACTIVATED events scheduled it will return the next upcoming activation event. However, if a user also has a SUSPENDED event scheduled along with the ACTIVATED events it will return the next upcoming activation event _and_ the next upcoming suspension event. + # @param users A list of system user IDs, limited to 100 items. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def bulk_users_create_results_with_http_info(job_id, content_type, accept, opts = {}) + # @return [Array<(InlineResponse200, Integer, Hash)>] InlineResponse200 data, response status code and response headers + def bulk_user_states_get_next_scheduled_with_http_info(users, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: BulkJobRequestsApi.bulk_users_create_results ..." + @api_client.config.logger.debug 'Calling API: BulkJobRequestsApi.bulk_user_states_get_next_scheduled ...' end - # verify the required parameter 'job_id' is set - if @api_client.config.client_side_validation && job_id.nil? - fail ArgumentError, "Missing the required parameter 'job_id' when calling BulkJobRequestsApi.bulk_users_create_results" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling BulkJobRequestsApi.bulk_users_create_results" + # verify the required parameter 'users' is set + if @api_client.config.client_side_validation && users.nil? + fail ArgumentError, "Missing the required parameter 'users' when calling BulkJobRequestsApi.bulk_user_states_get_next_scheduled" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling BulkJobRequestsApi.bulk_users_create_results" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling BulkJobRequestsApi.bulk_users_create_results, must be greater than or equal to 0.' + # resource path + local_var_path = '/bulk/userstates/eventlist/next' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'users'] = @api_client.build_collection_param(users, :csv) + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse200' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_user_states_get_next_scheduled\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end + return data, status_code, headers + end + # List Scheduled Userstate Change Jobs + # The endpoint allows you to list scheduled statechange jobs. #### Sample Request ``` curl -X GET \"https://console.jumpcloud.com/api/v2/bulk/userstates\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' ``` + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [String] :userid The systemuser id to filter by. + # @return [Array] + def bulk_user_states_list(opts = {}) + data, _status_code, _headers = bulk_user_states_list_with_http_info(opts) + data + end + # List Scheduled Userstate Change Jobs + # The endpoint allows you to list scheduled statechange jobs. #### Sample Request ``` curl -X GET \"https://console.jumpcloud.com/api/v2/bulk/userstates\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' ``` + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [String] :userid The systemuser id to filter by. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def bulk_user_states_list_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: BulkJobRequestsApi.bulk_user_states_list ...' + end # resource path - local_var_path = "/bulk/users/{job_id}/results".sub('{' + 'job_id' + '}', job_id.to_s) + local_var_path = '/bulk/userstates' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'userid'] = opts[:'userid'] if !opts[:'userid'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_users_create_results\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_user_states_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Bulk Users Update - # The endpoint allows you to create a bulk job to asynchronously update users. See [Update a System User](https://docs.jumpcloud.com/1.0/systemusers/update-a-system-user) for full list of attributes. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"department\":\"{UPDATED_DEPARTMENT}\", \"attributes\":[ {\"name\":\"Custom\",\"value\":\"{ATTRIBUTE_VALUE}\"} ] }, { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"costCenter\":\"{UPDATED_COST_CENTER}\", \"phoneNumbers\":[ {\"type\":\"home\",\"number\":\"{HOME_PHONE_NUMBER}\"}, {\"type\":\"work\",\"number\":\"{WORK_PHONE_NUMBER}\"} ] } ] ``` - # @param content_type - # @param accept + # Bulk Unlock Users + # The endpoint allows you to start a bulk job to asynchronously unlock users. # @param [Hash] opts the optional parameters - # @option opts [Array] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [JobId] - def bulk_users_update(content_type, accept, opts = {}) - data, _status_code, _headers = bulk_users_update_with_http_info(content_type, accept, opts) - return data + def bulk_user_unlocks(opts = {}) + data, _status_code, _headers = bulk_user_unlocks_with_http_info(opts) + data end - # Bulk Users Update - # The endpoint allows you to create a bulk job to asynchronously update users. See [Update a System User](https://docs.jumpcloud.com/1.0/systemusers/update-a-system-user) for full list of attributes. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"department\":\"{UPDATED_DEPARTMENT}\", \"attributes\":[ {\"name\":\"Custom\",\"value\":\"{ATTRIBUTE_VALUE}\"} ] }, { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"costCenter\":\"{UPDATED_COST_CENTER}\", \"phoneNumbers\":[ {\"type\":\"home\",\"number\":\"{HOME_PHONE_NUMBER}\"}, {\"type\":\"work\",\"number\":\"{WORK_PHONE_NUMBER}\"} ] } ] ``` - # @param content_type - # @param accept + # Bulk Unlock Users + # The endpoint allows you to start a bulk job to asynchronously unlock users. # @param [Hash] opts the optional parameters - # @option opts [Array] :body - # @option opts [String] :x_org_id - # @return [Array<(JobId, Fixnum, Hash)>] JobId data, response status code and response headers - def bulk_users_update_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(JobId, Integer, Hash)>] JobId data, response status code and response headers + def bulk_user_unlocks_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: BulkJobRequestsApi.bulk_users_update ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling BulkJobRequestsApi.bulk_users_update" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling BulkJobRequestsApi.bulk_users_update" + @api_client.config.logger.debug 'Calling API: BulkJobRequestsApi.bulk_user_unlocks ...' end # resource path - local_var_path = "/bulk/users" + local_var_path = '/bulk/user/unlocks' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'JobId' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'JobId') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_users_update\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_user_unlocks\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Get Job (incomplete) - # **This endpoint is not complete and should remain hidden as it's not functional yet.** - # @param id - # @param content_type - # @param accept + # Bulk Users Create + # The endpoint allows you to create a bulk job to asynchronously create users. See [Create a System User](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_post) for the full list of attributes. #### Default User State The `state` of each user in the request can be explicitly passed in or omitted. If `state` is omitted, then the user will get created using the value returned from the [Get an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organizations_get) endpoint. The default user state for bulk created users depends on the `creation-source` header. For `creation-source:jumpcloud:bulk` the default state is stored in `settings.newSystemUserStateDefaults.csvImport`. For other `creation-source` header values, the default state is stored in `settings.newSystemUserStateDefaults.applicationImport` These default state values can be changed in the admin portal settings or by using the [Update an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organization_put) endpoint. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ { \"name\":\"EmployeeID\", \"value\":\"0000\" }, { \"name\":\"Custom\", \"value\":\"attribute\" } ] } ]' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [JobDetails] - def jobs_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = jobs_get_with_http_info(id, content_type, accept, opts) - return data + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [String] :creation_source Defines the creation-source header for gapps, o365 and workdays requests. If the header isn't sent, the default value is `jumpcloud:bulk`, if you send the header with a malformed value you receive a 400 error. (default to jumpcloud:bulk) + # @return [JobId] + def bulk_users_create(opts = {}) + data, _status_code, _headers = bulk_users_create_with_http_info(opts) + data end - # Get Job (incomplete) - # **This endpoint is not complete and should remain hidden as it's not functional yet.** - # @param id - # @param content_type - # @param accept + # Bulk Users Create + # The endpoint allows you to create a bulk job to asynchronously create users. See [Create a System User](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_post) for the full list of attributes. #### Default User State The `state` of each user in the request can be explicitly passed in or omitted. If `state` is omitted, then the user will get created using the value returned from the [Get an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organizations_get) endpoint. The default user state for bulk created users depends on the `creation-source` header. For `creation-source:jumpcloud:bulk` the default state is stored in `settings.newSystemUserStateDefaults.csvImport`. For other `creation-source` header values, the default state is stored in `settings.newSystemUserStateDefaults.applicationImport` These default state values can be changed in the admin portal settings or by using the [Update an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organization_put) endpoint. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ { \"name\":\"EmployeeID\", \"value\":\"0000\" }, { \"name\":\"Custom\", \"value\":\"attribute\" } ] } ]' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(JobDetails, Fixnum, Hash)>] JobDetails data, response status code and response headers - def jobs_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [String] :creation_source Defines the creation-source header for gapps, o365 and workdays requests. If the header isn't sent, the default value is `jumpcloud:bulk`, if you send the header with a malformed value you receive a 400 error. + # @return [Array<(JobId, Integer, Hash)>] JobId data, response status code and response headers + def bulk_users_create_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: BulkJobRequestsApi.jobs_get ..." - end - # verify the required parameter 'id' is set - if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling BulkJobRequestsApi.jobs_get" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling BulkJobRequestsApi.jobs_get" + @api_client.config.logger.debug 'Calling API: BulkJobRequestsApi.bulk_users_create ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling BulkJobRequestsApi.jobs_get" + if @api_client.config.client_side_validation && opts[:'creation_source'] && !['jumpcloud:gapps', 'jumpcloud:o365', 'jumpcloud:workday', 'jumpcloud:scim', 'jumpcloud:bulk', 'jumpcloud:custom_integration'].include?(opts[:'creation_source']) + fail ArgumentError, 'invalid value for "creation_source", must be one of jumpcloud:gapps, jumpcloud:o365, jumpcloud:workday, jumpcloud:scim, jumpcloud:bulk, jumpcloud:custom_integration' end # resource path - local_var_path = "/jobs/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/bulk/users' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + header_params[:'creation-source'] = opts[:'creation_source'] if !opts[:'creation_source'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'JobId' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'JobDetails') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: BulkJobRequestsApi#jobs_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_users_create\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List Job Results - # This endpoint will return the results of particular import job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/jobs/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param id - # @param content_type - # @param accept + # List Bulk Users Results + # This endpoint will return the results of particular user import or update job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/bulk/users/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param job_id # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def jobs_results(id, content_type, accept, opts = {}) - data, _status_code, _headers = jobs_results_with_http_info(id, content_type, accept, opts) - return data + def bulk_users_create_results(job_id, opts = {}) + data, _status_code, _headers = bulk_users_create_results_with_http_info(job_id, opts) + data end - # List Job Results - # This endpoint will return the results of particular import job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/jobs/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param id - # @param content_type - # @param accept + # List Bulk Users Results + # This endpoint will return the results of particular user import or update job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/bulk/users/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param job_id # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def jobs_results_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def bulk_users_create_results_with_http_info(job_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: BulkJobRequestsApi.jobs_results ..." - end - # verify the required parameter 'id' is set - if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling BulkJobRequestsApi.jobs_results" + @api_client.config.logger.debug 'Calling API: BulkJobRequestsApi.bulk_users_create_results ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling BulkJobRequestsApi.jobs_results" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling BulkJobRequestsApi.jobs_results" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling BulkJobRequestsApi.jobs_results, must be greater than or equal to 0.' + # verify the required parameter 'job_id' is set + if @api_client.config.client_side_validation && job_id.nil? + fail ArgumentError, "Missing the required parameter 'job_id' when calling BulkJobRequestsApi.bulk_users_create_results" end - # resource path - local_var_path = "/jobs/{id}/results".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/bulk/users/{job_id}/results'.sub('{' + 'job_id' + '}', job_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_users_create_results\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Bulk Users Update + # The endpoint allows you to create a bulk job to asynchronously update users. See [Update a System User](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_put) for full list of attributes. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"department\":\"{UPDATED_DEPARTMENT}\", \"attributes\":[ {\"name\":\"Custom\",\"value\":\"{ATTRIBUTE_VALUE}\"} ] }, { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"costCenter\":\"{UPDATED_COST_CENTER}\", \"phoneNumbers\":[ {\"type\":\"home\",\"number\":\"{HOME_PHONE_NUMBER}\"}, {\"type\":\"work\",\"number\":\"{WORK_PHONE_NUMBER}\"} ] } ] ``` + # @param [Hash] opts the optional parameters + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [JobId] + def bulk_users_update(opts = {}) + data, _status_code, _headers = bulk_users_update_with_http_info(opts) + data + end + + # Bulk Users Update + # The endpoint allows you to create a bulk job to asynchronously update users. See [Update a System User](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_put) for full list of attributes. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"department\":\"{UPDATED_DEPARTMENT}\", \"attributes\":[ {\"name\":\"Custom\",\"value\":\"{ATTRIBUTE_VALUE}\"} ] }, { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"costCenter\":\"{UPDATED_COST_CENTER}\", \"phoneNumbers\":[ {\"type\":\"home\",\"number\":\"{HOME_PHONE_NUMBER}\"}, {\"type\":\"work\",\"number\":\"{WORK_PHONE_NUMBER}\"} ] } ] ``` + # @param [Hash] opts the optional parameters + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(JobId, Integer, Hash)>] JobId data, response status code and response headers + def bulk_users_update_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: BulkJobRequestsApi.bulk_users_update ...' + end + # resource path + local_var_path = '/bulk/users' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'JobId' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: BulkJobRequestsApi#jobs_results\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: BulkJobRequestsApi#bulk_users_update\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv2/lib/jcapiv2/api/command_results_api.rb b/jcapiv2/lib/jcapiv2/api/command_results_api.rb new file mode 100644 index 0000000..366ca8c --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/command_results_api.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class CommandResultsApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # List all Command Results by Workflow + # This endpoint returns all command results, grouped by workflowInstanceId. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commandresult/workflows \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [CommandResultList] + def commands_list_results_by_workflow(opts = {}) + data, _status_code, _headers = commands_list_results_by_workflow_with_http_info(opts) + data + end + + # List all Command Results by Workflow + # This endpoint returns all command results, grouped by workflowInstanceId. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commandresult/workflows \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(CommandResultList, Integer, Hash)>] CommandResultList data, response status code and response headers + def commands_list_results_by_workflow_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: CommandResultsApi.commands_list_results_by_workflow ...' + end + # resource path + local_var_path = '/commandresult/workflows' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'CommandResultList' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: CommandResultsApi#commands_list_results_by_workflow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/commands_api.rb b/jcapiv2/lib/jcapiv2/api/commands_api.rb index 248d107..2706b09 100644 --- a/jcapiv2/lib/jcapiv2/api/commands_api.rb +++ b/jcapiv2/lib/jcapiv2/api/commands_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class CommandsApi attr_accessor :api_client @@ -19,37 +16,159 @@ class CommandsApi def initialize(api_client = ApiClient.default) @api_client = api_client end + # Cancel all queued commands for an organization by workflow instance Id + # This endpoint allows all queued commands for one workflow instance to be canceled. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/commandqueue/{workflow_instance_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param workflow_instance_id Workflow instance Id of the queued commands to cancel. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def commands_cancel_queued_commands_by_workflow_instance_id(workflow_instance_id, opts = {}) + commands_cancel_queued_commands_by_workflow_instance_id_with_http_info(workflow_instance_id, opts) + nil + end + + # Cancel all queued commands for an organization by workflow instance Id + # This endpoint allows all queued commands for one workflow instance to be canceled. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/commandqueue/{workflow_instance_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param workflow_instance_id Workflow instance Id of the queued commands to cancel. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def commands_cancel_queued_commands_by_workflow_instance_id_with_http_info(workflow_instance_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: CommandsApi.commands_cancel_queued_commands_by_workflow_instance_id ...' + end + # verify the required parameter 'workflow_instance_id' is set + if @api_client.config.client_side_validation && workflow_instance_id.nil? + fail ArgumentError, "Missing the required parameter 'workflow_instance_id' when calling CommandsApi.commands_cancel_queued_commands_by_workflow_instance_id" + end + # resource path + local_var_path = '/commandqueue/{workflow_instance_id}'.sub('{' + 'workflow_instance_id' + '}', workflow_instance_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: CommandsApi#commands_cancel_queued_commands_by_workflow_instance_id\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Fetch the queued Commands for an Organization + # This endpoint will return all queued Commands for an Organization. Each element will contain the workflow ID, the command name, the launch type (e.g. manual, triggered, or scheduled), the target OS, the number of assigned devices, and the number of pending devices that have not yet ran the command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/queuedcommand/workflows \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :search The search string to query records + # @return [QueuedCommandList] + def commands_get_queued_commands_by_workflow(opts = {}) + data, _status_code, _headers = commands_get_queued_commands_by_workflow_with_http_info(opts) + data + end + + # Fetch the queued Commands for an Organization + # This endpoint will return all queued Commands for an Organization. Each element will contain the workflow ID, the command name, the launch type (e.g. manual, triggered, or scheduled), the target OS, the number of assigned devices, and the number of pending devices that have not yet ran the command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/queuedcommand/workflows \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :search The search string to query records + # @return [Array<(QueuedCommandList, Integer, Hash)>] QueuedCommandList data, response status code and response headers + def commands_get_queued_commands_by_workflow_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: CommandsApi.commands_get_queued_commands_by_workflow ...' + end + # resource path + local_var_path = '/queuedcommand/workflows' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'QueuedCommandList' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: CommandsApi#commands_get_queued_commands_by_workflow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # List the associations of a Command # This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"command\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_command_associations_list(command_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_command_associations_list_with_http_info(command_id, targets, content_type, accept, opts) - return data + def graph_command_associations_list(command_id, targets, opts = {}) + data, _status_code, _headers = graph_command_associations_list_with_http_info(command_id, targets, opts) + data end # List the associations of a Command - # This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"command\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_command_associations_list_with_http_info(command_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_command_associations_list_with_http_info(command_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandsApi.graph_command_associations_list ..." + @api_client.config.logger.debug 'Calling API: CommandsApi.graph_command_associations_list ...' end # verify the required parameter 'command_id' is set if @api_client.config.client_side_validation && command_id.nil? @@ -59,293 +178,235 @@ def graph_command_associations_list_with_http_info(command_id, targets, content_ if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling CommandsApi.graph_command_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandsApi.graph_command_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandsApi.graph_command_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling CommandsApi.graph_command_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/commands/{command_id}/associations".sub('{' + 'command_id' + '}', command_id.to_s) + local_var_path = '/commands/{command_id}/associations'.sub('{' + 'command_id' + '}', command_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandsApi#graph_command_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a Command - # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` + # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationCommand] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_command_associations_post(command_id, content_type, accept, opts = {}) - graph_command_associations_post_with_http_info(command_id, content_type, accept, opts) - return nil + def graph_command_associations_post(command_id, opts = {}) + graph_command_associations_post_with_http_info(command_id, opts) + nil end # Manage the associations of a Command - # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` + # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_command_associations_post_with_http_info(command_id, content_type, accept, opts = {}) + # @option opts [GraphOperationCommand] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_command_associations_post_with_http_info(command_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandsApi.graph_command_associations_post ..." + @api_client.config.logger.debug 'Calling API: CommandsApi.graph_command_associations_post ...' end # verify the required parameter 'command_id' is set if @api_client.config.client_side_validation && command_id.nil? fail ArgumentError, "Missing the required parameter 'command_id' when calling CommandsApi.graph_command_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandsApi.graph_command_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandsApi.graph_command_associations_post" - end # resource path - local_var_path = "/commands/{command_id}/associations".sub('{' + 'command_id' + '}', command_id.to_s) + local_var_path = '/commands/{command_id}/associations'.sub('{' + 'command_id' + '}', command_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandsApi#graph_command_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Systems bound to a Command # This endpoint will return all Systems bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systems \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_command_traverse_system(command_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_command_traverse_system_with_http_info(command_id, content_type, accept, opts) - return data + def graph_command_traverse_system(command_id, opts = {}) + data, _status_code, _headers = graph_command_traverse_system_with_http_info(command_id, opts) + data end # List the Systems bound to a Command - # This endpoint will return all Systems bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systems \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systems \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_command_traverse_system_with_http_info(command_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_command_traverse_system_with_http_info(command_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandsApi.graph_command_traverse_system ..." + @api_client.config.logger.debug 'Calling API: CommandsApi.graph_command_traverse_system ...' end # verify the required parameter 'command_id' is set if @api_client.config.client_side_validation && command_id.nil? fail ArgumentError, "Missing the required parameter 'command_id' when calling CommandsApi.graph_command_traverse_system" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandsApi.graph_command_traverse_system" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandsApi.graph_command_traverse_system" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling CommandsApi.graph_command_traverse_system, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/commands/{command_id}/systems".sub('{' + 'command_id' + '}', command_id.to_s) + local_var_path = '/commands/{command_id}/systems'.sub('{' + 'command_id' + '}', command_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandsApi#graph_command_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the System Groups bound to a Command # This endpoint will return all System Groups bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systemgroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_command_traverse_system_group(command_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_command_traverse_system_group_with_http_info(command_id, content_type, accept, opts) - return data + def graph_command_traverse_system_group(command_id, opts = {}) + data, _status_code, _headers = graph_command_traverse_system_group_with_http_info(command_id, opts) + data end # List the System Groups bound to a Command - # This endpoint will return all System Groups bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systemgroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systemgroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_command_traverse_system_group_with_http_info(command_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_command_traverse_system_group_with_http_info(command_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: CommandsApi.graph_command_traverse_system_group ..." + @api_client.config.logger.debug 'Calling API: CommandsApi.graph_command_traverse_system_group ...' end # verify the required parameter 'command_id' is set if @api_client.config.client_side_validation && command_id.nil? fail ArgumentError, "Missing the required parameter 'command_id' when calling CommandsApi.graph_command_traverse_system_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling CommandsApi.graph_command_traverse_system_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling CommandsApi.graph_command_traverse_system_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling CommandsApi.graph_command_traverse_system_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/commands/{command_id}/systemgroups".sub('{' + 'command_id' + '}', command_id.to_s) + local_var_path = '/commands/{command_id}/systemgroups'.sub('{' + 'command_id' + '}', command_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: CommandsApi#graph_command_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/custom_emails_api.rb b/jcapiv2/lib/jcapiv2/api/custom_emails_api.rb new file mode 100644 index 0000000..0f074f1 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/custom_emails_api.rb @@ -0,0 +1,308 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class CustomEmailsApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Create custom email configuration + # Create the custom email configuration for the specified custom email type. This action is only available to paying customers. + # @param [Hash] opts the optional parameters + # @option opts [CustomEmail] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [CustomEmail] + def custom_emails_create(opts = {}) + data, _status_code, _headers = custom_emails_create_with_http_info(opts) + data + end + + # Create custom email configuration + # Create the custom email configuration for the specified custom email type. This action is only available to paying customers. + # @param [Hash] opts the optional parameters + # @option opts [CustomEmail] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(CustomEmail, Integer, Hash)>] CustomEmail data, response status code and response headers + def custom_emails_create_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: CustomEmailsApi.custom_emails_create ...' + end + # resource path + local_var_path = '/customemails' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'CustomEmail' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: CustomEmailsApi#custom_emails_create\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete custom email configuration + # Delete the custom email configuration for the specified custom email type + # @param custom_email_type + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def custom_emails_destroy(custom_email_type, opts = {}) + custom_emails_destroy_with_http_info(custom_email_type, opts) + nil + end + + # Delete custom email configuration + # Delete the custom email configuration for the specified custom email type + # @param custom_email_type + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def custom_emails_destroy_with_http_info(custom_email_type, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: CustomEmailsApi.custom_emails_destroy ...' + end + # verify the required parameter 'custom_email_type' is set + if @api_client.config.client_side_validation && custom_email_type.nil? + fail ArgumentError, "Missing the required parameter 'custom_email_type' when calling CustomEmailsApi.custom_emails_destroy" + end + # resource path + local_var_path = '/customemails/{custom_email_type}'.sub('{' + 'custom_email_type' + '}', custom_email_type.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: CustomEmailsApi#custom_emails_destroy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List custom email templates + # Get the list of custom email templates + # @param [Hash] opts the optional parameters + # @return [Array] + def custom_emails_get_templates(opts = {}) + data, _status_code, _headers = custom_emails_get_templates_with_http_info(opts) + data + end + + # List custom email templates + # Get the list of custom email templates + # @param [Hash] opts the optional parameters + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def custom_emails_get_templates_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: CustomEmailsApi.custom_emails_get_templates ...' + end + # resource path + local_var_path = '/customemail/templates' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: CustomEmailsApi#custom_emails_get_templates\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get custom email configuration + # Get the custom email configuration for the specified custom email type + # @param custom_email_type + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [CustomEmail] + def custom_emails_read(custom_email_type, opts = {}) + data, _status_code, _headers = custom_emails_read_with_http_info(custom_email_type, opts) + data + end + + # Get custom email configuration + # Get the custom email configuration for the specified custom email type + # @param custom_email_type + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(CustomEmail, Integer, Hash)>] CustomEmail data, response status code and response headers + def custom_emails_read_with_http_info(custom_email_type, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: CustomEmailsApi.custom_emails_read ...' + end + # verify the required parameter 'custom_email_type' is set + if @api_client.config.client_side_validation && custom_email_type.nil? + fail ArgumentError, "Missing the required parameter 'custom_email_type' when calling CustomEmailsApi.custom_emails_read" + end + # resource path + local_var_path = '/customemails/{custom_email_type}'.sub('{' + 'custom_email_type' + '}', custom_email_type.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'CustomEmail' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: CustomEmailsApi#custom_emails_read\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update custom email configuration + # Update the custom email configuration for the specified custom email type. This action is only available to paying customers. + # @param custom_email_type + # @param [Hash] opts the optional parameters + # @option opts [CustomEmail] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [CustomEmail] + def custom_emails_update(custom_email_type, opts = {}) + data, _status_code, _headers = custom_emails_update_with_http_info(custom_email_type, opts) + data + end + + # Update custom email configuration + # Update the custom email configuration for the specified custom email type. This action is only available to paying customers. + # @param custom_email_type + # @param [Hash] opts the optional parameters + # @option opts [CustomEmail] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(CustomEmail, Integer, Hash)>] CustomEmail data, response status code and response headers + def custom_emails_update_with_http_info(custom_email_type, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: CustomEmailsApi.custom_emails_update ...' + end + # verify the required parameter 'custom_email_type' is set + if @api_client.config.client_side_validation && custom_email_type.nil? + fail ArgumentError, "Missing the required parameter 'custom_email_type' when calling CustomEmailsApi.custom_emails_update" + end + # resource path + local_var_path = '/customemails/{custom_email_type}'.sub('{' + 'custom_email_type' + '}', custom_email_type.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'CustomEmail' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: CustomEmailsApi#custom_emails_update\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/default_api.rb b/jcapiv2/lib/jcapiv2/api/default_api.rb deleted file mode 100644 index 1bf01dd..0000000 --- a/jcapiv2/lib/jcapiv2/api/default_api.rb +++ /dev/null @@ -1,309 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require "uri" - -module JCAPIv2 - class DefaultApi - attr_accessor :api_client - - def initialize(api_client = ApiClient.default) - @api_client = api_client - end - - # Delete Enrollment Profile - # - # @param enrollment_profile_id - # @param [Hash] opts the optional parameters - # @return [JcEnrollmentProfile] - def jc_enrollment_profiles_delete(enrollment_profile_id, opts = {}) - data, _status_code, _headers = jc_enrollment_profiles_delete_with_http_info(enrollment_profile_id, opts) - return data - end - - # Delete Enrollment Profile - # - # @param enrollment_profile_id - # @param [Hash] opts the optional parameters - # @return [Array<(JcEnrollmentProfile, Fixnum, Hash)>] JcEnrollmentProfile data, response status code and response headers - def jc_enrollment_profiles_delete_with_http_info(enrollment_profile_id, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DefaultApi.jc_enrollment_profiles_delete ..." - end - # verify the required parameter 'enrollment_profile_id' is set - if @api_client.config.client_side_validation && enrollment_profile_id.nil? - fail ArgumentError, "Missing the required parameter 'enrollment_profile_id' when calling DefaultApi.jc_enrollment_profiles_delete" - end - # resource path - local_var_path = "/enrollmentprofiles/{enrollment_profile_id}".sub('{' + 'enrollment_profile_id' + '}', enrollment_profile_id.to_s) - - # query parameters - query_params = {} - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'JcEnrollmentProfile') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: DefaultApi#jc_enrollment_profiles_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - - # Get Enrollment Profile - # - # @param enrollment_profile_id - # @param [Hash] opts the optional parameters - # @option opts [JcEnrollmentProfile] :body - # @return [nil] - def jc_enrollment_profiles_get(enrollment_profile_id, opts = {}) - jc_enrollment_profiles_get_with_http_info(enrollment_profile_id, opts) - return nil - end - - # Get Enrollment Profile - # - # @param enrollment_profile_id - # @param [Hash] opts the optional parameters - # @option opts [JcEnrollmentProfile] :body - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def jc_enrollment_profiles_get_with_http_info(enrollment_profile_id, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DefaultApi.jc_enrollment_profiles_get ..." - end - # verify the required parameter 'enrollment_profile_id' is set - if @api_client.config.client_side_validation && enrollment_profile_id.nil? - fail ArgumentError, "Missing the required parameter 'enrollment_profile_id' when calling DefaultApi.jc_enrollment_profiles_get" - end - # resource path - local_var_path = "/enrollmentprofiles/{enrollment_profile_id}".sub('{' + 'enrollment_profile_id' + '}', enrollment_profile_id.to_s) - - # query parameters - query_params = {} - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - - # form parameters - form_params = {} - - # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names) - if @api_client.config.debugging - @api_client.config.logger.debug "API called: DefaultApi#jc_enrollment_profiles_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - - # List Enrollment Profiles - # - # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @return [Array] - def jc_enrollment_profiles_list(opts = {}) - data, _status_code, _headers = jc_enrollment_profiles_list_with_http_info(opts) - return data - end - - # List Enrollment Profiles - # - # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [Integer] :skip The offset into the records to return. - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def jc_enrollment_profiles_list_with_http_info(opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DefaultApi.jc_enrollment_profiles_list ..." - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling DefaultApi.jc_enrollment_profiles_list, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling DefaultApi.jc_enrollment_profiles_list, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling DefaultApi.jc_enrollment_profiles_list, must be greater than or equal to 0.' - end - - # resource path - local_var_path = "/enrollmentprofiles" - - # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'Array') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: DefaultApi#jc_enrollment_profiles_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - - # Create new Enrollment Profile - # - # @param [Hash] opts the optional parameters - # @option opts [Body1] :body - # @return [JcEnrollmentProfile] - def jc_enrollment_profiles_post(opts = {}) - data, _status_code, _headers = jc_enrollment_profiles_post_with_http_info(opts) - return data - end - - # Create new Enrollment Profile - # - # @param [Hash] opts the optional parameters - # @option opts [Body1] :body - # @return [Array<(JcEnrollmentProfile, Fixnum, Hash)>] JcEnrollmentProfile data, response status code and response headers - def jc_enrollment_profiles_post_with_http_info(opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DefaultApi.jc_enrollment_profiles_post ..." - end - # resource path - local_var_path = "/enrollmentprofiles" - - # query parameters - query_params = {} - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - - # form parameters - form_params = {} - - # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:POST, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'JcEnrollmentProfile') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: DefaultApi#jc_enrollment_profiles_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - - # Update Enrollment Profile - # - # @param enrollment_profile_id - # @param [Hash] opts the optional parameters - # @option opts [Body2] :body - # @return [JcEnrollmentProfile] - def jc_enrollment_profiles_put(enrollment_profile_id, opts = {}) - data, _status_code, _headers = jc_enrollment_profiles_put_with_http_info(enrollment_profile_id, opts) - return data - end - - # Update Enrollment Profile - # - # @param enrollment_profile_id - # @param [Hash] opts the optional parameters - # @option opts [Body2] :body - # @return [Array<(JcEnrollmentProfile, Fixnum, Hash)>] JcEnrollmentProfile data, response status code and response headers - def jc_enrollment_profiles_put_with_http_info(enrollment_profile_id, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DefaultApi.jc_enrollment_profiles_put ..." - end - # verify the required parameter 'enrollment_profile_id' is set - if @api_client.config.client_side_validation && enrollment_profile_id.nil? - fail ArgumentError, "Missing the required parameter 'enrollment_profile_id' when calling DefaultApi.jc_enrollment_profiles_put" - end - # resource path - local_var_path = "/enrollmentprofiles/{enrollment_profile_id}".sub('{' + 'enrollment_profile_id' + '}', enrollment_profile_id.to_s) - - # query parameters - query_params = {} - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - - # form parameters - form_params = {} - - # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PUT, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'JcEnrollmentProfile') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: DefaultApi#jc_enrollment_profiles_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - end -end diff --git a/jcapiv2/lib/jcapiv2/api/directories_api.rb b/jcapiv2/lib/jcapiv2/api/directories_api.rb index 50efb1f..b1778e5 100644 --- a/jcapiv2/lib/jcapiv2/api/directories_api.rb +++ b/jcapiv2/lib/jcapiv2/api/directories_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class DirectoriesApi attr_accessor :api_client @@ -19,83 +16,66 @@ class DirectoriesApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List All Directories # This endpoint returns all active directories (LDAP, O365 Suite, G-Suite). #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def directories_list(content_type, accept, opts = {}) - data, _status_code, _headers = directories_list_with_http_info(content_type, accept, opts) - return data + def directories_list(opts = {}) + data, _status_code, _headers = directories_list_with_http_info(opts) + data end # List All Directories - # This endpoint returns all active directories (LDAP, O365 Suite, G-Suite). #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all active directories (LDAP, O365 Suite, G-Suite). #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def directories_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def directories_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DirectoriesApi.directories_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling DirectoriesApi.directories_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling DirectoriesApi.directories_list" + @api_client.config.logger.debug 'Calling API: DirectoriesApi.directories_list ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling DirectoriesApi.directories_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/directories" + local_var_path = '/directories' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: DirectoriesApi#directories_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/duo_api.rb b/jcapiv2/lib/jcapiv2/api/duo_api.rb index f9729ea..d58d4ca 100644 --- a/jcapiv2/lib/jcapiv2/api/duo_api.rb +++ b/jcapiv2/lib/jcapiv2/api/duo_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class DuoApi attr_accessor :api_client @@ -19,309 +16,252 @@ class DuoApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Delete a Duo Account # Removes the specified Duo account, an error will be returned if the account has some Duo application used in a protected resource. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/duo/accounts/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Duo Account - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoAccount] - def duo_account_delete(id, content_type, accept, opts = {}) - data, _status_code, _headers = duo_account_delete_with_http_info(id, content_type, accept, opts) - return data + def duo_account_delete(id, opts = {}) + data, _status_code, _headers = duo_account_delete_with_http_info(id, opts) + data end # Delete a Duo Account - # Removes the specified Duo account, an error will be returned if the account has some Duo application used in a protected resource. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/duo/accounts/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Removes the specified Duo account, an error will be returned if the account has some Duo application used in a protected resource. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/duo/accounts/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Duo Account - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(DuoAccount, Fixnum, Hash)>] DuoAccount data, response status code and response headers - def duo_account_delete_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(DuoAccount, Integer, Hash)>] DuoAccount data, response status code and response headers + def duo_account_delete_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DuoApi.duo_account_delete ..." + @api_client.config.logger.debug 'Calling API: DuoApi.duo_account_delete ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling DuoApi.duo_account_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling DuoApi.duo_account_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling DuoApi.duo_account_delete" - end # resource path - local_var_path = "/duo/accounts/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/duo/accounts/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'DuoAccount' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'DuoAccount') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: DuoApi#duo_account_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get a Duo Acount # This endpoint returns a specific Duo account. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Duo Account - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoAccount] - def duo_account_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = duo_account_get_with_http_info(id, content_type, accept, opts) - return data + def duo_account_get(id, opts = {}) + data, _status_code, _headers = duo_account_get_with_http_info(id, opts) + data end # Get a Duo Acount - # This endpoint returns a specific Duo account. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific Duo account. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Duo Account - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(DuoAccount, Fixnum, Hash)>] DuoAccount data, response status code and response headers - def duo_account_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(DuoAccount, Integer, Hash)>] DuoAccount data, response status code and response headers + def duo_account_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DuoApi.duo_account_get ..." + @api_client.config.logger.debug 'Calling API: DuoApi.duo_account_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling DuoApi.duo_account_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling DuoApi.duo_account_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling DuoApi.duo_account_get" - end # resource path - local_var_path = "/duo/accounts/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/duo/accounts/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'DuoAccount' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'DuoAccount') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: DuoApi#duo_account_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List Duo Acounts + # List Duo Accounts # This endpoint returns all the Duo accounts for your organization. Note: There can currently only be one Duo account for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def duo_account_list(content_type, accept, opts = {}) - data, _status_code, _headers = duo_account_list_with_http_info(content_type, accept, opts) - return data + def duo_account_list(opts = {}) + data, _status_code, _headers = duo_account_list_with_http_info(opts) + data end - # List Duo Acounts - # This endpoint returns all the Duo accounts for your organization. Note: There can currently only be one Duo account for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # List Duo Accounts + # This endpoint returns all the Duo accounts for your organization. Note: There can currently only be one Duo account for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def duo_account_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def duo_account_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DuoApi.duo_account_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling DuoApi.duo_account_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling DuoApi.duo_account_list" + @api_client.config.logger.debug 'Calling API: DuoApi.duo_account_list ...' end # resource path - local_var_path = "/duo/accounts" + local_var_path = '/duo/accounts' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: DuoApi#duo_account_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create Duo Account # Registers a Duo account for an organization. Only one Duo account will be allowed, in case an organization has a Duo account already a 409 (Conflict) code will be returned. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoAccount] - def duo_account_post(content_type, accept, opts = {}) - data, _status_code, _headers = duo_account_post_with_http_info(content_type, accept, opts) - return data + def duo_account_post(opts = {}) + data, _status_code, _headers = duo_account_post_with_http_info(opts) + data end # Create Duo Account - # Registers a Duo account for an organization. Only one Duo account will be allowed, in case an organization has a Duo account already a 409 (Conflict) code will be returned. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` - # @param content_type - # @param accept + # Registers a Duo account for an organization. Only one Duo account will be allowed, in case an organization has a Duo account already a 409 (Conflict) code will be returned. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(DuoAccount, Fixnum, Hash)>] DuoAccount data, response status code and response headers - def duo_account_post_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(DuoAccount, Integer, Hash)>] DuoAccount data, response status code and response headers + def duo_account_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DuoApi.duo_account_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling DuoApi.duo_account_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling DuoApi.duo_account_post" + @api_client.config.logger.debug 'Calling API: DuoApi.duo_account_post ...' end # resource path - local_var_path = "/duo/accounts" + local_var_path = '/duo/accounts' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'DuoAccount' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'DuoAccount') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: DuoApi#duo_account_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Delete a Duo Application # Deletes the specified Duo application, an error will be returned if the application is used in a protected resource. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}'' ``` # @param account_id # @param application_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoApplication] - def duo_application_delete(account_id, application_id, content_type, accept, opts = {}) - data, _status_code, _headers = duo_application_delete_with_http_info(account_id, application_id, content_type, accept, opts) - return data + def duo_application_delete(account_id, application_id, opts = {}) + data, _status_code, _headers = duo_application_delete_with_http_info(account_id, application_id, opts) + data end # Delete a Duo Application - # Deletes the specified Duo application, an error will be returned if the application is used in a protected resource. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}'' ``` + # Deletes the specified Duo application, an error will be returned if the application is used in a protected resource. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}'' ``` # @param account_id # @param application_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(DuoApplication, Fixnum, Hash)>] DuoApplication data, response status code and response headers - def duo_application_delete_with_http_info(account_id, application_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(DuoApplication, Integer, Hash)>] DuoApplication data, response status code and response headers + def duo_application_delete_with_http_info(account_id, application_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DuoApi.duo_application_delete ..." + @api_client.config.logger.debug 'Calling API: DuoApi.duo_application_delete ...' end # verify the required parameter 'account_id' is set if @api_client.config.client_side_validation && account_id.nil? @@ -331,75 +271,62 @@ def duo_application_delete_with_http_info(account_id, application_id, content_ty if @api_client.config.client_side_validation && application_id.nil? fail ArgumentError, "Missing the required parameter 'application_id' when calling DuoApi.duo_application_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling DuoApi.duo_application_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling DuoApi.duo_application_delete" - end # resource path - local_var_path = "/duo/accounts/{account_id}/applications/{application_id}".sub('{' + 'account_id' + '}', account_id.to_s).sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/duo/accounts/{account_id}/applications/{application_id}'.sub('{' + 'account_id' + '}', account_id.to_s).sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'DuoApplication' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'DuoApplication') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: DuoApi#duo_application_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get a Duo application # This endpoint returns a specific Duo application that is associated with the specified Duo account. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param account_id # @param application_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoApplication] - def duo_application_get(account_id, application_id, content_type, accept, opts = {}) - data, _status_code, _headers = duo_application_get_with_http_info(account_id, application_id, content_type, accept, opts) - return data + def duo_application_get(account_id, application_id, opts = {}) + data, _status_code, _headers = duo_application_get_with_http_info(account_id, application_id, opts) + data end # Get a Duo application - # This endpoint returns a specific Duo application that is associated with the specified Duo account. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific Duo application that is associated with the specified Duo account. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param account_id # @param application_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(DuoApplication, Fixnum, Hash)>] DuoApplication data, response status code and response headers - def duo_application_get_with_http_info(account_id, application_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(DuoApplication, Integer, Hash)>] DuoApplication data, response status code and response headers + def duo_application_get_with_http_info(account_id, application_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DuoApi.duo_application_get ..." + @api_client.config.logger.debug 'Calling API: DuoApi.duo_application_get ...' end # verify the required parameter 'account_id' is set if @api_client.config.client_side_validation && account_id.nil? @@ -409,223 +336,186 @@ def duo_application_get_with_http_info(account_id, application_id, content_type, if @api_client.config.client_side_validation && application_id.nil? fail ArgumentError, "Missing the required parameter 'application_id' when calling DuoApi.duo_application_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling DuoApi.duo_application_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling DuoApi.duo_application_get" - end # resource path - local_var_path = "/duo/accounts/{account_id}/applications/{application_id}".sub('{' + 'account_id' + '}', account_id.to_s).sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/duo/accounts/{account_id}/applications/{application_id}'.sub('{' + 'account_id' + '}', account_id.to_s).sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'DuoApplication' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'DuoApplication') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: DuoApi#duo_application_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List Duo Applications # This endpoint returns all the Duo applications for the specified Duo account. Note: There can currently only be one Duo application for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param account_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def duo_application_list(account_id, content_type, accept, opts = {}) - data, _status_code, _headers = duo_application_list_with_http_info(account_id, content_type, accept, opts) - return data + def duo_application_list(account_id, opts = {}) + data, _status_code, _headers = duo_application_list_with_http_info(account_id, opts) + data end # List Duo Applications - # This endpoint returns all the Duo applications for the specified Duo account. Note: There can currently only be one Duo application for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all the Duo applications for the specified Duo account. Note: There can currently only be one Duo application for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param account_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def duo_application_list_with_http_info(account_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def duo_application_list_with_http_info(account_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DuoApi.duo_application_list ..." + @api_client.config.logger.debug 'Calling API: DuoApi.duo_application_list ...' end # verify the required parameter 'account_id' is set if @api_client.config.client_side_validation && account_id.nil? fail ArgumentError, "Missing the required parameter 'account_id' when calling DuoApi.duo_application_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling DuoApi.duo_application_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling DuoApi.duo_application_list" - end # resource path - local_var_path = "/duo/accounts/{account_id}/applications".sub('{' + 'account_id' + '}', account_id.to_s) + local_var_path = '/duo/accounts/{account_id}/applications'.sub('{' + 'account_id' + '}', account_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: DuoApi#duo_application_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create Duo Application # Creates a Duo application for your organization and the specified account. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Application Name\", \"apiHost\": \"api-1234.duosecurity.com\", \"integrationKey\": \"1234\", \"secretKey\": \"5678\" }' ``` # @param account_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [DuoApplicationReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoApplication] - def duo_application_post(account_id, content_type, accept, opts = {}) - data, _status_code, _headers = duo_application_post_with_http_info(account_id, content_type, accept, opts) - return data + def duo_application_post(account_id, opts = {}) + data, _status_code, _headers = duo_application_post_with_http_info(account_id, opts) + data end # Create Duo Application - # Creates a Duo application for your organization and the specified account. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Application Name\", \"apiHost\": \"api-1234.duosecurity.com\", \"integrationKey\": \"1234\", \"secretKey\": \"5678\" }' ``` + # Creates a Duo application for your organization and the specified account. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Application Name\", \"apiHost\": \"api-1234.duosecurity.com\", \"integrationKey\": \"1234\", \"secretKey\": \"5678\" }' ``` # @param account_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [DuoApplicationReq] :body - # @option opts [String] :x_org_id - # @return [Array<(DuoApplication, Fixnum, Hash)>] DuoApplication data, response status code and response headers - def duo_application_post_with_http_info(account_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(DuoApplication, Integer, Hash)>] DuoApplication data, response status code and response headers + def duo_application_post_with_http_info(account_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DuoApi.duo_application_post ..." + @api_client.config.logger.debug 'Calling API: DuoApi.duo_application_post ...' end # verify the required parameter 'account_id' is set if @api_client.config.client_side_validation && account_id.nil? fail ArgumentError, "Missing the required parameter 'account_id' when calling DuoApi.duo_application_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling DuoApi.duo_application_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling DuoApi.duo_application_post" - end # resource path - local_var_path = "/duo/accounts/{account_id}/applications".sub('{' + 'account_id' + '}', account_id.to_s) + local_var_path = '/duo/accounts/{account_id}/applications'.sub('{' + 'account_id' + '}', account_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'DuoApplication' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'DuoApplication') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: DuoApi#duo_application_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Update Duo Application # Updates the specified Duo application. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Application Name\", \"apiHost\": \"api-1234.duosecurity.com\", \"integrationKey\": \"1234\", \"secretKey\": \"5678\" }' ``` # @param account_id # @param application_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [DuoApplicationUpdateReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoApplication] - def duo_application_update(account_id, application_id, content_type, accept, opts = {}) - data, _status_code, _headers = duo_application_update_with_http_info(account_id, application_id, content_type, accept, opts) - return data + def duo_application_update(account_id, application_id, opts = {}) + data, _status_code, _headers = duo_application_update_with_http_info(account_id, application_id, opts) + data end # Update Duo Application - # Updates the specified Duo application. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Application Name\", \"apiHost\": \"api-1234.duosecurity.com\", \"integrationKey\": \"1234\", \"secretKey\": \"5678\" }' ``` + # Updates the specified Duo application. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Application Name\", \"apiHost\": \"api-1234.duosecurity.com\", \"integrationKey\": \"1234\", \"secretKey\": \"5678\" }' ``` # @param account_id # @param application_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [DuoApplicationUpdateReq] :body - # @option opts [String] :x_org_id - # @return [Array<(DuoApplication, Fixnum, Hash)>] DuoApplication data, response status code and response headers - def duo_application_update_with_http_info(account_id, application_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(DuoApplication, Integer, Hash)>] DuoApplication data, response status code and response headers + def duo_application_update_with_http_info(account_id, application_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: DuoApi.duo_application_update ..." + @api_client.config.logger.debug 'Calling API: DuoApi.duo_application_update ...' end # verify the required parameter 'account_id' is set if @api_client.config.client_side_validation && account_id.nil? @@ -635,43 +525,37 @@ def duo_application_update_with_http_info(account_id, application_id, content_ty if @api_client.config.client_side_validation && application_id.nil? fail ArgumentError, "Missing the required parameter 'application_id' when calling DuoApi.duo_application_update" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling DuoApi.duo_application_update" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling DuoApi.duo_application_update" - end # resource path - local_var_path = "/duo/accounts/{account_id}/applications/{application_id}".sub('{' + 'account_id' + '}', account_id.to_s).sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/duo/accounts/{account_id}/applications/{application_id}'.sub('{' + 'account_id' + '}', account_id.to_s).sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'DuoApplication' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'DuoApplication') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: DuoApi#duo_application_update\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/fde_api.rb b/jcapiv2/lib/jcapiv2/api/fde_api.rb index 9bf1afd..0be7720 100644 --- a/jcapiv2/lib/jcapiv2/api/fde_api.rb +++ b/jcapiv2/lib/jcapiv2/api/fde_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class FdeApi attr_accessor :api_client @@ -19,59 +16,60 @@ class FdeApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Get System FDE Key # This endpoint will return the current (latest) fde key saved for a system. # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Systemfdekey] def systems_get_fde_key(system_id, opts = {}) data, _status_code, _headers = systems_get_fde_key_with_http_info(system_id, opts) - return data + data end # Get System FDE Key # This endpoint will return the current (latest) fde key saved for a system. # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(Systemfdekey, Fixnum, Hash)>] Systemfdekey data, response status code and response headers + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Systemfdekey, Integer, Hash)>] Systemfdekey data, response status code and response headers def systems_get_fde_key_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: FdeApi.systems_get_fde_key ..." + @api_client.config.logger.debug 'Calling API: FdeApi.systems_get_fde_key ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling FdeApi.systems_get_fde_key" end # resource path - local_var_path = "/systems/{system_id}/fdekey".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/fdekey'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Systemfdekey' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemfdekey') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: FdeApi#systems_get_fde_key\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/feature_trials_api.rb b/jcapiv2/lib/jcapiv2/api/feature_trials_api.rb new file mode 100644 index 0000000..c60f780 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/feature_trials_api.rb @@ -0,0 +1,76 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class FeatureTrialsApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Check current feature trial usage for a specific feature + # This endpoint get's the current state of a feature trial for an org. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.local/api/v2/featureTrials/zeroTrust \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param feature_code + # @param [Hash] opts the optional parameters + # @return [FeatureTrialData] + def feature_trials_get_feature_trials(feature_code, opts = {}) + data, _status_code, _headers = feature_trials_get_feature_trials_with_http_info(feature_code, opts) + data + end + + # Check current feature trial usage for a specific feature + # This endpoint get's the current state of a feature trial for an org. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.local/api/v2/featureTrials/zeroTrust \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param feature_code + # @param [Hash] opts the optional parameters + # @return [Array<(FeatureTrialData, Integer, Hash)>] FeatureTrialData data, response status code and response headers + def feature_trials_get_feature_trials_with_http_info(feature_code, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: FeatureTrialsApi.feature_trials_get_feature_trials ...' + end + # verify the required parameter 'feature_code' is set + if @api_client.config.client_side_validation && feature_code.nil? + fail ArgumentError, "Missing the required parameter 'feature_code' when calling FeatureTrialsApi.feature_trials_get_feature_trials" + end + # resource path + local_var_path = '/featureTrials/{feature_code}'.sub('{' + 'feature_code' + '}', feature_code.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'FeatureTrialData' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: FeatureTrialsApi#feature_trials_get_feature_trials\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/g_suite_api.rb b/jcapiv2/lib/jcapiv2/api/g_suite_api.rb index 335d783..8c99154 100644 --- a/jcapiv2/lib/jcapiv2/api/g_suite_api.rb +++ b/jcapiv2/lib/jcapiv2/api/g_suite_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class GSuiteApi attr_accessor :api_client @@ -19,37 +16,215 @@ class GSuiteApi def initialize(api_client = ApiClient.default) @api_client = api_client end + # Delete a domain from a Google Workspace integration instance + # Delete a domain from a specific Google Workspace directory sync integration instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains/{domainId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param gsuite_id Id for the specific Google Workspace directory sync integration instance. + # @param domain_id Id for the domain. + # @param [Hash] opts the optional parameters + # @return [JumpcloudGappsDomainResponse] + def gapps_domains_delete(gsuite_id, domain_id, opts = {}) + data, _status_code, _headers = gapps_domains_delete_with_http_info(gsuite_id, domain_id, opts) + data + end + + # Delete a domain from a Google Workspace integration instance + # Delete a domain from a specific Google Workspace directory sync integration instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains/{domainId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param gsuite_id Id for the specific Google Workspace directory sync integration instance. + # @param domain_id Id for the domain. + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGappsDomainResponse, Integer, Hash)>] JumpcloudGappsDomainResponse data, response status code and response headers + def gapps_domains_delete_with_http_info(gsuite_id, domain_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GSuiteApi.gapps_domains_delete ...' + end + # verify the required parameter 'gsuite_id' is set + if @api_client.config.client_side_validation && gsuite_id.nil? + fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteApi.gapps_domains_delete" + end + # verify the required parameter 'domain_id' is set + if @api_client.config.client_side_validation && domain_id.nil? + fail ArgumentError, "Missing the required parameter 'domain_id' when calling GSuiteApi.gapps_domains_delete" + end + # resource path + local_var_path = '/gsuites/{gsuite_id}/domains/{domainId}'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s).sub('{' + 'domainId' + '}', domain_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'JumpcloudGappsDomainResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GSuiteApi#gapps_domains_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Add a domain to a Google Workspace integration instance + # Add a domain to a specific Google Workspace directory sync integration instance. The domain must be a verified domain in Google Workspace. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"domain\": \"{domain name}\"}' ``` + # @param gsuite_id Id for the specific Google Workspace directory sync integration instance. + # @param [Hash] opts the optional parameters + # @option opts [String] :domain + # @return [JumpcloudGappsDomainResponse] + def gapps_domains_insert(gsuite_id, opts = {}) + data, _status_code, _headers = gapps_domains_insert_with_http_info(gsuite_id, opts) + data + end + + # Add a domain to a Google Workspace integration instance + # Add a domain to a specific Google Workspace directory sync integration instance. The domain must be a verified domain in Google Workspace. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"domain\": \"{domain name}\"}' ``` + # @param gsuite_id Id for the specific Google Workspace directory sync integration instance. + # @param [Hash] opts the optional parameters + # @option opts [String] :domain + # @return [Array<(JumpcloudGappsDomainResponse, Integer, Hash)>] JumpcloudGappsDomainResponse data, response status code and response headers + def gapps_domains_insert_with_http_info(gsuite_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GSuiteApi.gapps_domains_insert ...' + end + # verify the required parameter 'gsuite_id' is set + if @api_client.config.client_side_validation && gsuite_id.nil? + fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteApi.gapps_domains_insert" + end + # resource path + local_var_path = '/gsuites/{gsuite_id}/domains'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'domain'] = opts[:'domain'] if !opts[:'domain'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'JumpcloudGappsDomainResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GSuiteApi#gapps_domains_insert\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List all domains configured for the Google Workspace integration instance + # List the domains configured for a specific Google Workspace directory sync integration instance. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param gsuite_id Id for the specific Google Workspace directory sync integration instance.. + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. (default to 100) + # @option opts [String] :skip The offset into the records to return. (default to 0) + # @return [JumpcloudGappsDomainListResponse] + def gapps_domains_list(gsuite_id, opts = {}) + data, _status_code, _headers = gapps_domains_list_with_http_info(gsuite_id, opts) + data + end + # List all domains configured for the Google Workspace integration instance + # List the domains configured for a specific Google Workspace directory sync integration instance. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param gsuite_id Id for the specific Google Workspace directory sync integration instance.. + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :skip The offset into the records to return. + # @return [Array<(JumpcloudGappsDomainListResponse, Integer, Hash)>] JumpcloudGappsDomainListResponse data, response status code and response headers + def gapps_domains_list_with_http_info(gsuite_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GSuiteApi.gapps_domains_list ...' + end + # verify the required parameter 'gsuite_id' is set + if @api_client.config.client_side_validation && gsuite_id.nil? + fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteApi.gapps_domains_list" + end + # resource path + local_var_path = '/gsuites/{gsuite_id}/domains'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'JumpcloudGappsDomainListResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GSuiteApi#gapps_domains_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # List the associations of a G Suite instance # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"g_suite\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_g_suite_associations_list(gsuite_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_g_suite_associations_list_with_http_info(gsuite_id, targets, content_type, accept, opts) - return data + def graph_g_suite_associations_list(gsuite_id, targets, opts = {}) + data, _status_code, _headers = graph_g_suite_associations_list_with_http_info(gsuite_id, targets, opts) + data end # List the associations of a G Suite instance - # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"g_suite\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_g_suite_associations_list_with_http_info(gsuite_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_g_suite_associations_list_with_http_info(gsuite_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GSuiteApi.graph_g_suite_associations_list ..." + @api_client.config.logger.debug 'Calling API: GSuiteApi.graph_g_suite_associations_list ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? @@ -59,455 +234,527 @@ def graph_g_suite_associations_list_with_http_info(gsuite_id, targets, content_t if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GSuiteApi.graph_g_suite_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GSuiteApi.graph_g_suite_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GSuiteApi.graph_g_suite_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GSuiteApi.graph_g_suite_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/gsuites/{gsuite_id}/associations".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + local_var_path = '/gsuites/{gsuite_id}/associations'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GSuiteApi#graph_g_suite_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a G Suite instance - # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param gsuite_id ObjectID of the G Suite instance. # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationGSuite] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] def graph_g_suite_associations_post(gsuite_id, opts = {}) graph_g_suite_associations_post_with_http_info(gsuite_id, opts) - return nil + nil end # Manage the associations of a G Suite instance - # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param gsuite_id ObjectID of the G Suite instance. # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers + # @option opts [GraphOperationGSuite] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers def graph_g_suite_associations_post_with_http_info(gsuite_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GSuiteApi.graph_g_suite_associations_post ..." + @api_client.config.logger.debug 'Calling API: GSuiteApi.graph_g_suite_associations_post ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteApi.graph_g_suite_associations_post" end # resource path - local_var_path = "/gsuites/{gsuite_id}/associations".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + local_var_path = '/gsuites/{gsuite_id}/associations'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GSuiteApi#graph_g_suite_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to a G Suite instance # This endpoint will return all Users bound to a G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_g_suite_traverse_user(gsuite_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_g_suite_traverse_user_with_http_info(gsuite_id, content_type, accept, opts) - return data + def graph_g_suite_traverse_user(gsuite_id, opts = {}) + data, _status_code, _headers = graph_g_suite_traverse_user_with_http_info(gsuite_id, opts) + data end # List the Users bound to a G Suite instance - # This endpoint will return all Users bound to a G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_g_suite_traverse_user_with_http_info(gsuite_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_g_suite_traverse_user_with_http_info(gsuite_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GSuiteApi.graph_g_suite_traverse_user ..." + @api_client.config.logger.debug 'Calling API: GSuiteApi.graph_g_suite_traverse_user ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteApi.graph_g_suite_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GSuiteApi.graph_g_suite_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GSuiteApi.graph_g_suite_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GSuiteApi.graph_g_suite_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/gsuites/{gsuite_id}/users".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + local_var_path = '/gsuites/{gsuite_id}/users'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GSuiteApi#graph_g_suite_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to a G Suite instance # This endpoint will return all User Groups bound to an G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSuite_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_g_suite_traverse_user_group(gsuite_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_g_suite_traverse_user_group_with_http_info(gsuite_id, content_type, accept, opts) - return data + def graph_g_suite_traverse_user_group(gsuite_id, opts = {}) + data, _status_code, _headers = graph_g_suite_traverse_user_group_with_http_info(gsuite_id, opts) + data end # List the User Groups bound to a G Suite instance - # This endpoint will return all User Groups bound to an G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSuite_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to an G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSuite_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_g_suite_traverse_user_group_with_http_info(gsuite_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_g_suite_traverse_user_group_with_http_info(gsuite_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GSuiteApi.graph_g_suite_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: GSuiteApi.graph_g_suite_traverse_user_group ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteApi.graph_g_suite_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GSuiteApi.graph_g_suite_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GSuiteApi.graph_g_suite_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GSuiteApi.graph_g_suite_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/gsuites/{gsuite_id}/usergroups".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + local_var_path = '/gsuites/{gsuite_id}/usergroups'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GSuiteApi#graph_g_suite_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get G Suite # This endpoint returns a specific G Suite. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id Unique identifier of the GSuite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [GsuiteOutput] - def gsuites_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = gsuites_get_with_http_info(id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Gsuite] + def gsuites_get(id, opts = {}) + data, _status_code, _headers = gsuites_get_with_http_info(id, opts) + data end # Get G Suite - # This endpoint returns a specific G Suite. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific G Suite. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id Unique identifier of the GSuite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(GsuiteOutput, Fixnum, Hash)>] GsuiteOutput data, response status code and response headers - def gsuites_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Gsuite, Integer, Hash)>] Gsuite data, response status code and response headers + def gsuites_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GSuiteApi.gsuites_get ..." + @api_client.config.logger.debug 'Calling API: GSuiteApi.gsuites_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling GSuiteApi.gsuites_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GSuiteApi.gsuites_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GSuiteApi.gsuites_get" - end # resource path - local_var_path = "/gsuites/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/gsuites/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = [] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Gsuite' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'GsuiteOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GSuiteApi#gsuites_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Get a list of users in Jumpcloud format to import from a Google Workspace account. + # Lists available G Suite users for import, translated to the Jumpcloud user schema. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [InlineResponse2001] + def gsuites_list_import_jumpcloud_users(gsuite_id, opts = {}) + data, _status_code, _headers = gsuites_list_import_jumpcloud_users_with_http_info(gsuite_id, opts) + data + end + + # Get a list of users in Jumpcloud format to import from a Google Workspace account. + # Lists available G Suite users for import, translated to the Jumpcloud user schema. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [Array<(InlineResponse2001, Integer, Hash)>] InlineResponse2001 data, response status code and response headers + def gsuites_list_import_jumpcloud_users_with_http_info(gsuite_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GSuiteApi.gsuites_list_import_jumpcloud_users ...' + end + # verify the required parameter 'gsuite_id' is set + if @api_client.config.client_side_validation && gsuite_id.nil? + fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteApi.gsuites_list_import_jumpcloud_users" + end + # resource path + local_var_path = '/gsuites/{gsuite_id}/import/jumpcloudusers'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'maxResults'] = opts[:'max_results'] if !opts[:'max_results'].nil? + query_params[:'orderBy'] = opts[:'order_by'] if !opts[:'order_by'].nil? + query_params[:'pageToken'] = opts[:'page_token'] if !opts[:'page_token'].nil? + query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil? + query_params[:'sortOrder'] = opts[:'sort_order'] if !opts[:'sort_order'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2001' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GSuiteApi#gsuites_list_import_jumpcloud_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get a list of users to import from a G Suite instance + # Lists G Suite users available for import. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [InlineResponse2002] + def gsuites_list_import_users(gsuite_id, opts = {}) + data, _status_code, _headers = gsuites_list_import_users_with_http_info(gsuite_id, opts) + data + end + + # Get a list of users to import from a G Suite instance + # Lists G Suite users available for import. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [Array<(InlineResponse2002, Integer, Hash)>] InlineResponse2002 data, response status code and response headers + def gsuites_list_import_users_with_http_info(gsuite_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GSuiteApi.gsuites_list_import_users ...' + end + # verify the required parameter 'gsuite_id' is set + if @api_client.config.client_side_validation && gsuite_id.nil? + fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteApi.gsuites_list_import_users" + end + # resource path + local_var_path = '/gsuites/{gsuite_id}/import/users'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'maxResults'] = opts[:'max_results'] if !opts[:'max_results'].nil? + query_params[:'orderBy'] = opts[:'order_by'] if !opts[:'order_by'].nil? + query_params[:'pageToken'] = opts[:'page_token'] if !opts[:'page_token'].nil? + query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil? + query_params[:'sortOrder'] = opts[:'sort_order'] if !opts[:'sort_order'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2002' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GSuiteApi#gsuites_list_import_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # Update existing G Suite - # This endpoint allows updating some attributes of a G Suite. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"remove\", \"userPasswordExpirationAction\": \"disable\" }' ``` + # This endpoint allows updating some attributes of a G Suite. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"suspend\", \"userPasswordExpirationAction\": \"maintain\" }' ``` Sample Request, set a default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": { \"id\": \"{domainObjectID}\" } }' ``` Sample Request, unset the default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": {} }' ``` # @param id Unique identifier of the GSuite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GsuitePatchInput] :body - # @option opts [String] :x_org_id (default to ) - # @return [GsuiteOutput] - def gsuites_patch(id, content_type, accept, opts = {}) - data, _status_code, _headers = gsuites_patch_with_http_info(id, content_type, accept, opts) - return data + # @option opts [Gsuite] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Gsuite] + def gsuites_patch(id, opts = {}) + data, _status_code, _headers = gsuites_patch_with_http_info(id, opts) + data end # Update existing G Suite - # This endpoint allows updating some attributes of a G Suite. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"remove\", \"userPasswordExpirationAction\": \"disable\" }' ``` + # This endpoint allows updating some attributes of a G Suite. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"suspend\", \"userPasswordExpirationAction\": \"maintain\" }' ``` Sample Request, set a default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": { \"id\": \"{domainObjectID}\" } }' ``` Sample Request, unset the default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": {} }' ``` # @param id Unique identifier of the GSuite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GsuitePatchInput] :body - # @option opts [String] :x_org_id - # @return [Array<(GsuiteOutput, Fixnum, Hash)>] GsuiteOutput data, response status code and response headers - def gsuites_patch_with_http_info(id, content_type, accept, opts = {}) + # @option opts [Gsuite] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Gsuite, Integer, Hash)>] Gsuite data, response status code and response headers + def gsuites_patch_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GSuiteApi.gsuites_patch ..." + @api_client.config.logger.debug 'Calling API: GSuiteApi.gsuites_patch ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling GSuiteApi.gsuites_patch" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GSuiteApi.gsuites_patch" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GSuiteApi.gsuites_patch" - end # resource path - local_var_path = "/gsuites/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/gsuites/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = [] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Gsuite' + + auth_names = opts[:auth_names] || [] data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'GsuiteOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GSuiteApi#gsuites_patch\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Deletes a G Suite translation rule # This endpoint allows you to delete a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @return [nil] - def translation_rules_g_suite_delete(gsuite_id, id, content_type, accept, opts = {}) - translation_rules_g_suite_delete_with_http_info(gsuite_id, id, content_type, accept, opts) - return nil + def translation_rules_g_suite_delete(gsuite_id, id, opts = {}) + translation_rules_g_suite_delete_with_http_info(gsuite_id, id, opts) + nil end # Deletes a G Suite translation rule - # This endpoint allows you to delete a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def translation_rules_g_suite_delete_with_http_info(gsuite_id, id, content_type, accept, opts = {}) + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def translation_rules_g_suite_delete_with_http_info(gsuite_id, id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GSuiteApi.translation_rules_g_suite_delete ..." + @api_client.config.logger.debug 'Calling API: GSuiteApi.translation_rules_g_suite_delete ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? @@ -517,71 +764,57 @@ def translation_rules_g_suite_delete_with_http_info(gsuite_id, id, content_type, if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling GSuiteApi.translation_rules_g_suite_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GSuiteApi.translation_rules_g_suite_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GSuiteApi.translation_rules_g_suite_delete" - end # resource path - local_var_path = "/gsuites/{gsuite_id}/translationrules/{id}".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s).sub('{' + 'id' + '}', id.to_s) + local_var_path = '/gsuites/{gsuite_id}/translationrules/{id}'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s).sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept + header_params = opts[:header_params] || {} # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GSuiteApi#translation_rules_g_suite_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Gets a specific G Suite translation rule # This endpoint returns a specific translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @return [GSuiteTranslationRule] - def translation_rules_g_suite_get(gsuite_id, id, content_type, accept, opts = {}) - data, _status_code, _headers = translation_rules_g_suite_get_with_http_info(gsuite_id, id, content_type, accept, opts) - return data + def translation_rules_g_suite_get(gsuite_id, id, opts = {}) + data, _status_code, _headers = translation_rules_g_suite_get_with_http_info(gsuite_id, id, opts) + data end # Gets a specific G Suite translation rule - # This endpoint returns a specific translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @return [Array<(GSuiteTranslationRule, Fixnum, Hash)>] GSuiteTranslationRule data, response status code and response headers - def translation_rules_g_suite_get_with_http_info(gsuite_id, id, content_type, accept, opts = {}) + # @return [Array<(GSuiteTranslationRule, Integer, Hash)>] GSuiteTranslationRule data, response status code and response headers + def translation_rules_g_suite_get_with_http_info(gsuite_id, id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GSuiteApi.translation_rules_g_suite_get ..." + @api_client.config.logger.debug 'Calling API: GSuiteApi.translation_rules_g_suite_get ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? @@ -591,102 +824,77 @@ def translation_rules_g_suite_get_with_http_info(gsuite_id, id, content_type, ac if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling GSuiteApi.translation_rules_g_suite_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GSuiteApi.translation_rules_g_suite_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GSuiteApi.translation_rules_g_suite_get" - end # resource path - local_var_path = "/gsuites/{gsuite_id}/translationrules/{id}".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s).sub('{' + 'id' + '}', id.to_s) + local_var_path = '/gsuites/{gsuite_id}/translationrules/{id}'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s).sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'GSuiteTranslationRule' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'GSuiteTranslationRule') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GSuiteApi#translation_rules_g_suite_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List all the G Suite Translation Rules - # This endpoint returns all graph translation rules for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all graph translation rules for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @return [Array] - def translation_rules_g_suite_list(gsuite_id, content_type, accept, opts = {}) - data, _status_code, _headers = translation_rules_g_suite_list_with_http_info(gsuite_id, content_type, accept, opts) - return data + def translation_rules_g_suite_list(gsuite_id, opts = {}) + data, _status_code, _headers = translation_rules_g_suite_list_with_http_info(gsuite_id, opts) + data end # List all the G Suite Translation Rules - # This endpoint returns all graph translation rules for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all graph translation rules for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def translation_rules_g_suite_list_with_http_info(gsuite_id, content_type, accept, opts = {}) + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def translation_rules_g_suite_list_with_http_info(gsuite_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GSuiteApi.translation_rules_g_suite_list ..." + @api_client.config.logger.debug 'Calling API: GSuiteApi.translation_rules_g_suite_list ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteApi.translation_rules_g_suite_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GSuiteApi.translation_rules_g_suite_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GSuiteApi.translation_rules_g_suite_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GSuiteApi.translation_rules_g_suite_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/gsuites/{gsuite_id}/translationrules".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + local_var_path = '/gsuites/{gsuite_id}/translationrules'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -694,98 +902,87 @@ def translation_rules_g_suite_list_with_http_info(gsuite_id, content_type, accep query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GSuiteApi#translation_rules_g_suite_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create a new G Suite Translation Rule - # This endpoint allows you to create a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` + # This endpoint allows you to create a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` # @param gsuite_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [GSuiteTranslationRuleRequest] :body # @return [GSuiteTranslationRule] - def translation_rules_g_suite_post(gsuite_id, content_type, accept, opts = {}) - data, _status_code, _headers = translation_rules_g_suite_post_with_http_info(gsuite_id, content_type, accept, opts) - return data + def translation_rules_g_suite_post(gsuite_id, opts = {}) + data, _status_code, _headers = translation_rules_g_suite_post_with_http_info(gsuite_id, opts) + data end # Create a new G Suite Translation Rule - # This endpoint allows you to create a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` + # This endpoint allows you to create a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` # @param gsuite_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [GSuiteTranslationRuleRequest] :body - # @return [Array<(GSuiteTranslationRule, Fixnum, Hash)>] GSuiteTranslationRule data, response status code and response headers - def translation_rules_g_suite_post_with_http_info(gsuite_id, content_type, accept, opts = {}) + # @return [Array<(GSuiteTranslationRule, Integer, Hash)>] GSuiteTranslationRule data, response status code and response headers + def translation_rules_g_suite_post_with_http_info(gsuite_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GSuiteApi.translation_rules_g_suite_post ..." + @api_client.config.logger.debug 'Calling API: GSuiteApi.translation_rules_g_suite_post ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteApi.translation_rules_g_suite_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GSuiteApi.translation_rules_g_suite_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GSuiteApi.translation_rules_g_suite_post" - end # resource path - local_var_path = "/gsuites/{gsuite_id}/translationrules".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + local_var_path = '/gsuites/{gsuite_id}/translationrules'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'GSuiteTranslationRule' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'GSuiteTranslationRule') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GSuiteApi#translation_rules_g_suite_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/g_suite_import_api.rb b/jcapiv2/lib/jcapiv2/api/g_suite_import_api.rb new file mode 100644 index 0000000..709e320 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/g_suite_import_api.rb @@ -0,0 +1,165 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class GSuiteImportApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Get a list of users in Jumpcloud format to import from a Google Workspace account. + # Lists available G Suite users for import, translated to the Jumpcloud user schema. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [InlineResponse2001] + def gsuites_list_import_jumpcloud_users(gsuite_id, opts = {}) + data, _status_code, _headers = gsuites_list_import_jumpcloud_users_with_http_info(gsuite_id, opts) + data + end + + # Get a list of users in Jumpcloud format to import from a Google Workspace account. + # Lists available G Suite users for import, translated to the Jumpcloud user schema. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [Array<(InlineResponse2001, Integer, Hash)>] InlineResponse2001 data, response status code and response headers + def gsuites_list_import_jumpcloud_users_with_http_info(gsuite_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GSuiteImportApi.gsuites_list_import_jumpcloud_users ...' + end + # verify the required parameter 'gsuite_id' is set + if @api_client.config.client_side_validation && gsuite_id.nil? + fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteImportApi.gsuites_list_import_jumpcloud_users" + end + # resource path + local_var_path = '/gsuites/{gsuite_id}/import/jumpcloudusers'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'maxResults'] = opts[:'max_results'] if !opts[:'max_results'].nil? + query_params[:'orderBy'] = opts[:'order_by'] if !opts[:'order_by'].nil? + query_params[:'pageToken'] = opts[:'page_token'] if !opts[:'page_token'].nil? + query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil? + query_params[:'sortOrder'] = opts[:'sort_order'] if !opts[:'sort_order'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2001' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GSuiteImportApi#gsuites_list_import_jumpcloud_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get a list of users to import from a G Suite instance + # Lists G Suite users available for import. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [InlineResponse2002] + def gsuites_list_import_users(gsuite_id, opts = {}) + data, _status_code, _headers = gsuites_list_import_users_with_http_info(gsuite_id, opts) + data + end + + # Get a list of users to import from a G Suite instance + # Lists G Suite users available for import. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [Array<(InlineResponse2002, Integer, Hash)>] InlineResponse2002 data, response status code and response headers + def gsuites_list_import_users_with_http_info(gsuite_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GSuiteImportApi.gsuites_list_import_users ...' + end + # verify the required parameter 'gsuite_id' is set + if @api_client.config.client_side_validation && gsuite_id.nil? + fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GSuiteImportApi.gsuites_list_import_users" + end + # resource path + local_var_path = '/gsuites/{gsuite_id}/import/users'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'maxResults'] = opts[:'max_results'] if !opts[:'max_results'].nil? + query_params[:'orderBy'] = opts[:'order_by'] if !opts[:'order_by'].nil? + query_params[:'pageToken'] = opts[:'page_token'] if !opts[:'page_token'].nil? + query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil? + query_params[:'sortOrder'] = opts[:'sort_order'] if !opts[:'sort_order'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2002' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GSuiteImportApi#gsuites_list_import_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/google_emm_api.rb b/jcapiv2/lib/jcapiv2/api/google_emm_api.rb new file mode 100644 index 0000000..34d3c5a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/google_emm_api.rb @@ -0,0 +1,909 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class GoogleEMMApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Erase the Android Device + # Removes the work profile and all policies from a personal/company-owned Android 8.0+ device. Company owned devices will be relinquished for personal use. Apps and data associated with the personal profile(s) are preserved. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/erase-device \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmCommandResponse] + def devices_erase_device(body, device_id, opts = {}) + data, _status_code, _headers = devices_erase_device_with_http_info(body, device_id, opts) + data + end + + # Erase the Android Device + # Removes the work profile and all policies from a personal/company-owned Android 8.0+ device. Company owned devices will be relinquished for personal use. Apps and data associated with the personal profile(s) are preserved. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/erase-device \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmCommandResponse, Integer, Hash)>] JumpcloudGoogleEmmCommandResponse data, response status code and response headers + def devices_erase_device_with_http_info(body, device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.devices_erase_device ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling GoogleEMMApi.devices_erase_device" + end + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling GoogleEMMApi.devices_erase_device" + end + # resource path + local_var_path = '/google-emm/devices/{deviceId}/erase-device'.sub('{' + 'deviceId' + '}', device_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmCommandResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#devices_erase_device\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get device + # Gets a Google EMM enrolled device details. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmDevice] + def devices_get_device(device_id, opts = {}) + data, _status_code, _headers = devices_get_device_with_http_info(device_id, opts) + data + end + + # Get device + # Gets a Google EMM enrolled device details. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param device_id + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmDevice, Integer, Hash)>] JumpcloudGoogleEmmDevice data, response status code and response headers + def devices_get_device_with_http_info(device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.devices_get_device ...' + end + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling GoogleEMMApi.devices_get_device" + end + # resource path + local_var_path = '/google-emm/devices/{deviceId}'.sub('{' + 'deviceId' + '}', device_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmDevice' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#devices_get_device\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get the policy JSON of a device + # Gets an android JSON policy for a Google EMM enrolled device. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/policy_results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmDeviceAndroidPolicy] + def devices_get_device_android_policy(device_id, opts = {}) + data, _status_code, _headers = devices_get_device_android_policy_with_http_info(device_id, opts) + data + end + + # Get the policy JSON of a device + # Gets an android JSON policy for a Google EMM enrolled device. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/policy_results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param device_id + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmDeviceAndroidPolicy, Integer, Hash)>] JumpcloudGoogleEmmDeviceAndroidPolicy data, response status code and response headers + def devices_get_device_android_policy_with_http_info(device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.devices_get_device_android_policy ...' + end + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling GoogleEMMApi.devices_get_device_android_policy" + end + # resource path + local_var_path = '/google-emm/devices/{deviceId}/policy_results'.sub('{' + 'deviceId' + '}', device_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmDeviceAndroidPolicy' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#devices_get_device_android_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List devices + # Lists google EMM enrolled devices. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/enterprises/{enterprise_object_id}/devices \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param enterprise_object_id + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. (default to 100) + # @option opts [String] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter + # @return [JumpcloudGoogleEmmListDevicesResponse] + def devices_list_devices(enterprise_object_id, opts = {}) + data, _status_code, _headers = devices_list_devices_with_http_info(enterprise_object_id, opts) + data + end + + # List devices + # Lists google EMM enrolled devices. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/enterprises/{enterprise_object_id}/devices \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param enterprise_object_id + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :skip The offset into the records to return. + # @option opts [Array] :filter + # @return [Array<(JumpcloudGoogleEmmListDevicesResponse, Integer, Hash)>] JumpcloudGoogleEmmListDevicesResponse data, response status code and response headers + def devices_list_devices_with_http_info(enterprise_object_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.devices_list_devices ...' + end + # verify the required parameter 'enterprise_object_id' is set + if @api_client.config.client_side_validation && enterprise_object_id.nil? + fail ArgumentError, "Missing the required parameter 'enterprise_object_id' when calling GoogleEMMApi.devices_list_devices" + end + # resource path + local_var_path = '/google-emm/enterprises/{enterpriseObjectId}/devices'.sub('{' + 'enterpriseObjectId' + '}', enterprise_object_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :multi) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmListDevicesResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#devices_list_devices\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Lock device + # Locks a Google EMM enrolled device, as if the lock screen timeout had expired. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/lock \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmCommandResponse] + def devices_lock_device(body, device_id, opts = {}) + data, _status_code, _headers = devices_lock_device_with_http_info(body, device_id, opts) + data + end + + # Lock device + # Locks a Google EMM enrolled device, as if the lock screen timeout had expired. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/lock \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmCommandResponse, Integer, Hash)>] JumpcloudGoogleEmmCommandResponse data, response status code and response headers + def devices_lock_device_with_http_info(body, device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.devices_lock_device ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling GoogleEMMApi.devices_lock_device" + end + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling GoogleEMMApi.devices_lock_device" + end + # resource path + local_var_path = '/google-emm/devices/{deviceId}/lock'.sub('{' + 'deviceId' + '}', device_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmCommandResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#devices_lock_device\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Reboot device + # Reboots a Google EMM enrolled device. Only supported on fully managed devices running Android 7.0 or higher. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/reboot \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmCommandResponse] + def devices_reboot_device(body, device_id, opts = {}) + data, _status_code, _headers = devices_reboot_device_with_http_info(body, device_id, opts) + data + end + + # Reboot device + # Reboots a Google EMM enrolled device. Only supported on fully managed devices running Android 7.0 or higher. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/reboot \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmCommandResponse, Integer, Hash)>] JumpcloudGoogleEmmCommandResponse data, response status code and response headers + def devices_reboot_device_with_http_info(body, device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.devices_reboot_device ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling GoogleEMMApi.devices_reboot_device" + end + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling GoogleEMMApi.devices_reboot_device" + end + # resource path + local_var_path = '/google-emm/devices/{deviceId}/reboot'.sub('{' + 'deviceId' + '}', device_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmCommandResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#devices_reboot_device\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Reset Password of a device + # Reset the user's password of a Google EMM enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/resetpassword \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'new_password' : 'string' }' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmCommandResponse] + def devices_reset_password(body, device_id, opts = {}) + data, _status_code, _headers = devices_reset_password_with_http_info(body, device_id, opts) + data + end + + # Reset Password of a device + # Reset the user's password of a Google EMM enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/resetpassword \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'new_password' : 'string' }' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmCommandResponse, Integer, Hash)>] JumpcloudGoogleEmmCommandResponse data, response status code and response headers + def devices_reset_password_with_http_info(body, device_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.devices_reset_password ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling GoogleEMMApi.devices_reset_password" + end + # verify the required parameter 'device_id' is set + if @api_client.config.client_side_validation && device_id.nil? + fail ArgumentError, "Missing the required parameter 'device_id' when calling GoogleEMMApi.devices_reset_password" + end + # resource path + local_var_path = '/google-emm/devices/{deviceId}/resetpassword'.sub('{' + 'deviceId' + '}', device_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmCommandResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#devices_reset_password\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create an enrollment token + # Gets an enrollment token to enroll a device into Google EMM. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/enrollment-tokens \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmCreateEnrollmentTokenResponse] + def enrollment_tokens_create_enrollment_token(body, opts = {}) + data, _status_code, _headers = enrollment_tokens_create_enrollment_token_with_http_info(body, opts) + data + end + + # Create an enrollment token + # Gets an enrollment token to enroll a device into Google EMM. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/enrollment-tokens \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmCreateEnrollmentTokenResponse, Integer, Hash)>] JumpcloudGoogleEmmCreateEnrollmentTokenResponse data, response status code and response headers + def enrollment_tokens_create_enrollment_token_with_http_info(body, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.enrollment_tokens_create_enrollment_token ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling GoogleEMMApi.enrollment_tokens_create_enrollment_token" + end + # resource path + local_var_path = '/google-emm/enrollment-tokens' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmCreateEnrollmentTokenResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#enrollment_tokens_create_enrollment_token\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create a Google Enterprise + # Creates a Google EMM enterprise. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'signupUrlName': 'string', 'enrollmentToken': 'string' }' \\ ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmEnterprise] + def enterprises_create_enterprise(body, opts = {}) + data, _status_code, _headers = enterprises_create_enterprise_with_http_info(body, opts) + data + end + + # Create a Google Enterprise + # Creates a Google EMM enterprise. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'signupUrlName': 'string', 'enrollmentToken': 'string' }' \\ ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmEnterprise, Integer, Hash)>] JumpcloudGoogleEmmEnterprise data, response status code and response headers + def enterprises_create_enterprise_with_http_info(body, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.enterprises_create_enterprise ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling GoogleEMMApi.enterprises_create_enterprise" + end + # resource path + local_var_path = '/google-emm/enterprises' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmEnterprise' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#enterprises_create_enterprise\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete a Google Enterprise + # Removes a Google EMM enterprise. Warning: This is a destructive operation and will remove all data associated with Google EMM enterprise from JumpCloud including devices and applications associated with the given enterprise. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/google-emm/devices/{enterpriseId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param enterprise_id + # @param [Hash] opts the optional parameters + # @return [Object] + def enterprises_delete_enterprise(enterprise_id, opts = {}) + data, _status_code, _headers = enterprises_delete_enterprise_with_http_info(enterprise_id, opts) + data + end + + # Delete a Google Enterprise + # Removes a Google EMM enterprise. Warning: This is a destructive operation and will remove all data associated with Google EMM enterprise from JumpCloud including devices and applications associated with the given enterprise. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/google-emm/devices/{enterpriseId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param enterprise_id + # @param [Hash] opts the optional parameters + # @return [Array<(Object, Integer, Hash)>] Object data, response status code and response headers + def enterprises_delete_enterprise_with_http_info(enterprise_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.enterprises_delete_enterprise ...' + end + # verify the required parameter 'enterprise_id' is set + if @api_client.config.client_side_validation && enterprise_id.nil? + fail ArgumentError, "Missing the required parameter 'enterprise_id' when calling GoogleEMMApi.enterprises_delete_enterprise" + end + # resource path + local_var_path = '/google-emm/enterprises/{enterpriseId}'.sub('{' + 'enterpriseId' + '}', enterprise_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Object' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#enterprises_delete_enterprise\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Test connection with Google + # Gives a connection status between JumpCloud and Google. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{enterpriseId}/connection-status \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param enterprise_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmConnectionStatus] + def enterprises_get_connection_status(enterprise_id, opts = {}) + data, _status_code, _headers = enterprises_get_connection_status_with_http_info(enterprise_id, opts) + data + end + + # Test connection with Google + # Gives a connection status between JumpCloud and Google. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{enterpriseId}/connection-status \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param enterprise_id + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmConnectionStatus, Integer, Hash)>] JumpcloudGoogleEmmConnectionStatus data, response status code and response headers + def enterprises_get_connection_status_with_http_info(enterprise_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.enterprises_get_connection_status ...' + end + # verify the required parameter 'enterprise_id' is set + if @api_client.config.client_side_validation && enterprise_id.nil? + fail ArgumentError, "Missing the required parameter 'enterprise_id' when calling GoogleEMMApi.enterprises_get_connection_status" + end + # resource path + local_var_path = '/google-emm/enterprises/{enterpriseId}/connection-status'.sub('{' + 'enterpriseId' + '}', enterprise_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmConnectionStatus' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#enterprises_get_connection_status\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List Google Enterprises + # Lists all Google EMM enterprises. An empty list indicates that the Organization is not configured with a Google EMM enterprise yet. Note: Currently only one Google Enterprise per Organization is supported. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. (default to 100) + # @option opts [String] :skip The offset into the records to return. (default to 0) + # @return [JumpcloudGoogleEmmListEnterprisesResponse] + def enterprises_list_enterprises(opts = {}) + data, _status_code, _headers = enterprises_list_enterprises_with_http_info(opts) + data + end + + # List Google Enterprises + # Lists all Google EMM enterprises. An empty list indicates that the Organization is not configured with a Google EMM enterprise yet. Note: Currently only one Google Enterprise per Organization is supported. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :skip The offset into the records to return. + # @return [Array<(JumpcloudGoogleEmmListEnterprisesResponse, Integer, Hash)>] JumpcloudGoogleEmmListEnterprisesResponse data, response status code and response headers + def enterprises_list_enterprises_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.enterprises_list_enterprises ...' + end + # resource path + local_var_path = '/google-emm/enterprises' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmListEnterprisesResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#enterprises_list_enterprises\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update a Google Enterprise + # Updates a Google EMM enterprise details. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'allowDeviceEnrollment': true, 'deviceGroupId': 'string' }' \\ ``` + # @param body + # @param enterprise_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmEnterprise] + def enterprises_patch_enterprise(body, enterprise_id, opts = {}) + data, _status_code, _headers = enterprises_patch_enterprise_with_http_info(body, enterprise_id, opts) + data + end + + # Update a Google Enterprise + # Updates a Google EMM enterprise details. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'allowDeviceEnrollment': true, 'deviceGroupId': 'string' }' \\ ``` + # @param body + # @param enterprise_id + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmEnterprise, Integer, Hash)>] JumpcloudGoogleEmmEnterprise data, response status code and response headers + def enterprises_patch_enterprise_with_http_info(body, enterprise_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.enterprises_patch_enterprise ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling GoogleEMMApi.enterprises_patch_enterprise" + end + # verify the required parameter 'enterprise_id' is set + if @api_client.config.client_side_validation && enterprise_id.nil? + fail ArgumentError, "Missing the required parameter 'enterprise_id' when calling GoogleEMMApi.enterprises_patch_enterprise" + end + # resource path + local_var_path = '/google-emm/enterprises/{enterpriseId}'.sub('{' + 'enterpriseId' + '}', enterprise_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmEnterprise' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#enterprises_patch_enterprise\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get a Signup URL to enroll Google enterprise + # Creates a Google EMM enterprise signup URL. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/signup-urls \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmSignupURL] + def signup_urls_create(opts = {}) + data, _status_code, _headers = signup_urls_create_with_http_info(opts) + data + end + + # Get a Signup URL to enroll Google enterprise + # Creates a Google EMM enterprise signup URL. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/signup-urls \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmSignupURL, Integer, Hash)>] JumpcloudGoogleEmmSignupURL data, response status code and response headers + def signup_urls_create_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.signup_urls_create ...' + end + # resource path + local_var_path = '/google-emm/signup-urls' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmSignupURL' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#signup_urls_create\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get a web token to render Google Play iFrame + # Creates a web token to access an embeddable managed Google Play web UI for a given Google EMM enterprise. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/web-tokens \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmWebToken] + def web_tokens_create_web_token(body, opts = {}) + data, _status_code, _headers = web_tokens_create_web_token_with_http_info(body, opts) + data + end + + # Get a web token to render Google Play iFrame + # Creates a web token to access an embeddable managed Google Play web UI for a given Google EMM enterprise. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/web-tokens \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudGoogleEmmWebToken, Integer, Hash)>] JumpcloudGoogleEmmWebToken data, response status code and response headers + def web_tokens_create_web_token_with_http_info(body, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GoogleEMMApi.web_tokens_create_web_token ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling GoogleEMMApi.web_tokens_create_web_token" + end + # resource path + local_var_path = '/google-emm/web-tokens' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'JumpcloudGoogleEmmWebToken' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GoogleEMMApi#web_tokens_create_web_token\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/graph_api.rb b/jcapiv2/lib/jcapiv2/api/graph_api.rb index ef471f1..2f78ad1 100644 --- a/jcapiv2/lib/jcapiv2/api/graph_api.rb +++ b/jcapiv2/lib/jcapiv2/api/graph_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class GraphApi attr_accessor :api_client @@ -19,37 +16,32 @@ class GraphApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List the associations of an Active Directory instance # This endpoint returns the direct associations of this Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/associations?targets=user \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"active_directory\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_active_directory_associations_list(activedirectory_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_active_directory_associations_list_with_http_info(activedirectory_id, targets, content_type, accept, opts) - return data + def graph_active_directory_associations_list(activedirectory_id, targets, opts = {}) + data, _status_code, _headers = graph_active_directory_associations_list_with_http_info(activedirectory_id, targets, opts) + data end # List the associations of an Active Directory instance - # This endpoint returns the direct associations of this Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/associations?targets=user \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the direct associations of this Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/associations?targets=user \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"active_directory\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_active_directory_associations_list_with_http_info(activedirectory_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_active_directory_associations_list_with_http_info(activedirectory_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_active_directory_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_active_directory_associations_list ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? @@ -59,329 +51,266 @@ def graph_active_directory_associations_list_with_http_info(activedirectory_id, if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_active_directory_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_active_directory_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_active_directory_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_active_directory_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/activedirectories/{activedirectory_id}/associations".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/associations'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_active_directory_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of an Active Directory instance - # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" } ' ``` + # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationActiveDirectory] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_active_directory_associations_post(activedirectory_id, content_type, accept, opts = {}) - graph_active_directory_associations_post_with_http_info(activedirectory_id, content_type, accept, opts) - return nil + def graph_active_directory_associations_post(activedirectory_id, opts = {}) + graph_active_directory_associations_post_with_http_info(activedirectory_id, opts) + nil end # Manage the associations of an Active Directory instance - # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" } ' ``` + # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_active_directory_associations_post_with_http_info(activedirectory_id, content_type, accept, opts = {}) + # @option opts [GraphOperationActiveDirectory] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_active_directory_associations_post_with_http_info(activedirectory_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_active_directory_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_active_directory_associations_post ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? fail ArgumentError, "Missing the required parameter 'activedirectory_id' when calling GraphApi.graph_active_directory_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_active_directory_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_active_directory_associations_post" - end # resource path - local_var_path = "/activedirectories/{activedirectory_id}/associations".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/associations'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_active_directory_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to an Active Directory instance # This endpoint will return all Users bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id ObjectID of the Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @return [Array] - def graph_active_directory_traverse_user(activedirectory_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_active_directory_traverse_user_with_http_info(activedirectory_id, content_type, accept, opts) - return data + def graph_active_directory_traverse_user(activedirectory_id, opts = {}) + data, _status_code, _headers = graph_active_directory_traverse_user_with_http_info(activedirectory_id, opts) + data end # List the Users bound to an Active Directory instance - # This endpoint will return all Users bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id ObjectID of the Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_active_directory_traverse_user_with_http_info(activedirectory_id, content_type, accept, opts = {}) + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_active_directory_traverse_user_with_http_info(activedirectory_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_active_directory_traverse_user ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_active_directory_traverse_user ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? fail ArgumentError, "Missing the required parameter 'activedirectory_id' when calling GraphApi.graph_active_directory_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_active_directory_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_active_directory_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_active_directory_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/activedirectories/{activedirectory_id}/users".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/users'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_active_directory_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to an Active Directory instance # This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id ObjectID of the Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_active_directory_traverse_user_group(activedirectory_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_active_directory_traverse_user_group_with_http_info(activedirectory_id, content_type, accept, opts) - return data + def graph_active_directory_traverse_user_group(activedirectory_id, opts = {}) + data, _status_code, _headers = graph_active_directory_traverse_user_group_with_http_info(activedirectory_id, opts) + data end # List the User Groups bound to an Active Directory instance - # This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id ObjectID of the Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_active_directory_traverse_user_group_with_http_info(activedirectory_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_active_directory_traverse_user_group_with_http_info(activedirectory_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_active_directory_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_active_directory_traverse_user_group ...' end # verify the required parameter 'activedirectory_id' is set if @api_client.config.client_side_validation && activedirectory_id.nil? fail ArgumentError, "Missing the required parameter 'activedirectory_id' when calling GraphApi.graph_active_directory_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_active_directory_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_active_directory_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_active_directory_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/activedirectories/{activedirectory_id}/usergroups".sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) + local_var_path = '/activedirectories/{activedirectory_id}/usergroups'.sub('{' + 'activedirectory_id' + '}', activedirectory_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_active_directory_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of an Application # This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"application\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_application_associations_list(application_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_application_associations_list_with_http_info(application_id, targets, content_type, accept, opts) - return data + def graph_application_associations_list(application_id, targets, opts = {}) + data, _status_code, _headers = graph_application_associations_list_with_http_info(application_id, targets, opts) + data end # List the associations of an Application - # This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"application\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_application_associations_list_with_http_info(application_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_application_associations_list_with_http_info(application_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_application_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_application_associations_list ...' end # verify the required parameter 'application_id' is set if @api_client.config.client_side_validation && application_id.nil? @@ -391,329 +320,266 @@ def graph_application_associations_list_with_http_info(application_id, targets, if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_application_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_application_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_application_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_application_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/applications/{application_id}/associations".sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/applications/{application_id}/associations'.sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_application_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of an Application - # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationApplication] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_application_associations_post(application_id, content_type, accept, opts = {}) - graph_application_associations_post_with_http_info(application_id, content_type, accept, opts) - return nil + def graph_application_associations_post(application_id, opts = {}) + graph_application_associations_post_with_http_info(application_id, opts) + nil end # Manage the associations of an Application - # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_application_associations_post_with_http_info(application_id, content_type, accept, opts = {}) + # @option opts [GraphOperationApplication] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_application_associations_post_with_http_info(application_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_application_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_application_associations_post ...' end # verify the required parameter 'application_id' is set if @api_client.config.client_side_validation && application_id.nil? fail ArgumentError, "Missing the required parameter 'application_id' when calling GraphApi.graph_application_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_application_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_application_associations_post" - end # resource path - local_var_path = "/applications/{application_id}/associations".sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/applications/{application_id}/associations'.sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_application_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to an Application # This endpoint will return all Users bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_application_traverse_user(application_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_application_traverse_user_with_http_info(application_id, content_type, accept, opts) - return data + def graph_application_traverse_user(application_id, opts = {}) + data, _status_code, _headers = graph_application_traverse_user_with_http_info(application_id, opts) + data end # List the Users bound to an Application - # This endpoint will return all Users bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_application_traverse_user_with_http_info(application_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_application_traverse_user_with_http_info(application_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_application_traverse_user ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_application_traverse_user ...' end # verify the required parameter 'application_id' is set if @api_client.config.client_side_validation && application_id.nil? fail ArgumentError, "Missing the required parameter 'application_id' when calling GraphApi.graph_application_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_application_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_application_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_application_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/applications/{application_id}/users".sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/applications/{application_id}/users'.sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_application_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to an Application # This endpoint will return all Users Groups bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_application_traverse_user_group(application_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_application_traverse_user_group_with_http_info(application_id, content_type, accept, opts) - return data + def graph_application_traverse_user_group(application_id, opts = {}) + data, _status_code, _headers = graph_application_traverse_user_group_with_http_info(application_id, opts) + data end # List the User Groups bound to an Application - # This endpoint will return all Users Groups bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_application_traverse_user_group_with_http_info(application_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_application_traverse_user_group_with_http_info(application_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_application_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_application_traverse_user_group ...' end # verify the required parameter 'application_id' is set if @api_client.config.client_side_validation && application_id.nil? fail ArgumentError, "Missing the required parameter 'application_id' when calling GraphApi.graph_application_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_application_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_application_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_application_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/applications/{application_id}/usergroups".sub('{' + 'application_id' + '}', application_id.to_s) + local_var_path = '/applications/{application_id}/usergroups'.sub('{' + 'application_id' + '}', application_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_application_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of a Command # This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"command\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_command_associations_list(command_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_command_associations_list_with_http_info(command_id, targets, content_type, accept, opts) - return data + def graph_command_associations_list(command_id, targets, opts = {}) + data, _status_code, _headers = graph_command_associations_list_with_http_info(command_id, targets, opts) + data end # List the associations of a Command - # This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"command\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_command_associations_list_with_http_info(command_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_command_associations_list_with_http_info(command_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_command_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_command_associations_list ...' end # verify the required parameter 'command_id' is set if @api_client.config.client_side_validation && command_id.nil? @@ -723,329 +589,266 @@ def graph_command_associations_list_with_http_info(command_id, targets, content_ if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_command_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_command_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_command_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_command_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/commands/{command_id}/associations".sub('{' + 'command_id' + '}', command_id.to_s) + local_var_path = '/commands/{command_id}/associations'.sub('{' + 'command_id' + '}', command_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_command_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a Command - # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` + # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationCommand] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_command_associations_post(command_id, content_type, accept, opts = {}) - graph_command_associations_post_with_http_info(command_id, content_type, accept, opts) - return nil + def graph_command_associations_post(command_id, opts = {}) + graph_command_associations_post_with_http_info(command_id, opts) + nil end # Manage the associations of a Command - # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` + # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_command_associations_post_with_http_info(command_id, content_type, accept, opts = {}) + # @option opts [GraphOperationCommand] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_command_associations_post_with_http_info(command_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_command_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_command_associations_post ...' end # verify the required parameter 'command_id' is set if @api_client.config.client_side_validation && command_id.nil? fail ArgumentError, "Missing the required parameter 'command_id' when calling GraphApi.graph_command_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_command_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_command_associations_post" - end # resource path - local_var_path = "/commands/{command_id}/associations".sub('{' + 'command_id' + '}', command_id.to_s) + local_var_path = '/commands/{command_id}/associations'.sub('{' + 'command_id' + '}', command_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_command_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Systems bound to a Command # This endpoint will return all Systems bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systems \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_command_traverse_system(command_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_command_traverse_system_with_http_info(command_id, content_type, accept, opts) - return data + def graph_command_traverse_system(command_id, opts = {}) + data, _status_code, _headers = graph_command_traverse_system_with_http_info(command_id, opts) + data end # List the Systems bound to a Command - # This endpoint will return all Systems bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systems \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systems \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_command_traverse_system_with_http_info(command_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_command_traverse_system_with_http_info(command_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_command_traverse_system ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_command_traverse_system ...' end # verify the required parameter 'command_id' is set if @api_client.config.client_side_validation && command_id.nil? fail ArgumentError, "Missing the required parameter 'command_id' when calling GraphApi.graph_command_traverse_system" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_command_traverse_system" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_command_traverse_system" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_command_traverse_system, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/commands/{command_id}/systems".sub('{' + 'command_id' + '}', command_id.to_s) + local_var_path = '/commands/{command_id}/systems'.sub('{' + 'command_id' + '}', command_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_command_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the System Groups bound to a Command # This endpoint will return all System Groups bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systemgroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_command_traverse_system_group(command_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_command_traverse_system_group_with_http_info(command_id, content_type, accept, opts) - return data + def graph_command_traverse_system_group(command_id, opts = {}) + data, _status_code, _headers = graph_command_traverse_system_group_with_http_info(command_id, opts) + data end # List the System Groups bound to a Command - # This endpoint will return all System Groups bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systemgroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systemgroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_command_traverse_system_group_with_http_info(command_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_command_traverse_system_group_with_http_info(command_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_command_traverse_system_group ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_command_traverse_system_group ...' end # verify the required parameter 'command_id' is set if @api_client.config.client_side_validation && command_id.nil? fail ArgumentError, "Missing the required parameter 'command_id' when calling GraphApi.graph_command_traverse_system_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_command_traverse_system_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_command_traverse_system_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_command_traverse_system_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/commands/{command_id}/systemgroups".sub('{' + 'command_id' + '}', command_id.to_s) + local_var_path = '/commands/{command_id}/systemgroups'.sub('{' + 'command_id' + '}', command_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_command_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of a G Suite instance # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"g_suite\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_g_suite_associations_list(gsuite_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_g_suite_associations_list_with_http_info(gsuite_id, targets, content_type, accept, opts) - return data + def graph_g_suite_associations_list(gsuite_id, targets, opts = {}) + data, _status_code, _headers = graph_g_suite_associations_list_with_http_info(gsuite_id, targets, opts) + data end # List the associations of a G Suite instance - # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"g_suite\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_g_suite_associations_list_with_http_info(gsuite_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_g_suite_associations_list_with_http_info(gsuite_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_g_suite_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_g_suite_associations_list ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? @@ -1055,315 +858,266 @@ def graph_g_suite_associations_list_with_http_info(gsuite_id, targets, content_t if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_g_suite_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_g_suite_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_g_suite_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_g_suite_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/gsuites/{gsuite_id}/associations".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + local_var_path = '/gsuites/{gsuite_id}/associations'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_g_suite_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a G Suite instance - # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param gsuite_id ObjectID of the G Suite instance. # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationGSuite] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] def graph_g_suite_associations_post(gsuite_id, opts = {}) graph_g_suite_associations_post_with_http_info(gsuite_id, opts) - return nil + nil end # Manage the associations of a G Suite instance - # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param gsuite_id ObjectID of the G Suite instance. # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers + # @option opts [GraphOperationGSuite] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers def graph_g_suite_associations_post_with_http_info(gsuite_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_g_suite_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_g_suite_associations_post ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GraphApi.graph_g_suite_associations_post" end # resource path - local_var_path = "/gsuites/{gsuite_id}/associations".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + local_var_path = '/gsuites/{gsuite_id}/associations'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_g_suite_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to a G Suite instance # This endpoint will return all Users bound to a G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_g_suite_traverse_user(gsuite_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_g_suite_traverse_user_with_http_info(gsuite_id, content_type, accept, opts) - return data + def graph_g_suite_traverse_user(gsuite_id, opts = {}) + data, _status_code, _headers = graph_g_suite_traverse_user_with_http_info(gsuite_id, opts) + data end # List the Users bound to a G Suite instance - # This endpoint will return all Users bound to a G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_g_suite_traverse_user_with_http_info(gsuite_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_g_suite_traverse_user_with_http_info(gsuite_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_g_suite_traverse_user ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_g_suite_traverse_user ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GraphApi.graph_g_suite_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_g_suite_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_g_suite_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_g_suite_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/gsuites/{gsuite_id}/users".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + local_var_path = '/gsuites/{gsuite_id}/users'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_g_suite_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to a G Suite instance # This endpoint will return all User Groups bound to an G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSuite_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_g_suite_traverse_user_group(gsuite_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_g_suite_traverse_user_group_with_http_info(gsuite_id, content_type, accept, opts) - return data + def graph_g_suite_traverse_user_group(gsuite_id, opts = {}) + data, _status_code, _headers = graph_g_suite_traverse_user_group_with_http_info(gsuite_id, opts) + data end # List the User Groups bound to a G Suite instance - # This endpoint will return all User Groups bound to an G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSuite_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to an G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSuite_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_g_suite_traverse_user_group_with_http_info(gsuite_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_g_suite_traverse_user_group_with_http_info(gsuite_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_g_suite_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_g_suite_traverse_user_group ...' end # verify the required parameter 'gsuite_id' is set if @api_client.config.client_side_validation && gsuite_id.nil? fail ArgumentError, "Missing the required parameter 'gsuite_id' when calling GraphApi.graph_g_suite_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_g_suite_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_g_suite_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_g_suite_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/gsuites/{gsuite_id}/usergroups".sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) + local_var_path = '/gsuites/{gsuite_id}/usergroups'.sub('{' + 'gsuite_id' + '}', gsuite_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_g_suite_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of a LDAP Server # This endpoint returns the _direct_ associations of this LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"ldap_server\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_ldap_server_associations_list(ldapserver_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_ldap_server_associations_list_with_http_info(ldapserver_id, targets, content_type, accept, opts) - return data + def graph_ldap_server_associations_list(ldapserver_id, targets, opts = {}) + data, _status_code, _headers = graph_ldap_server_associations_list_with_http_info(ldapserver_id, targets, opts) + data end # List the associations of a LDAP Server - # This endpoint returns the _direct_ associations of this LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"ldap_server\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_ldap_server_associations_list_with_http_info(ldapserver_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_ldap_server_associations_list_with_http_info(ldapserver_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_ldap_server_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_ldap_server_associations_list ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? @@ -1373,329 +1127,266 @@ def graph_ldap_server_associations_list_with_http_info(ldapserver_id, targets, c if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_ldap_server_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_ldap_server_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_ldap_server_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_ldap_server_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/ldapservers/{ldapserver_id}/associations".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/associations'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_ldap_server_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a LDAP Server - # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationLdapServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_ldap_server_associations_post(ldapserver_id, content_type, accept, opts = {}) - graph_ldap_server_associations_post_with_http_info(ldapserver_id, content_type, accept, opts) - return nil + def graph_ldap_server_associations_post(ldapserver_id, opts = {}) + graph_ldap_server_associations_post_with_http_info(ldapserver_id, opts) + nil end # Manage the associations of a LDAP Server - # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_ldap_server_associations_post_with_http_info(ldapserver_id, content_type, accept, opts = {}) + # @option opts [GraphOperationLdapServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_ldap_server_associations_post_with_http_info(ldapserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_ldap_server_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_ldap_server_associations_post ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? fail ArgumentError, "Missing the required parameter 'ldapserver_id' when calling GraphApi.graph_ldap_server_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_ldap_server_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_ldap_server_associations_post" - end # resource path - local_var_path = "/ldapservers/{ldapserver_id}/associations".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/associations'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_ldap_server_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to a LDAP Server # This endpoint will return all Users bound to an LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_ldap_server_traverse_user(ldapserver_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_ldap_server_traverse_user_with_http_info(ldapserver_id, content_type, accept, opts) - return data + def graph_ldap_server_traverse_user(ldapserver_id, opts = {}) + data, _status_code, _headers = graph_ldap_server_traverse_user_with_http_info(ldapserver_id, opts) + data end # List the Users bound to a LDAP Server - # This endpoint will return all Users bound to an LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_ldap_server_traverse_user_with_http_info(ldapserver_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_ldap_server_traverse_user_with_http_info(ldapserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_ldap_server_traverse_user ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_ldap_server_traverse_user ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? fail ArgumentError, "Missing the required parameter 'ldapserver_id' when calling GraphApi.graph_ldap_server_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_ldap_server_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_ldap_server_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_ldap_server_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/ldapservers/{ldapserver_id}/users".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/users'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_ldap_server_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to a LDAP Server # This endpoint will return all Users Groups bound to a LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_ldap_server_traverse_user_group(ldapserver_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_ldap_server_traverse_user_group_with_http_info(ldapserver_id, content_type, accept, opts) - return data + def graph_ldap_server_traverse_user_group(ldapserver_id, opts = {}) + data, _status_code, _headers = graph_ldap_server_traverse_user_group_with_http_info(ldapserver_id, opts) + data end # List the User Groups bound to a LDAP Server - # This endpoint will return all Users Groups bound to a LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to a LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_ldap_server_traverse_user_group_with_http_info(ldapserver_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_ldap_server_traverse_user_group_with_http_info(ldapserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_ldap_server_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_ldap_server_traverse_user_group ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? fail ArgumentError, "Missing the required parameter 'ldapserver_id' when calling GraphApi.graph_ldap_server_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_ldap_server_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_ldap_server_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_ldap_server_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/ldapservers/{ldapserver_id}/usergroups".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/usergroups'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_ldap_server_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of an Office 365 instance - # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations?targets=user_group' \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"office_365\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_office365_associations_list(office365_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_office365_associations_list_with_http_info(office365_id, targets, content_type, accept, opts) - return data + def graph_office365_associations_list(office365_id, targets, opts = {}) + data, _status_code, _headers = graph_office365_associations_list_with_http_info(office365_id, targets, opts) + data end # List the associations of an Office 365 instance - # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations?targets=user_group' \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"office_365\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_office365_associations_list_with_http_info(office365_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_office365_associations_list_with_http_info(office365_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_office365_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_office365_associations_list ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? @@ -1705,329 +1396,266 @@ def graph_office365_associations_list_with_http_info(office365_id, targets, cont if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_office365_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_office365_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_office365_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_office365_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/office365s/{office365_id}/associations".sub('{' + 'office365_id' + '}', office365_id.to_s) + local_var_path = '/office365s/{office365_id}/associations'.sub('{' + 'office365_id' + '}', office365_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_office365_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of an Office 365 instance - # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationOffice365] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_office365_associations_post(office365_id, content_type, accept, opts = {}) - graph_office365_associations_post_with_http_info(office365_id, content_type, accept, opts) - return nil + def graph_office365_associations_post(office365_id, opts = {}) + graph_office365_associations_post_with_http_info(office365_id, opts) + nil end # Manage the associations of an Office 365 instance - # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_office365_associations_post_with_http_info(office365_id, content_type, accept, opts = {}) + # @option opts [GraphOperationOffice365] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_office365_associations_post_with_http_info(office365_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_office365_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_office365_associations_post ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? fail ArgumentError, "Missing the required parameter 'office365_id' when calling GraphApi.graph_office365_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_office365_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_office365_associations_post" - end # resource path - local_var_path = "/office365s/{office365_id}/associations".sub('{' + 'office365_id' + '}', office365_id.to_s) + local_var_path = '/office365s/{office365_id}/associations'.sub('{' + 'office365_id' + '}', office365_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_office365_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to an Office 365 instance - # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_office365_traverse_user(office365_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_office365_traverse_user_with_http_info(office365_id, content_type, accept, opts) - return data + def graph_office365_traverse_user(office365_id, opts = {}) + data, _status_code, _headers = graph_office365_traverse_user_with_http_info(office365_id, opts) + data end # List the Users bound to an Office 365 instance - # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_office365_traverse_user_with_http_info(office365_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_office365_traverse_user_with_http_info(office365_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_office365_traverse_user ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_office365_traverse_user ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? fail ArgumentError, "Missing the required parameter 'office365_id' when calling GraphApi.graph_office365_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_office365_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_office365_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_office365_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/office365s/{office365_id}/users".sub('{' + 'office365_id' + '}', office365_id.to_s) + local_var_path = '/office365s/{office365_id}/users'.sub('{' + 'office365_id' + '}', office365_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_office365_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to an Office 365 instance - # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_office365_traverse_user_group(office365_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_office365_traverse_user_group_with_http_info(office365_id, content_type, accept, opts) - return data + def graph_office365_traverse_user_group(office365_id, opts = {}) + data, _status_code, _headers = graph_office365_traverse_user_group_with_http_info(office365_id, opts) + data end # List the User Groups bound to an Office 365 instance - # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_office365_traverse_user_group_with_http_info(office365_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_office365_traverse_user_group_with_http_info(office365_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_office365_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_office365_traverse_user_group ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? fail ArgumentError, "Missing the required parameter 'office365_id' when calling GraphApi.graph_office365_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_office365_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_office365_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_office365_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/office365s/{office365_id}/usergroups".sub('{' + 'office365_id' + '}', office365_id.to_s) + local_var_path = '/office365s/{office365_id}/usergroups'.sub('{' + 'office365_id' + '}', office365_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_office365_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of a Policy # This endpoint returns the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Policy. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"policy\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_policy_associations_list(policy_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_policy_associations_list_with_http_info(policy_id, targets, content_type, accept, opts) - return data + def graph_policy_associations_list(policy_id, targets, opts = {}) + data, _status_code, _headers = graph_policy_associations_list_with_http_info(policy_id, targets, opts) + data end # List the associations of a Policy - # This endpoint returns the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Policy. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"policy\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_policy_associations_list_with_http_info(policy_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_associations_list_with_http_info(policy_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_policy_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_associations_list ...' end # verify the required parameter 'policy_id' is set if @api_client.config.client_side_validation && policy_id.nil? @@ -2037,4419 +1665,4387 @@ def graph_policy_associations_list_with_http_info(policy_id, targets, content_ty if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_policy_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_policy_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_policy_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_policy_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/policies/{policy_id}/associations".sub('{' + 'policy_id' + '}', policy_id.to_s) + local_var_path = '/policies/{policy_id}/associations'.sub('{' + 'policy_id' + '}', policy_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_policy_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a Policy - # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` # @param policy_id ObjectID of the Policy. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_policy_associations_post(policy_id, content_type, accept, opts = {}) - graph_policy_associations_post_with_http_info(policy_id, content_type, accept, opts) - return nil + def graph_policy_associations_post(policy_id, opts = {}) + graph_policy_associations_post_with_http_info(policy_id, opts) + nil end # Manage the associations of a Policy - # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` # @param policy_id ObjectID of the Policy. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_policy_associations_post_with_http_info(policy_id, content_type, accept, opts = {}) + # @option opts [GraphOperationPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_policy_associations_post_with_http_info(policy_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_policy_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_associations_post ...' end # verify the required parameter 'policy_id' is set if @api_client.config.client_side_validation && policy_id.nil? fail ArgumentError, "Missing the required parameter 'policy_id' when calling GraphApi.graph_policy_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_policy_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_policy_associations_post" - end # resource path - local_var_path = "/policies/{policy_id}/associations".sub('{' + 'policy_id' + '}', policy_id.to_s) + local_var_path = '/policies/{policy_id}/associations'.sub('{' + 'policy_id' + '}', policy_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_policy_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the Systems bound to a Policy + # List the associations of a Policy Group. + # This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param targets Targets which a \"policy_group\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_group_associations_list(group_id, targets, opts = {}) + data, _status_code, _headers = graph_policy_group_associations_list_with_http_info(group_id, targets, opts) + data + end + + # List the associations of a Policy Group. + # This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param targets Targets which a \"policy_group\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_associations_list_with_http_info(group_id, targets, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_group_associations_list ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_policy_group_associations_list" + end + # verify the required parameter 'targets' is set + if @api_client.config.client_side_validation && targets.nil? + fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_policy_group_associations_list" + end + # resource path + local_var_path = '/policygroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_policy_group_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Manage the associations of a Policy Group + # This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def graph_policy_group_associations_post(group_id, opts = {}) + graph_policy_group_associations_post_with_http_info(group_id, opts) + nil + end + + # Manage the associations of a Policy Group + # This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_policy_group_associations_post_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_group_associations_post ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_policy_group_associations_post" + end + # resource path + local_var_path = '/policygroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_policy_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the members of a Policy Group + # This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_group_members_list(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_members_list_with_http_info(group_id, opts) + data + end + + # List the members of a Policy Group + # This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_members_list_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_group_members_list ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_policy_group_members_list" + end + # resource path + local_var_path = '/policygroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_policy_group_members_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Manage the members of a Policy Group + # This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def graph_policy_group_members_post(group_id, opts = {}) + graph_policy_group_members_post_with_http_info(group_id, opts) + nil + end + + # Manage the members of a Policy Group + # This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_policy_group_members_post_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_group_members_post ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_policy_group_members_post" + end + # resource path + local_var_path = '/policygroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_policy_group_members_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the Policy Group's membership + # This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_group_membership(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_membership_with_http_info(group_id, opts) + data + end + + # List the Policy Group's membership + # This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_membership_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_group_membership ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_policy_group_membership" + end + # resource path + local_var_path = '/policygroups/{group_id}/membership'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_policy_group_membership\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the Systems bound to a Policy Group + # This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_policy_group_traverse_system(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_traverse_system_with_http_info(group_id, opts) + data + end + + # List the Systems bound to a Policy Group + # This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_traverse_system_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_group_traverse_system ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_policy_group_traverse_system" + end + # resource path + local_var_path = '/policygroups/{group_id}/systems'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_policy_group_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the System Groups bound to Policy Groups + # This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_policy_group_traverse_system_group(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_traverse_system_group_with_http_info(group_id, opts) + data + end + + # List the System Groups bound to Policy Groups + # This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_traverse_system_group_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_group_traverse_system_group ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_policy_group_traverse_system_group" + end + # resource path + local_var_path = '/policygroups/{group_id}/systemgroups'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_policy_group_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the parent Groups of a Policy + # This endpoint returns all the Policy Groups a Policy is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param policy_id ObjectID of the Policy. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_member_of(policy_id, opts = {}) + data, _status_code, _headers = graph_policy_member_of_with_http_info(policy_id, opts) + data + end + + # List the parent Groups of a Policy + # This endpoint returns all the Policy Groups a Policy is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param policy_id ObjectID of the Policy. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_member_of_with_http_info(policy_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_member_of ...' + end + # verify the required parameter 'policy_id' is set + if @api_client.config.client_side_validation && policy_id.nil? + fail ArgumentError, "Missing the required parameter 'policy_id' when calling GraphApi.graph_policy_member_of" + end + # resource path + local_var_path = '/policies/{policy_id}/memberof'.sub('{' + 'policy_id' + '}', policy_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? + header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_policy_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the Systems bound to a Policy # This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_policy_traverse_system(policy_id, opts = {}) + data, _status_code, _headers = graph_policy_traverse_system_with_http_info(policy_id, opts) + data + end + + # List the Systems bound to a Policy + # This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param policy_id ObjectID of the Command. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_traverse_system_with_http_info(policy_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_traverse_system ...' + end + # verify the required parameter 'policy_id' is set + if @api_client.config.client_side_validation && policy_id.nil? + fail ArgumentError, "Missing the required parameter 'policy_id' when calling GraphApi.graph_policy_traverse_system" + end + # resource path + local_var_path = '/policies/{policy_id}/systems'.sub('{' + 'policy_id' + '}', policy_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_policy_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the System Groups bound to a Policy + # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param policy_id ObjectID of the Command. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_policy_traverse_system_group(policy_id, opts = {}) + data, _status_code, _headers = graph_policy_traverse_system_group_with_http_info(policy_id, opts) + data + end + + # List the System Groups bound to a Policy + # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param policy_id ObjectID of the Command. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_traverse_system_group_with_http_info(policy_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_policy_traverse_system_group ...' + end + # verify the required parameter 'policy_id' is set + if @api_client.config.client_side_validation && policy_id.nil? + fail ArgumentError, "Missing the required parameter 'policy_id' when calling GraphApi.graph_policy_traverse_system_group" + end + # resource path + local_var_path = '/policies/{policy_id}/systemgroups'.sub('{' + 'policy_id' + '}', policy_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_policy_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the associations of a RADIUS Server + # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param radiusserver_id ObjectID of the Radius Server. + # @param targets Targets which a \"radius_server\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_radius_server_associations_list(radiusserver_id, targets, opts = {}) + data, _status_code, _headers = graph_radius_server_associations_list_with_http_info(radiusserver_id, targets, opts) + data + end + + # List the associations of a RADIUS Server + # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param radiusserver_id ObjectID of the Radius Server. + # @param targets Targets which a \"radius_server\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_radius_server_associations_list_with_http_info(radiusserver_id, targets, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_radius_server_associations_list ...' + end + # verify the required parameter 'radiusserver_id' is set + if @api_client.config.client_side_validation && radiusserver_id.nil? + fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling GraphApi.graph_radius_server_associations_list" + end + # verify the required parameter 'targets' is set + if @api_client.config.client_side_validation && targets.nil? + fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_radius_server_associations_list" + end + # resource path + local_var_path = '/radiusservers/{radiusserver_id}/associations'.sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_radius_server_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Manage the associations of a RADIUS Server + # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` + # @param radiusserver_id ObjectID of the Radius Server. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationRadiusServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def graph_radius_server_associations_post(radiusserver_id, opts = {}) + graph_radius_server_associations_post_with_http_info(radiusserver_id, opts) + nil + end + + # Manage the associations of a RADIUS Server + # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` + # @param radiusserver_id ObjectID of the Radius Server. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationRadiusServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_radius_server_associations_post_with_http_info(radiusserver_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_radius_server_associations_post ...' + end + # verify the required parameter 'radiusserver_id' is set + if @api_client.config.client_side_validation && radiusserver_id.nil? + fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling GraphApi.graph_radius_server_associations_post" + end + # resource path + local_var_path = '/radiusservers/{radiusserver_id}/associations'.sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_radius_server_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the Users bound to a RADIUS Server + # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param radiusserver_id ObjectID of the Radius Server. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_policy_traverse_system(policy_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_policy_traverse_system_with_http_info(policy_id, content_type, accept, opts) - return data + def graph_radius_server_traverse_user(radiusserver_id, opts = {}) + data, _status_code, _headers = graph_radius_server_traverse_user_with_http_info(radiusserver_id, opts) + data end - # List the Systems bound to a Policy - # This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept + # List the Users bound to a RADIUS Server + # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param radiusserver_id ObjectID of the Radius Server. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_policy_traverse_system_with_http_info(policy_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_radius_server_traverse_user_with_http_info(radiusserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_policy_traverse_system ..." - end - # verify the required parameter 'policy_id' is set - if @api_client.config.client_side_validation && policy_id.nil? - fail ArgumentError, "Missing the required parameter 'policy_id' when calling GraphApi.graph_policy_traverse_system" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_policy_traverse_system" + @api_client.config.logger.debug 'Calling API: GraphApi.graph_radius_server_traverse_user ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_policy_traverse_system" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_policy_traverse_system, must be greater than or equal to 0.' + # verify the required parameter 'radiusserver_id' is set + if @api_client.config.client_side_validation && radiusserver_id.nil? + fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling GraphApi.graph_radius_server_traverse_user" end - # resource path - local_var_path = "/policies/{policy_id}/systems".sub('{' + 'policy_id' + '}', policy_id.to_s) + local_var_path = '/radiusservers/{radiusserver_id}/users'.sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_policy_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_radius_server_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the System Groups bound to a Policy - # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept + # List the User Groups bound to a RADIUS Server + # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param radiusserver_id ObjectID of the Radius Server. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_policy_traverse_system_group(policy_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_policy_traverse_system_group_with_http_info(policy_id, content_type, accept, opts) - return data + def graph_radius_server_traverse_user_group(radiusserver_id, opts = {}) + data, _status_code, _headers = graph_radius_server_traverse_user_group_with_http_info(radiusserver_id, opts) + data end - # List the System Groups bound to a Policy - # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept + # List the User Groups bound to a RADIUS Server + # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param radiusserver_id ObjectID of the Radius Server. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_policy_traverse_system_group_with_http_info(policy_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_radius_server_traverse_user_group_with_http_info(radiusserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_policy_traverse_system_group ..." - end - # verify the required parameter 'policy_id' is set - if @api_client.config.client_side_validation && policy_id.nil? - fail ArgumentError, "Missing the required parameter 'policy_id' when calling GraphApi.graph_policy_traverse_system_group" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_policy_traverse_system_group" + @api_client.config.logger.debug 'Calling API: GraphApi.graph_radius_server_traverse_user_group ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_policy_traverse_system_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_policy_traverse_system_group, must be greater than or equal to 0.' + # verify the required parameter 'radiusserver_id' is set + if @api_client.config.client_side_validation && radiusserver_id.nil? + fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling GraphApi.graph_radius_server_traverse_user_group" end - # resource path - local_var_path = "/policies/{policy_id}/systemgroups".sub('{' + 'policy_id' + '}', policy_id.to_s) + local_var_path = '/radiusservers/{radiusserver_id}/usergroups'.sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_policy_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_radius_server_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the associations of a RADIUS Server - # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param radiusserver_id ObjectID of the Radius Server. - # @param targets - # @param content_type - # @param accept + # List the associations of a Software Application + # This endpoint will return the _direct_ associations of a Software Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Software Application and System Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param targets Targets which a \"software_app\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_radius_server_associations_list(radiusserver_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_radius_server_associations_list_with_http_info(radiusserver_id, targets, content_type, accept, opts) - return data + def graph_softwareapps_associations_list(software_app_id, targets, opts = {}) + data, _status_code, _headers = graph_softwareapps_associations_list_with_http_info(software_app_id, targets, opts) + data end - # List the associations of a RADIUS Server - # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param radiusserver_id ObjectID of the Radius Server. - # @param targets - # @param content_type - # @param accept + # List the associations of a Software Application + # This endpoint will return the _direct_ associations of a Software Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Software Application and System Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param targets Targets which a \"software_app\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_radius_server_associations_list_with_http_info(radiusserver_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_softwareapps_associations_list_with_http_info(software_app_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_radius_server_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_softwareapps_associations_list ...' end - # verify the required parameter 'radiusserver_id' is set - if @api_client.config.client_side_validation && radiusserver_id.nil? - fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling GraphApi.graph_radius_server_associations_list" + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling GraphApi.graph_softwareapps_associations_list" end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? - fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_radius_server_associations_list" + fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_softwareapps_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_radius_server_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_radius_server_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_radius_server_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/radiusservers/{radiusserver_id}/associations".sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) + local_var_path = '/softwareapps/{software_app_id}/associations'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_radius_server_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_softwareapps_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Manage the associations of a RADIUS Server - # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` - # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept + # Manage the associations of a software application. + # This endpoint allows you to associate or disassociate a software application to a system or system group. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"id\": \"\", \"op\": \"add\", \"type\": \"system\" }' ``` + # @param software_app_id ObjectID of the Software App. # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationSoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_radius_server_associations_post(radiusserver_id, content_type, accept, opts = {}) - graph_radius_server_associations_post_with_http_info(radiusserver_id, content_type, accept, opts) - return nil + def graph_softwareapps_associations_post(software_app_id, opts = {}) + graph_softwareapps_associations_post_with_http_info(software_app_id, opts) + nil end - # Manage the associations of a RADIUS Server - # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` - # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept + # Manage the associations of a software application. + # This endpoint allows you to associate or disassociate a software application to a system or system group. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"id\": \"<object_id>\", \"op\": \"add\", \"type\": \"system\" }' ``` + # @param software_app_id ObjectID of the Software App. # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_radius_server_associations_post_with_http_info(radiusserver_id, content_type, accept, opts = {}) + # @option opts [GraphOperationSoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_softwareapps_associations_post_with_http_info(software_app_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_radius_server_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_softwareapps_associations_post ...' end - # verify the required parameter 'radiusserver_id' is set - if @api_client.config.client_side_validation && radiusserver_id.nil? - fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling GraphApi.graph_radius_server_associations_post" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_radius_server_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_radius_server_associations_post" + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling GraphApi.graph_softwareapps_associations_post" end # resource path - local_var_path = "/radiusservers/{radiusserver_id}/associations".sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) + local_var_path = '/softwareapps/{software_app_id}/associations'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_radius_server_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_softwareapps_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the Users bound to a RADIUS Server - # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept + # List the Systems bound to a Software App. + # This endpoint will return all Systems bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_radius_server_traverse_user(radiusserver_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_radius_server_traverse_user_with_http_info(radiusserver_id, content_type, accept, opts) - return data + def graph_softwareapps_traverse_system(software_app_id, opts = {}) + data, _status_code, _headers = graph_softwareapps_traverse_system_with_http_info(software_app_id, opts) + data end - # List the Users bound to a RADIUS Server - # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept + # List the Systems bound to a Software App. + # This endpoint will return all Systems bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_radius_server_traverse_user_with_http_info(radiusserver_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_softwareapps_traverse_system_with_http_info(software_app_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_radius_server_traverse_user ..." - end - # verify the required parameter 'radiusserver_id' is set - if @api_client.config.client_side_validation && radiusserver_id.nil? - fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling GraphApi.graph_radius_server_traverse_user" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_radius_server_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_radius_server_traverse_user" + @api_client.config.logger.debug 'Calling API: GraphApi.graph_softwareapps_traverse_system ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_radius_server_traverse_user, must be greater than or equal to 0.' + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling GraphApi.graph_softwareapps_traverse_system" end - # resource path - local_var_path = "/radiusservers/{radiusserver_id}/users".sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) + local_var_path = '/softwareapps/{software_app_id}/systems'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_radius_server_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_softwareapps_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the User Groups bound to a RADIUS Server - # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept + # List the System Groups bound to a Software App. + # This endpoint will return all Systems Groups bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_radius_server_traverse_user_group(radiusserver_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_radius_server_traverse_user_group_with_http_info(radiusserver_id, content_type, accept, opts) - return data + def graph_softwareapps_traverse_system_group(software_app_id, opts = {}) + data, _status_code, _headers = graph_softwareapps_traverse_system_group_with_http_info(software_app_id, opts) + data end - # List the User Groups bound to a RADIUS Server - # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept + # List the System Groups bound to a Software App. + # This endpoint will return all Systems Groups bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_radius_server_traverse_user_group_with_http_info(radiusserver_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_softwareapps_traverse_system_group_with_http_info(software_app_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_radius_server_traverse_user_group ..." - end - # verify the required parameter 'radiusserver_id' is set - if @api_client.config.client_side_validation && radiusserver_id.nil? - fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling GraphApi.graph_radius_server_traverse_user_group" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_radius_server_traverse_user_group" + @api_client.config.logger.debug 'Calling API: GraphApi.graph_softwareapps_traverse_system_group ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_radius_server_traverse_user_group" + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling GraphApi.graph_softwareapps_traverse_system_group" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_radius_server_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/radiusservers/{radiusserver_id}/usergroups".sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) + local_var_path = '/softwareapps/{software_app_id}/systemgroups'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_radius_server_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_softwareapps_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of a System # This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_associations_list(system_id, content_type, accept, targets, opts = {}) - data, _status_code, _headers = graph_system_associations_list_with_http_info(system_id, content_type, accept, targets, opts) - return data + def graph_system_associations_list(system_id, targets, opts = {}) + data, _status_code, _headers = graph_system_associations_list_with_http_info(system_id, targets, opts) + data end # List the associations of a System - # This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_associations_list_with_http_info(system_id, content_type, accept, targets, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_associations_list_with_http_info(system_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_associations_list ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling GraphApi.graph_system_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_associations_list" - end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_system_associations_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systems/{system_id}/associations".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/associations'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_system_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage associations of a System - # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGraphManagementReq] :body + # @option opts [GraphOperationSystem] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_system_associations_post(system_id, content_type, accept, opts = {}) - graph_system_associations_post_with_http_info(system_id, content_type, accept, opts) - return nil + def graph_system_associations_post(system_id, opts = {}) + graph_system_associations_post_with_http_info(system_id, opts) + nil end # Manage associations of a System - # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGraphManagementReq] :body + # @option opts [GraphOperationSystem] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_system_associations_post_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_system_associations_post_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_associations_post ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling GraphApi.graph_system_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_associations_post" - end # resource path - local_var_path = "/systems/{system_id}/associations".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/associations'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_system_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of a System Group # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_group_associations_list(group_id, content_type, accept, targets, opts = {}) - data, _status_code, _headers = graph_system_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts) - return data + def graph_system_group_associations_list(group_id, targets, opts = {}) + data, _status_code, _headers = graph_system_group_associations_list_with_http_info(group_id, targets, opts) + data end # List the associations of a System Group - # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_associations_list_with_http_info(group_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_group_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_group_associations_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_group_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_group_associations_list" - end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_system_group_associations_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_group_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_system_group_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a System Group - # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupGraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationSystemGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_system_group_associations_post(group_id, content_type, accept, opts = {}) - graph_system_group_associations_post_with_http_info(group_id, content_type, accept, opts) - return nil + def graph_system_group_associations_post(group_id, opts = {}) + graph_system_group_associations_post_with_http_info(group_id, opts) + nil end # Manage the associations of a System Group - # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupGraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_system_group_associations_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [GraphOperationSystemGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_system_group_associations_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_group_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_group_associations_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_group_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_group_associations_post" - end # resource path - local_var_path = "/systemgroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_system_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the System Group's parents - # This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. + # List the members of a System Group + # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def graph_system_group_member_of(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_member_of_with_http_info(group_id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_system_group_members_list(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_members_list_with_http_info(group_id, opts) + data end - # List the System Group's parents - # This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. + # List the members of a System Group + # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_member_of_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_members_list_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_group_member_of ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_group_members_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_member_of" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_group_member_of" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_group_member_of" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_group_member_of, must be greater than or equal to 0.' + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_members_list" end - # resource path - local_var_path = "/systemgroups/{group_id}/memberof".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} - query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_system_group_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_system_group_members_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the members of a System Group - # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Manage the members of a System Group + # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def graph_system_group_members_list(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_members_list_with_http_info(group_id, content_type, accept, opts) - return data + # @option opts [GraphOperationSystemGroupMember] :body + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def graph_system_group_members_post(group_id, opts = {}) + graph_system_group_members_post_with_http_info(group_id, opts) + nil end - # List the members of a System Group - # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Manage the members of a System Group + # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_members_list_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [GraphOperationSystemGroupMember] :body + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_system_group_members_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_group_members_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_group_members_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_members_list" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_group_members_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_group_members_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_group_members_list, must be greater than or equal to 0.' + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_members_post" end - # resource path - local_var_path = "/systemgroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept + header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? + header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_system_group_members_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_system_group_members_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Manage the members of a System Group - # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` + # List the System Group's membership + # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupMembersReq] :body - # @option opts [String] :date Current date header for the System Context API - # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def graph_system_group_members_post(group_id, content_type, accept, opts = {}) - graph_system_group_members_post_with_http_info(group_id, content_type, accept, opts) - return nil + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_system_group_membership(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_membership_with_http_info(group_id, opts) + data end - # Manage the members of a System Group - # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` + # List the System Group's membership + # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupMembersReq] :body - # @option opts [String] :date Current date header for the System Context API - # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_system_group_members_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_membership_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_group_members_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_group_membership ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_members_post" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_group_members_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_group_members_post" + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_membership" end # resource path - local_var_path = "/systemgroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/membership'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? - header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:POST, local_var_path, + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_system_group_members_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_system_group_membership\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the System Group's membership - # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the Commands bound to a System Group + # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def graph_system_group_membership(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_membership_with_http_info(group_id, content_type, accept, opts) - return data + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array] + def graph_system_group_traverse_command(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_command_with_http_info(group_id, opts) + data end - # List the System Group's membership - # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the Commands bound to a System Group + # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_membership_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_command_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_group_membership ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_group_traverse_command ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_membership" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_group_membership" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_group_membership" + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_traverse_command" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_group_membership, must be greater than or equal to 0.' + if @api_client.config.client_side_validation && opts[:'details'] && !['v1'].include?(opts[:'details']) + fail ArgumentError, 'invalid value for "details", must be one of v1' end - # resource path - local_var_path = "/systemgroups/{group_id}/membership".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/commands'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'details'] = opts[:'details'] if !opts[:'details'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_system_group_membership\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_system_group_traverse_command\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the Commands bound to a System Group - # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the Policies bound to a System Group + # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_group_traverse_command(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_command_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_traverse_policy(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_policy_with_http_info(group_id, opts) + data end - # List the Commands bound to a System Group - # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the Policies bound to a System Group + # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_command_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_policy_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_group_traverse_command ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_group_traverse_policy ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_traverse_command" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_group_traverse_command" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_group_traverse_command" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_group_traverse_command, must be greater than or equal to 0.' + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_traverse_policy" end - # resource path - local_var_path = "/systemgroups/{group_id}/commands".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/policies'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_system_group_traverse_command\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_system_group_traverse_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the Policies bound to a System Group - # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the Policy Groups bound to a System Group + # This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_group_traverse_policy(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_policy_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_traverse_policy_group(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_policy_group_with_http_info(group_id, opts) + data end - # List the Policies bound to a System Group - # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the Policy Groups bound to a System Group + # This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_policy_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_policy_group_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_group_traverse_policy ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_group_traverse_policy_group ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_traverse_policy" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_group_traverse_policy" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_group_traverse_policy" + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_traverse_policy_group" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_group_traverse_policy, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/policies".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/policygroups'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_system_group_traverse_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_system_group_traverse_policy_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to a System Group # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_group_traverse_user(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_user_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_traverse_user(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_user_with_http_info(group_id, opts) + data end # List the Users bound to a System Group - # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_user_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_user_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_group_traverse_user ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_group_traverse_user ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_group_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_group_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_group_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/users".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/users'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_system_group_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to a System Group # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_group_traverse_user_group(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_user_group_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_traverse_user_group(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_user_group_with_http_info(group_id, opts) + data end # List the User Groups bound to a System Group - # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_user_group_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_user_group_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_group_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_group_traverse_user_group ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_system_group_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_group_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_group_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_group_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/usergroups".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/usergroups'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_system_group_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the parent Groups of a System # This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_member_of(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_member_of_with_http_info(system_id, content_type, accept, opts) - return data + def graph_system_member_of(system_id, opts = {}) + data, _status_code, _headers = graph_system_member_of_with_http_info(system_id, opts) + data end # List the parent Groups of a System - # This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_member_of_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_member_of_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_member_of ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_member_of ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling GraphApi.graph_system_member_of" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_member_of" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_member_of" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_member_of, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systems/{system_id}/memberof".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/memberof'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_system_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Commands bound to a System # This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array] - def graph_system_traverse_command(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_traverse_command_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array] + def graph_system_traverse_command(system_id, opts = {}) + data, _status_code, _headers = graph_system_traverse_command_with_http_info(system_id, opts) + data end # List the Commands bound to a System - # This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_traverse_command_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_traverse_command_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_traverse_command ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_traverse_command ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling GraphApi.graph_system_traverse_command" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_traverse_command" + if @api_client.config.client_side_validation && opts[:'details'] && !['v1'].include?(opts[:'details']) + fail ArgumentError, 'invalid value for "details", must be one of v1' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_traverse_command" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_traverse_command, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systems/{system_id}/commands".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/commands'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'details'] = opts[:'details'] if !opts[:'details'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_system_traverse_command\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Policies bound to a System # This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_traverse_policy(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_traverse_policy_with_http_info(system_id, content_type, accept, opts) - return data + def graph_system_traverse_policy(system_id, opts = {}) + data, _status_code, _headers = graph_system_traverse_policy_with_http_info(system_id, opts) + data end # List the Policies bound to a System - # This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_traverse_policy_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_traverse_policy_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_traverse_policy ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_traverse_policy ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling GraphApi.graph_system_traverse_policy" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_traverse_policy" + # resource path + local_var_path = '/systems/{system_id}/policies'.sub('{' + 'system_id' + '}', system_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: GraphApi#graph_system_traverse_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_traverse_policy" + return data, status_code, headers + end + # List the Policy Groups bound to a System + # This endpoint will return all Policy Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param system_id ObjectID of the System. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_system_traverse_policy_group(system_id, opts = {}) + data, _status_code, _headers = graph_system_traverse_policy_group_with_http_info(system_id, opts) + data + end + + # List the Policy Groups bound to a System + # This endpoint will return all Policy Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param system_id ObjectID of the System. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_traverse_policy_group_with_http_info(system_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_traverse_policy_group ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_traverse_policy, must be greater than or equal to 0.' + # verify the required parameter 'system_id' is set + if @api_client.config.client_side_validation && system_id.nil? + fail ArgumentError, "Missing the required parameter 'system_id' when calling GraphApi.graph_system_traverse_policy_group" end - # resource path - local_var_path = "/systems/{system_id}/policies".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/policygroups'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? + header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_system_traverse_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_system_traverse_policy_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to a System # This endpoint will return all Users bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_traverse_user(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_traverse_user_with_http_info(system_id, content_type, accept, opts) - return data + def graph_system_traverse_user(system_id, opts = {}) + data, _status_code, _headers = graph_system_traverse_user_with_http_info(system_id, opts) + data end # List the Users bound to a System - # This endpoint will return all Users bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_traverse_user_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_traverse_user_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_traverse_user ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_traverse_user ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling GraphApi.graph_system_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systems/{system_id}/users".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/users'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_system_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to a System # This endpoint will return all User Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_traverse_user_group(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_traverse_user_group_with_http_info(system_id, content_type, accept, opts) - return data + def graph_system_traverse_user_group(system_id, opts = {}) + data, _status_code, _headers = graph_system_traverse_user_group_with_http_info(system_id, opts) + data end # List the User Groups bound to a System - # This endpoint will return all User Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_traverse_user_group_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_traverse_user_group_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_system_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_system_traverse_user_group ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling GraphApi.graph_system_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_system_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_system_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_system_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systems/{system_id}/usergroups".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/usergroups'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_system_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of a User # This endpoint returns the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_associations_list(user_id, content_type, accept, targets, opts = {}) - data, _status_code, _headers = graph_user_associations_list_with_http_info(user_id, content_type, accept, targets, opts) - return data + def graph_user_associations_list(user_id, targets, opts = {}) + data, _status_code, _headers = graph_user_associations_list_with_http_info(user_id, targets, opts) + data end # List the associations of a User - # This endpoint returns the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_associations_list_with_http_info(user_id, content_type, accept, targets, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_associations_list_with_http_info(user_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_associations_list ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_associations_list" - end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_user_associations_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/associations".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/associations'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a User - # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' + # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationUser] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_user_associations_post(user_id, content_type, accept, opts = {}) - graph_user_associations_post_with_http_info(user_id, content_type, accept, opts) - return nil + def graph_user_associations_post(user_id, opts = {}) + graph_user_associations_post_with_http_info(user_id, opts) + nil end # Manage the associations of a User - # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' + # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_user_associations_post_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [GraphOperationUser] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_user_associations_post_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_associations_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_associations_post ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_associations_post" - end # resource path - local_var_path = "/users/{user_id}/associations".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/associations'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the associations of a User Group. # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_group_associations_list(group_id, content_type, accept, targets, opts = {}) - data, _status_code, _headers = graph_user_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts) - return data + def graph_user_group_associations_list(group_id, targets, opts = {}) + data, _status_code, _headers = graph_user_group_associations_list_with_http_info(group_id, targets, opts) + data end # List the associations of a User Group. - # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_associations_list_with_http_info(group_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_associations_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_associations_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_associations_list" - end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling GraphApi.graph_user_group_associations_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_user_group_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - - # Manage the associations of a User Group - # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` - # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [UserGroupGraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def graph_user_group_associations_post(group_id, content_type, accept, opts = {}) - graph_user_group_associations_post_with_http_info(group_id, content_type, accept, opts) - return nil - end - - # Manage the associations of a User Group - # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` - # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [UserGroupGraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_user_group_associations_post_with_http_info(group_id, content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_associations_post ..." - end - # verify the required parameter 'group_id' is set - if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_associations_post" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_associations_post" - end - # resource path - local_var_path = "/usergroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) - - # query parameters - query_params = {} - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? - - # form parameters - form_params = {} + :return_type => return_type) - # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:POST, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names) if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_user_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_user_group_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List the User Group's parents - # This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, + # Manage the associations of a User Group + # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def graph_user_group_member_of(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_member_of_with_http_info(group_id, content_type, accept, opts) - return data + # @option opts [GraphOperationUserGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def graph_user_group_associations_post(group_id, opts = {}) + graph_user_group_associations_post_with_http_info(group_id, opts) + nil end - # List the User Group's parents - # This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, + # Manage the associations of a User Group + # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_member_of_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [GraphOperationUserGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_user_group_associations_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_member_of ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_associations_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_member_of" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_member_of" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_member_of" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_member_of, must be greater than or equal to 0.' + fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_associations_post" end - # resource path - local_var_path = "/usergroups/{group_id}/memberof".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} - query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#graph_user_group_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#graph_user_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the members of a User Group # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_group_members_list(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_members_list_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_members_list(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_members_list_with_http_info(group_id, opts) + data end # List the members of a User Group - # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_members_list_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_members_list_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_members_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_members_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_members_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_members_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_members_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_members_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_members_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the members of a User Group - # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupMembersReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationUserGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_user_group_members_post(group_id, content_type, accept, opts = {}) - graph_user_group_members_post_with_http_info(group_id, content_type, accept, opts) - return nil + def graph_user_group_members_post(group_id, opts = {}) + graph_user_group_members_post_with_http_info(group_id, opts) + nil end # Manage the members of a User Group - # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupMembersReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_user_group_members_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [GraphOperationUserGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_user_group_members_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_members_post ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_members_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_members_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_members_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_members_post" - end # resource path - local_var_path = "/usergroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_members_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Group's membership # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_group_membership(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_membership_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_membership(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_membership_with_http_info(group_id, opts) + data end - # List the User Group's membership - # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the User Group's membership + # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_membership_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_membership_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_membership ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_membership ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_membership" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_membership" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_membership" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_membership, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/membership".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/membership'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_membership\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Active Directories bound to a User Group # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_active_directory(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_active_directory_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_active_directory(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_active_directory_with_http_info(group_id, opts) + data end # List the Active Directories bound to a User Group - # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_active_directory_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_active_directory_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_traverse_active_directory ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_traverse_active_directory ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_traverse_active_directory" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_traverse_active_directory" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_traverse_active_directory" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_traverse_active_directory, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/activedirectories".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/activedirectories'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_traverse_active_directory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Applications bound to a User Group # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_application(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_application_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_application(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_application_with_http_info(group_id, opts) + data end # List the Applications bound to a User Group - # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_application_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_application_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_traverse_application ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_traverse_application ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_traverse_application" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_traverse_application" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_traverse_application" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_traverse_application, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/applications".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/applications'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_traverse_application\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Directories bound to a User Group # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_directory(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_directory_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_directory(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_directory_with_http_info(group_id, opts) + data end # List the Directories bound to a User Group - # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_directory_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_directory_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_traverse_directory ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_traverse_directory ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_traverse_directory" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_traverse_directory" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_traverse_directory" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_traverse_directory, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/directories".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/directories'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_traverse_directory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the G Suite instances bound to a User Group # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_g_suite(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_g_suite_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_g_suite(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_g_suite_with_http_info(group_id, opts) + data end # List the G Suite instances bound to a User Group - # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_g_suite_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_g_suite_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_traverse_g_suite ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_traverse_g_suite ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_traverse_g_suite" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_traverse_g_suite" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_traverse_g_suite" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_traverse_g_suite, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/gsuites".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/gsuites'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_traverse_g_suite\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the LDAP Servers bound to a User Group # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_ldap_server(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_ldap_server_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_ldap_server(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_ldap_server_with_http_info(group_id, opts) + data end # List the LDAP Servers bound to a User Group - # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_ldap_server_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_ldap_server_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_traverse_ldap_server ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_traverse_ldap_server ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_traverse_ldap_server" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_traverse_ldap_server" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_traverse_ldap_server" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_traverse_ldap_server, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/ldapservers".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/ldapservers'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_traverse_ldap_server\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Office 365 instances bound to a User Group # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_office365(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_office365_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_office365(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_office365_with_http_info(group_id, opts) + data end # List the Office 365 instances bound to a User Group - # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_office365_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_office365_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_traverse_office365 ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_traverse_office365 ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_traverse_office365" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_traverse_office365" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_traverse_office365" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_traverse_office365, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/office365s".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/office365s'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_traverse_office365\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the RADIUS Servers bound to a User Group # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_radius_server(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_radius_server_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_radius_server(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_radius_server_with_http_info(group_id, opts) + data end # List the RADIUS Servers bound to a User Group - # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_radius_server_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_radius_server_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_traverse_radius_server ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_traverse_radius_server ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_traverse_radius_server" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_traverse_radius_server" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_traverse_radius_server" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_traverse_radius_server, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/radiusservers".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/radiusservers'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_traverse_radius_server\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Systems bound to a User Group # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_system(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_system_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_system(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_system_with_http_info(group_id, opts) + data end # List the Systems bound to a User Group - # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_system_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_system_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_traverse_system ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_traverse_system ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_traverse_system" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_traverse_system" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_traverse_system" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_traverse_system, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/systems".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/systems'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the System Groups bound to User Groups # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_system_group(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_system_group_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_system_group(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_system_group_with_http_info(group_id, opts) + data end # List the System Groups bound to User Groups - # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_system_group_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_system_group_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_group_traverse_system_group ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_group_traverse_system_group ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling GraphApi.graph_user_group_traverse_system_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_group_traverse_system_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_group_traverse_system_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_group_traverse_system_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/systemgroups".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/systemgroups'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_group_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the parent Groups of a User # This endpoint returns all the User Groups a User is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_member_of(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_member_of_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_member_of(user_id, opts = {}) + data, _status_code, _headers = graph_user_member_of_with_http_info(user_id, opts) + data end # List the parent Groups of a User - # This endpoint returns all the User Groups a User is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all the User Groups a User is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_member_of_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_member_of_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_member_of ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_member_of ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_member_of" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_member_of" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_member_of" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_member_of, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/memberof".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/memberof'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Active Directory instances bound to a User # This endpoint will return all Active Directory Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Active Directory instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @return [Array] - def graph_user_traverse_active_directory(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_active_directory_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_active_directory(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_active_directory_with_http_info(user_id, opts) + data end # List the Active Directory instances bound to a User - # This endpoint will return all Active Directory Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Active Directory instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Active Directory Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Active Directory instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_active_directory_with_http_info(user_id, content_type, accept, opts = {}) + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_active_directory_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_traverse_active_directory ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_traverse_active_directory ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_traverse_active_directory" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_traverse_active_directory" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_traverse_active_directory" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_traverse_active_directory, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/activedirectories".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/activedirectories'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_traverse_active_directory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Applications bound to a User # This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_application(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_application_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_application(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_application_with_http_info(user_id, opts) + data end # List the Applications bound to a User - # This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_application_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_application_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_traverse_application ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_traverse_application ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_traverse_application" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_traverse_application" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_traverse_application" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_traverse_application, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/applications".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/applications'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_traverse_application\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Directories bound to a User # This endpoint will return all Directories bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directory from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_directory(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_directory_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_directory(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_directory_with_http_info(user_id, opts) + data end # List the Directories bound to a User - # This endpoint will return all Directories bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directory from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Directories bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directory from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_directory_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_directory_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_traverse_directory ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_traverse_directory ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_traverse_directory" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_traverse_directory" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_traverse_directory" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_traverse_directory, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/directories".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/directories'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_traverse_directory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the G Suite instances bound to a User # This endpoint will return all G-Suite Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_g_suite(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_g_suite_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_g_suite(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_g_suite_with_http_info(user_id, opts) + data end # List the G Suite instances bound to a User - # This endpoint will return all G-Suite Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all G-Suite Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_g_suite_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_g_suite_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_traverse_g_suite ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_traverse_g_suite ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_traverse_g_suite" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_traverse_g_suite" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_traverse_g_suite" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_traverse_g_suite, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/gsuites".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/gsuites'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_traverse_g_suite\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the LDAP servers bound to a User # This endpoint will return all LDAP Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_ldap_server(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_ldap_server_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_ldap_server(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_ldap_server_with_http_info(user_id, opts) + data end # List the LDAP servers bound to a User - # This endpoint will return all LDAP Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all LDAP Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_ldap_server_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_ldap_server_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_traverse_ldap_server ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_traverse_ldap_server ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_traverse_ldap_server" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_traverse_ldap_server" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_traverse_ldap_server" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_traverse_ldap_server, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/ldapservers".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/ldapservers'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_traverse_ldap_server\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Office 365 instances bound to a User # This endpoint will return all Office 365 Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_office365(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_office365_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_office365(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_office365_with_http_info(user_id, opts) + data end # List the Office 365 instances bound to a User - # This endpoint will return all Office 365 Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Office 365 Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_office365_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_office365_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_traverse_office365 ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_traverse_office365 ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_traverse_office365" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_traverse_office365" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_traverse_office365" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_traverse_office365, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/office365s".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/office365s'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_traverse_office365\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the RADIUS Servers bound to a User # This endpoint will return all RADIUS Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_radius_server(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_radius_server_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_radius_server(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_radius_server_with_http_info(user_id, opts) + data end # List the RADIUS Servers bound to a User - # This endpoint will return all RADIUS Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all RADIUS Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_radius_server_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_radius_server_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_traverse_radius_server ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_traverse_radius_server ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_traverse_radius_server" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_traverse_radius_server" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_traverse_radius_server" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_traverse_radius_server, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/radiusservers".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/radiusservers'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_traverse_radius_server\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Systems bound to a User # This endpoint will return all Systems bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systems\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_system(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_system_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_system(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_system_with_http_info(user_id, opts) + data end # List the Systems bound to a User - # This endpoint will return all Systems bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systems\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systems\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_system_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_system_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_traverse_system ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_traverse_system ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_traverse_system" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_traverse_system" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_traverse_system" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_traverse_system, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/systems".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/systems'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the System Groups bound to a User # This endpoint will return all System Groups bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systemgroups\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_system_group(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_system_group_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_system_group(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_system_group_with_http_info(user_id, opts) + data end # List the System Groups bound to a User - # This endpoint will return all System Groups bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systemgroups\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systemgroups\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_system_group_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_system_group_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.graph_user_traverse_system_group ..." + @api_client.config.logger.debug 'Calling API: GraphApi.graph_user_traverse_system_group ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling GraphApi.graph_user_traverse_system_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.graph_user_traverse_system_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.graph_user_traverse_system_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.graph_user_traverse_system_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/systemgroups".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/systemgroups'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GraphApi#graph_user_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the policy statuses for a system # This endpoint returns the policy results for a particular system. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def policystatuses_list(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = policystatuses_list_with_http_info(system_id, content_type, accept, opts) - return data + def policystatuses_systems_list(system_id, opts = {}) + data, _status_code, _headers = policystatuses_systems_list_with_http_info(system_id, opts) + data end # List the policy statuses for a system - # This endpoint returns the policy results for a particular system. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the policy results for a particular system. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def policystatuses_list_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def policystatuses_systems_list_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GraphApi.policystatuses_list ..." + @api_client.config.logger.debug 'Calling API: GraphApi.policystatuses_systems_list ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling GraphApi.policystatuses_list" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GraphApi.policystatuses_list" + fail ArgumentError, "Missing the required parameter 'system_id' when calling GraphApi.policystatuses_systems_list" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GraphApi.policystatuses_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GraphApi.policystatuses_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systems/{system_id}/policystatuses".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/policystatuses'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -6457,30 +6053,30 @@ def policystatuses_list_with_http_info(system_id, content_type, accept, opts = { query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: GraphApi#policystatuses_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: GraphApi#policystatuses_systems_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv2/lib/jcapiv2/api/groups_api.rb b/jcapiv2/lib/jcapiv2/api/groups_api.rb index 9f6c8ca..dbe2b94 100644 --- a/jcapiv2/lib/jcapiv2/api/groups_api.rb +++ b/jcapiv2/lib/jcapiv2/api/groups_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class GroupsApi attr_accessor :api_client @@ -19,57 +16,42 @@ class GroupsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List All Groups # This endpoint returns all Groups that exist in your organization. #### Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/groups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :x_unfiltered_total_count If provided in the request with any non-empty value, this header will be returned on the response populated with the total count of objects without filters taken into account # @return [Array] - def groups_list(content_type, accept, opts = {}) - data, _status_code, _headers = groups_list_with_http_info(content_type, accept, opts) - return data + def groups_list(opts = {}) + data, _status_code, _headers = groups_list_with_http_info(opts) + data end # List All Groups - # This endpoint returns all Groups that exist in your organization. #### Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/groups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all Groups that exist in your organization. #### Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/groups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def groups_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :x_unfiltered_total_count If provided in the request with any non-empty value, this header will be returned on the response populated with the total count of objects without filters taken into account + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def groups_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: GroupsApi.groups_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling GroupsApi.groups_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling GroupsApi.groups_list" + @api_client.config.logger.debug 'Calling API: GroupsApi.groups_list ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling GroupsApi.groups_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/groups" + local_var_path = '/groups' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -77,28 +59,29 @@ def groups_list_with_http_info(content_type, accept, opts = {}) query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + header_params[:'x-unfiltered-total-count'] = opts[:'x_unfiltered_total_count'] if !opts[:'x_unfiltered_total_count'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: GroupsApi#groups_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/image_api.rb b/jcapiv2/lib/jcapiv2/api/image_api.rb new file mode 100644 index 0000000..b113f17 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/image_api.rb @@ -0,0 +1,79 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class ImageApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Delete application image + # Deletes the specified image from an application + # @param application_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def applications_delete_logo(application_id, opts = {}) + applications_delete_logo_with_http_info(application_id, opts) + nil + end + + # Delete application image + # Deletes the specified image from an application + # @param application_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def applications_delete_logo_with_http_info(application_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ImageApi.applications_delete_logo ...' + end + # verify the required parameter 'application_id' is set + if @api_client.config.client_side_validation && application_id.nil? + fail ArgumentError, "Missing the required parameter 'application_id' when calling ImageApi.applications_delete_logo" + end + # resource path + local_var_path = '/applications/{application_id}/logo'.sub('{' + 'application_id' + '}', application_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ImageApi#applications_delete_logo\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/ip_lists_api.rb b/jcapiv2/lib/jcapiv2/api/ip_lists_api.rb new file mode 100644 index 0000000..9a72c99 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/ip_lists_api.rb @@ -0,0 +1,389 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class IPListsApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Delete an IP list + # Delete a specific IP list. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [IPList] + def iplists_delete(id, opts = {}) + data, _status_code, _headers = iplists_delete_with_http_info(id, opts) + data + end + + # Delete an IP list + # Delete a specific IP list. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(IPList, Integer, Hash)>] IPList data, response status code and response headers + def iplists_delete_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: IPListsApi.iplists_delete ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling IPListsApi.iplists_delete" + end + # resource path + local_var_path = '/iplists/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'IPList' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: IPListsApi#iplists_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get an IP list + # Return a specific IP list. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [IPList] + def iplists_get(id, opts = {}) + data, _status_code, _headers = iplists_get_with_http_info(id, opts) + data + end + + # Get an IP list + # Return a specific IP list. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(IPList, Integer, Hash)>] IPList data, response status code and response headers + def iplists_get_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: IPListsApi.iplists_get ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling IPListsApi.iplists_get" + end + # resource path + local_var_path = '/iplists/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'IPList' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: IPListsApi#iplists_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List IP Lists + # Retrieve all IP lists. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/iplists \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :x_total_count + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + def iplists_list(opts = {}) + data, _status_code, _headers = iplists_list_with_http_info(opts) + data + end + + # List IP Lists + # Retrieve all IP lists. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/iplists \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :x_total_count + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def iplists_list_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: IPListsApi.iplists_list ...' + end + # resource path + local_var_path = '/iplists' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + header_params[:'x-total-count'] = opts[:'x_total_count'] if !opts[:'x_total_count'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: IPListsApi#iplists_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update an IP list + # Update a specific IP list. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"name\": \"New IP List Name\"}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [IPListRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [IPList] + def iplists_patch(id, opts = {}) + data, _status_code, _headers = iplists_patch_with_http_info(id, opts) + data + end + + # Update an IP list + # Update a specific IP list. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"name\": \"New IP List Name\"}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [IPListRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(IPList, Integer, Hash)>] IPList data, response status code and response headers + def iplists_patch_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: IPListsApi.iplists_patch ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling IPListsApi.iplists_patch" + end + # resource path + local_var_path = '/iplists/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'IPList' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: IPListsApi#iplists_patch\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create IP List + # Create an IP list. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/iplists \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample IP List\", \"ips\": [ \"192.168.10.12\", \"192.168.10.20 - 192.168.10.30\", \"123.225.10.0/32\" ] }' ``` + # @param [Hash] opts the optional parameters + # @option opts [IPListRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [IPList] + def iplists_post(opts = {}) + data, _status_code, _headers = iplists_post_with_http_info(opts) + data + end + + # Create IP List + # Create an IP list. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/iplists \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample IP List\", \"ips\": [ \"192.168.10.12\", \"192.168.10.20 - 192.168.10.30\", \"123.225.10.0/32\" ] }' ``` + # @param [Hash] opts the optional parameters + # @option opts [IPListRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(IPList, Integer, Hash)>] IPList data, response status code and response headers + def iplists_post_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: IPListsApi.iplists_post ...' + end + # resource path + local_var_path = '/iplists' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'IPList' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: IPListsApi#iplists_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Replace an IP list + # Replace a specific IP list. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample IP List\", \"ips\": [ \"192.168.10.10\" ] }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [IPListRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [IPList] + def iplists_put(id, opts = {}) + data, _status_code, _headers = iplists_put_with_http_info(id, opts) + data + end + + # Replace an IP list + # Replace a specific IP list. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample IP List\", \"ips\": [ \"192.168.10.10\" ] }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [IPListRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(IPList, Integer, Hash)>] IPList data, response status code and response headers + def iplists_put_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: IPListsApi.iplists_put ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling IPListsApi.iplists_put" + end + # resource path + local_var_path = '/iplists/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'IPList' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: IPListsApi#iplists_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/knowledge_api.rb b/jcapiv2/lib/jcapiv2/api/knowledge_api.rb deleted file mode 100644 index 8ae99ba..0000000 --- a/jcapiv2/lib/jcapiv2/api/knowledge_api.rb +++ /dev/null @@ -1,91 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require "uri" - -module JCAPIv2 - class KnowledgeApi - attr_accessor :api_client - - def initialize(api_client = ApiClient.default) - @api_client = api_client - end - - # List Knowledge Articles - # This endpoint returns a list of knowledge articles hosted in salesforce. ``` Sample Request curl -X GET https://console.jumpcloud.com/api/v2/knowledge/salesforce \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param [Hash] opts the optional parameters - # @option opts [Array] :fields - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @return [SalesforceKnowledgeListOutput] - def knowledge_salesforce_list(opts = {}) - data, _status_code, _headers = knowledge_salesforce_list_with_http_info(opts) - return data - end - - # List Knowledge Articles - # This endpoint returns a list of knowledge articles hosted in salesforce. ``` Sample Request curl -X GET https://console.jumpcloud.com/api/v2/knowledge/salesforce \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param [Hash] opts the optional parameters - # @option opts [Array] :fields - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @return [Array<(SalesforceKnowledgeListOutput, Fixnum, Hash)>] SalesforceKnowledgeListOutput data, response status code and response headers - def knowledge_salesforce_list_with_http_info(opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: KnowledgeApi.knowledge_salesforce_list ..." - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling KnowledgeApi.knowledge_salesforce_list, must be greater than or equal to 0.' - end - - # resource path - local_var_path = "/knowledge/salesforce" - - # query parameters - query_params = {} - query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? - query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'SalesforceKnowledgeListOutput') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: KnowledgeApi#knowledge_salesforce_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - end -end diff --git a/jcapiv2/lib/jcapiv2/api/ldap_servers_api.rb b/jcapiv2/lib/jcapiv2/api/ldap_servers_api.rb index be50275..46b16a4 100644 --- a/jcapiv2/lib/jcapiv2/api/ldap_servers_api.rb +++ b/jcapiv2/lib/jcapiv2/api/ldap_servers_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class LDAPServersApi attr_accessor :api_client @@ -19,37 +16,32 @@ class LDAPServersApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List the associations of a LDAP Server # This endpoint returns the _direct_ associations of this LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"ldap_server\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_ldap_server_associations_list(ldapserver_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_ldap_server_associations_list_with_http_info(ldapserver_id, targets, content_type, accept, opts) - return data + def graph_ldap_server_associations_list(ldapserver_id, targets, opts = {}) + data, _status_code, _headers = graph_ldap_server_associations_list_with_http_info(ldapserver_id, targets, opts) + data end # List the associations of a LDAP Server - # This endpoint returns the _direct_ associations of this LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"ldap_server\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_ldap_server_associations_list_with_http_info(ldapserver_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_ldap_server_associations_list_with_http_info(ldapserver_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: LDAPServersApi.graph_ldap_server_associations_list ..." + @api_client.config.logger.debug 'Calling API: LDAPServersApi.graph_ldap_server_associations_list ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? @@ -59,421 +51,333 @@ def graph_ldap_server_associations_list_with_http_info(ldapserver_id, targets, c if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling LDAPServersApi.graph_ldap_server_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling LDAPServersApi.graph_ldap_server_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling LDAPServersApi.graph_ldap_server_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling LDAPServersApi.graph_ldap_server_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/ldapservers/{ldapserver_id}/associations".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/associations'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: LDAPServersApi#graph_ldap_server_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a LDAP Server - # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationLdapServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_ldap_server_associations_post(ldapserver_id, content_type, accept, opts = {}) - graph_ldap_server_associations_post_with_http_info(ldapserver_id, content_type, accept, opts) - return nil + def graph_ldap_server_associations_post(ldapserver_id, opts = {}) + graph_ldap_server_associations_post_with_http_info(ldapserver_id, opts) + nil end # Manage the associations of a LDAP Server - # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_ldap_server_associations_post_with_http_info(ldapserver_id, content_type, accept, opts = {}) + # @option opts [GraphOperationLdapServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_ldap_server_associations_post_with_http_info(ldapserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: LDAPServersApi.graph_ldap_server_associations_post ..." + @api_client.config.logger.debug 'Calling API: LDAPServersApi.graph_ldap_server_associations_post ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? fail ArgumentError, "Missing the required parameter 'ldapserver_id' when calling LDAPServersApi.graph_ldap_server_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling LDAPServersApi.graph_ldap_server_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling LDAPServersApi.graph_ldap_server_associations_post" - end # resource path - local_var_path = "/ldapservers/{ldapserver_id}/associations".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/associations'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: LDAPServersApi#graph_ldap_server_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to a LDAP Server # This endpoint will return all Users bound to an LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_ldap_server_traverse_user(ldapserver_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_ldap_server_traverse_user_with_http_info(ldapserver_id, content_type, accept, opts) - return data + def graph_ldap_server_traverse_user(ldapserver_id, opts = {}) + data, _status_code, _headers = graph_ldap_server_traverse_user_with_http_info(ldapserver_id, opts) + data end # List the Users bound to a LDAP Server - # This endpoint will return all Users bound to an LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_ldap_server_traverse_user_with_http_info(ldapserver_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_ldap_server_traverse_user_with_http_info(ldapserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: LDAPServersApi.graph_ldap_server_traverse_user ..." + @api_client.config.logger.debug 'Calling API: LDAPServersApi.graph_ldap_server_traverse_user ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? fail ArgumentError, "Missing the required parameter 'ldapserver_id' when calling LDAPServersApi.graph_ldap_server_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling LDAPServersApi.graph_ldap_server_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling LDAPServersApi.graph_ldap_server_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling LDAPServersApi.graph_ldap_server_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/ldapservers/{ldapserver_id}/users".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/users'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: LDAPServersApi#graph_ldap_server_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to a LDAP Server # This endpoint will return all Users Groups bound to a LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_ldap_server_traverse_user_group(ldapserver_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_ldap_server_traverse_user_group_with_http_info(ldapserver_id, content_type, accept, opts) - return data + def graph_ldap_server_traverse_user_group(ldapserver_id, opts = {}) + data, _status_code, _headers = graph_ldap_server_traverse_user_group_with_http_info(ldapserver_id, opts) + data end # List the User Groups bound to a LDAP Server - # This endpoint will return all Users Groups bound to a LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to a LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_ldap_server_traverse_user_group_with_http_info(ldapserver_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_ldap_server_traverse_user_group_with_http_info(ldapserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: LDAPServersApi.graph_ldap_server_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: LDAPServersApi.graph_ldap_server_traverse_user_group ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? fail ArgumentError, "Missing the required parameter 'ldapserver_id' when calling LDAPServersApi.graph_ldap_server_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling LDAPServersApi.graph_ldap_server_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling LDAPServersApi.graph_ldap_server_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling LDAPServersApi.graph_ldap_server_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/ldapservers/{ldapserver_id}/usergroups".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/usergroups'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: LDAPServersApi#graph_ldap_server_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get LDAP Server # This endpoint returns a specific LDAP server. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id Unique identifier of the LDAP server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [LdapServerOutput] - def ldapservers_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = ldapservers_get_with_http_info(id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [LdapServer] + def ldapservers_get(id, opts = {}) + data, _status_code, _headers = ldapservers_get_with_http_info(id, opts) + data end # Get LDAP Server - # This endpoint returns a specific LDAP server. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific LDAP server. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id Unique identifier of the LDAP server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(LdapServerOutput, Fixnum, Hash)>] LdapServerOutput data, response status code and response headers - def ldapservers_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(LdapServer, Integer, Hash)>] LdapServer data, response status code and response headers + def ldapservers_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: LDAPServersApi.ldapservers_get ..." + @api_client.config.logger.debug 'Calling API: LDAPServersApi.ldapservers_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling LDAPServersApi.ldapservers_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling LDAPServersApi.ldapservers_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling LDAPServersApi.ldapservers_get" - end # resource path - local_var_path = "/ldapservers/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/ldapservers/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'LdapServer' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'LdapServerOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: LDAPServersApi#ldapservers_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List LDAP Servers # This endpoint returns the object IDs of your LDAP servers. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def ldapservers_list(content_type, accept, opts = {}) - data, _status_code, _headers = ldapservers_list_with_http_info(content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def ldapservers_list(opts = {}) + data, _status_code, _headers = ldapservers_list_with_http_info(opts) + data end # List LDAP Servers - # This endpoint returns the object IDs of your LDAP servers. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' - # @param content_type - # @param accept + # This endpoint returns the object IDs of your LDAP servers. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def ldapservers_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def ldapservers_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: LDAPServersApi.ldapservers_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling LDAPServersApi.ldapservers_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling LDAPServersApi.ldapservers_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling LDAPServersApi.ldapservers_list, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: LDAPServersApi.ldapservers_list ...' end - # resource path - local_var_path = "/ldapservers" + local_var_path = '/ldapservers' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -481,105 +385,91 @@ def ldapservers_list_with_http_info(content_type, accept, opts = {}) query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: LDAPServersApi#ldapservers_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Update existing LDAP server # This endpoint allows updating some attributes of an LDAP server. Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"remove\", \"userPasswordExpirationAction\": \"disable\" }' ``` # @param id Unique identifier of the LDAP server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Body3] :body - # @option opts [String] :x_api_key - # @option opts [String] :x_org_id - # @return [InlineResponse200] - def ldapservers_patch(id, content_type, accept, opts = {}) - data, _status_code, _headers = ldapservers_patch_with_http_info(id, content_type, accept, opts) - return data + # @option opts [LdapserversIdBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [InlineResponse20011] + def ldapservers_patch(id, opts = {}) + data, _status_code, _headers = ldapservers_patch_with_http_info(id, opts) + data end # Update existing LDAP server - # This endpoint allows updating some attributes of an LDAP server. Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"remove\", \"userPasswordExpirationAction\": \"disable\" }' ``` + # This endpoint allows updating some attributes of an LDAP server. Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"remove\", \"userPasswordExpirationAction\": \"disable\" }' ``` # @param id Unique identifier of the LDAP server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Body3] :body - # @option opts [String] :x_api_key - # @option opts [String] :x_org_id - # @return [Array<(InlineResponse200, Fixnum, Hash)>] InlineResponse200 data, response status code and response headers - def ldapservers_patch_with_http_info(id, content_type, accept, opts = {}) + # @option opts [LdapserversIdBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(InlineResponse20011, Integer, Hash)>] InlineResponse20011 data, response status code and response headers + def ldapservers_patch_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: LDAPServersApi.ldapservers_patch ..." + @api_client.config.logger.debug 'Calling API: LDAPServersApi.ldapservers_patch ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling LDAPServersApi.ldapservers_patch" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling LDAPServersApi.ldapservers_patch" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling LDAPServersApi.ldapservers_patch" - end # resource path - local_var_path = "/ldapservers/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/ldapservers/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-api-key'] = opts[:'x_api_key'] if !opts[:'x_api_key'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'InlineResponse20011' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'InlineResponse200') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: LDAPServersApi#ldapservers_patch\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/logos_api.rb b/jcapiv2/lib/jcapiv2/api/logos_api.rb new file mode 100644 index 0000000..2572987 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/logos_api.rb @@ -0,0 +1,76 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class LogosApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Get the logo associated with the specified id + # Return the logo image associated with the specified id + # @param id + # @param [Hash] opts the optional parameters + # @return [String] + def logos_get(id, opts = {}) + data, _status_code, _headers = logos_get_with_http_info(id, opts) + data + end + + # Get the logo associated with the specified id + # Return the logo image associated with the specified id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(String, Integer, Hash)>] String data, response status code and response headers + def logos_get_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: LogosApi.logos_get ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling LogosApi.logos_get" + end + # resource path + local_var_path = '/logos/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['image/gif', 'image/jpeg', 'image/png']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'String' + + auth_names = opts[:auth_names] || [] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: LogosApi#logos_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/managed_service_provider_api.rb b/jcapiv2/lib/jcapiv2/api/managed_service_provider_api.rb new file mode 100644 index 0000000..9deb9a3 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/managed_service_provider_api.rb @@ -0,0 +1,1253 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class ManagedServiceProviderApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Allow Adminstrator access to an Organization. + # This endpoint allows you to grant Administrator access to an Organization. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [AdministratorOrganizationLinkReq] :body + # @return [AdministratorOrganizationLink] + def administrator_organizations_create_by_administrator(id, opts = {}) + data, _status_code, _headers = administrator_organizations_create_by_administrator_with_http_info(id, opts) + data + end + + # Allow Adminstrator access to an Organization. + # This endpoint allows you to grant Administrator access to an Organization. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [AdministratorOrganizationLinkReq] :body + # @return [Array<(AdministratorOrganizationLink, Integer, Hash)>] AdministratorOrganizationLink data, response status code and response headers + def administrator_organizations_create_by_administrator_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.administrator_organizations_create_by_administrator ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.administrator_organizations_create_by_administrator" + end + # resource path + local_var_path = '/administrators/{id}/organizationlinks'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'AdministratorOrganizationLink' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#administrator_organizations_create_by_administrator\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the association links between an Administrator and Organizations. + # This endpoint returns the association links between an Administrator and Organizations. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def administrator_organizations_list_by_administrator(id, opts = {}) + data, _status_code, _headers = administrator_organizations_list_by_administrator_with_http_info(id, opts) + data + end + + # List the association links between an Administrator and Organizations. + # This endpoint returns the association links between an Administrator and Organizations. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def administrator_organizations_list_by_administrator_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.administrator_organizations_list_by_administrator ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.administrator_organizations_list_by_administrator" + end + # resource path + local_var_path = '/administrators/{id}/organizationlinks'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#administrator_organizations_list_by_administrator\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the association links between an Organization and Administrators. + # This endpoint returns the association links between an Organization and Administrators. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def administrator_organizations_list_by_organization(id, opts = {}) + data, _status_code, _headers = administrator_organizations_list_by_organization_with_http_info(id, opts) + data + end + + # List the association links between an Organization and Administrators. + # This endpoint returns the association links between an Organization and Administrators. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def administrator_organizations_list_by_organization_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.administrator_organizations_list_by_organization ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.administrator_organizations_list_by_organization" + end + # resource path + local_var_path = '/organizations/{id}/administratorlinks'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#administrator_organizations_list_by_organization\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Remove association between an Administrator and an Organization. + # This endpoint removes the association link between an Administrator and an Organization. + # @param administrator_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def administrator_organizations_remove_by_administrator(administrator_id, id, opts = {}) + administrator_organizations_remove_by_administrator_with_http_info(administrator_id, id, opts) + nil + end + + # Remove association between an Administrator and an Organization. + # This endpoint removes the association link between an Administrator and an Organization. + # @param administrator_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def administrator_organizations_remove_by_administrator_with_http_info(administrator_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.administrator_organizations_remove_by_administrator ...' + end + # verify the required parameter 'administrator_id' is set + if @api_client.config.client_side_validation && administrator_id.nil? + fail ArgumentError, "Missing the required parameter 'administrator_id' when calling ManagedServiceProviderApi.administrator_organizations_remove_by_administrator" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.administrator_organizations_remove_by_administrator" + end + # resource path + local_var_path = '/administrators/{administrator_id}/organizationlinks/{id}'.sub('{' + 'administrator_id' + '}', administrator_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#administrator_organizations_remove_by_administrator\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Deletes policy group template. + # Deletes a Policy Group Template. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def policy_group_templates_delete(provider_id, id, opts = {}) + policy_group_templates_delete_with_http_info(provider_id, id, opts) + nil + end + + # Deletes policy group template. + # Deletes a Policy Group Template. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def policy_group_templates_delete_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.policy_group_templates_delete ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.policy_group_templates_delete" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.policy_group_templates_delete" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#policy_group_templates_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Gets a provider's policy group template. + # Retrieves a Policy Group Template for this provider. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [PolicyGroupTemplate] + def policy_group_templates_get(provider_id, id, opts = {}) + data, _status_code, _headers = policy_group_templates_get_with_http_info(provider_id, id, opts) + data + end + + # Gets a provider's policy group template. + # Retrieves a Policy Group Template for this provider. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(PolicyGroupTemplate, Integer, Hash)>] PolicyGroupTemplate data, response status code and response headers + def policy_group_templates_get_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.policy_group_templates_get ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.policy_group_templates_get" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.policy_group_templates_get" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroupTemplate' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#policy_group_templates_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve a configured policy template by id. + # Retrieves a Configured Policy Templates for this provider and Id. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [ConfiguredPolicyTemplate] + def policy_group_templates_get_configured_policy_template(provider_id, id, opts = {}) + data, _status_code, _headers = policy_group_templates_get_configured_policy_template_with_http_info(provider_id, id, opts) + data + end + + # Retrieve a configured policy template by id. + # Retrieves a Configured Policy Templates for this provider and Id. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(ConfiguredPolicyTemplate, Integer, Hash)>] ConfiguredPolicyTemplate data, response status code and response headers + def policy_group_templates_get_configured_policy_template_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.policy_group_templates_get_configured_policy_template ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.policy_group_templates_get_configured_policy_template" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.policy_group_templates_get_configured_policy_template" + end + # resource path + local_var_path = '/providers/{provider_id}/configuredpolicytemplates/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ConfiguredPolicyTemplate' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#policy_group_templates_get_configured_policy_template\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List a provider's policy group templates. + # Retrieves a list of Policy Group Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplates] + def policy_group_templates_list(provider_id, opts = {}) + data, _status_code, _headers = policy_group_templates_list_with_http_info(provider_id, opts) + data + end + + # List a provider's policy group templates. + # Retrieves a list of Policy Group Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(PolicyGroupTemplates, Integer, Hash)>] PolicyGroupTemplates data, response status code and response headers + def policy_group_templates_list_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.policy_group_templates_list ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.policy_group_templates_list" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroupTemplates' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#policy_group_templates_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List a provider's configured policy templates. + # Retrieves a list of Configured Policy Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [InlineResponse20014] + def policy_group_templates_list_configured_policy_templates(provider_id, opts = {}) + data, _status_code, _headers = policy_group_templates_list_configured_policy_templates_with_http_info(provider_id, opts) + data + end + + # List a provider's configured policy templates. + # Retrieves a list of Configured Policy Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(InlineResponse20014, Integer, Hash)>] InlineResponse20014 data, response status code and response headers + def policy_group_templates_list_configured_policy_templates_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.policy_group_templates_list_configured_policy_templates ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.policy_group_templates_list_configured_policy_templates" + end + # resource path + local_var_path = '/providers/{provider_id}/configuredpolicytemplates'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse20014' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#policy_group_templates_list_configured_policy_templates\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Gets the list of members from a policy group template. + # Retrieves a Policy Group Template's Members. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplateMembers] + def policy_group_templates_list_members(provider_id, id, opts = {}) + data, _status_code, _headers = policy_group_templates_list_members_with_http_info(provider_id, id, opts) + data + end + + # Gets the list of members from a policy group template. + # Retrieves a Policy Group Template's Members. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(PolicyGroupTemplateMembers, Integer, Hash)>] PolicyGroupTemplateMembers data, response status code and response headers + def policy_group_templates_list_members_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.policy_group_templates_list_members ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.policy_group_templates_list_members" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.policy_group_templates_list_members" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates/{id}/members'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroupTemplateMembers' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#policy_group_templates_list_members\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create Provider Organization + # This endpoint creates a new organization under the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [CreateOrganization] :body + # @return [Organization] + def provider_organizations_create_org(provider_id, opts = {}) + data, _status_code, _headers = provider_organizations_create_org_with_http_info(provider_id, opts) + data + end + + # Create Provider Organization + # This endpoint creates a new organization under the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [CreateOrganization] :body + # @return [Array<(Organization, Integer, Hash)>] Organization data, response status code and response headers + def provider_organizations_create_org_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.provider_organizations_create_org ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.provider_organizations_create_org" + end + # resource path + local_var_path = '/providers/{provider_id}/organizations'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Organization' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#provider_organizations_create_org\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update Provider Organization + # This endpoint updates a provider's organization + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Organization] :body + # @return [Organization] + def provider_organizations_update_org(provider_id, id, opts = {}) + data, _status_code, _headers = provider_organizations_update_org_with_http_info(provider_id, id, opts) + data + end + + # Update Provider Organization + # This endpoint updates a provider's organization + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Organization] :body + # @return [Array<(Organization, Integer, Hash)>] Organization data, response status code and response headers + def provider_organizations_update_org_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.provider_organizations_update_org ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.provider_organizations_update_org" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.provider_organizations_update_org" + end + # resource path + local_var_path = '/providers/{provider_id}/organizations/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Organization' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#provider_organizations_update_org\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Provider + # This endpoint returns details about a provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @return [Provider] + def providers_get_provider(provider_id, opts = {}) + data, _status_code, _headers = providers_get_provider_with_http_info(provider_id, opts) + data + end + + # Retrieve Provider + # This endpoint returns details about a provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @return [Array<(Provider, Integer, Hash)>] Provider data, response status code and response headers + def providers_get_provider_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.providers_get_provider ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.providers_get_provider" + end + # resource path + local_var_path = '/providers/{provider_id}'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Provider' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#providers_get_provider\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List Provider Administrators + # This endpoint returns a list of the Administrators associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse20013] + def providers_list_administrators(provider_id, opts = {}) + data, _status_code, _headers = providers_list_administrators_with_http_info(provider_id, opts) + data + end + + # List Provider Administrators + # This endpoint returns a list of the Administrators associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse20013, Integer, Hash)>] InlineResponse20013 data, response status code and response headers + def providers_list_administrators_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.providers_list_administrators ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.providers_list_administrators" + end + # resource path + local_var_path = '/providers/{provider_id}/administrators'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'sortIgnoreCase'] = @api_client.build_collection_param(opts[:'sort_ignore_case'], :csv) if !opts[:'sort_ignore_case'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse20013' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#providers_list_administrators\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List Provider Organizations + # This endpoint returns a list of the Organizations associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse20015] + def providers_list_organizations(provider_id, opts = {}) + data, _status_code, _headers = providers_list_organizations_with_http_info(provider_id, opts) + data + end + + # List Provider Organizations + # This endpoint returns a list of the Organizations associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse20015, Integer, Hash)>] InlineResponse20015 data, response status code and response headers + def providers_list_organizations_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.providers_list_organizations ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.providers_list_organizations" + end + # resource path + local_var_path = '/providers/{provider_id}/organizations'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'sortIgnoreCase'] = @api_client.build_collection_param(opts[:'sort_ignore_case'], :csv) if !opts[:'sort_ignore_case'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse20015' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#providers_list_organizations\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create a new Provider Administrator + # This endpoint allows you to create a provider administrator. You must be associated with the provider to use this route. You must provide either `role` or `roleName`. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [ProviderAdminReq] :body + # @return [Administrator] + def providers_post_admins(provider_id, opts = {}) + data, _status_code, _headers = providers_post_admins_with_http_info(provider_id, opts) + data + end + + # Create a new Provider Administrator + # This endpoint allows you to create a provider administrator. You must be associated with the provider to use this route. You must provide either `role` or `roleName`. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [ProviderAdminReq] :body + # @return [Array<(Administrator, Integer, Hash)>] Administrator data, response status code and response headers + def providers_post_admins_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.providers_post_admins ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.providers_post_admins" + end + # resource path + local_var_path = '/providers/{provider_id}/administrators'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Administrator' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#providers_post_admins\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get all cases (Support/Feature requests) for provider + # This endpoint returns the cases (Support/Feature requests) for the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [CasesResponse] + def providers_provider_list_case(provider_id, opts = {}) + data, _status_code, _headers = providers_provider_list_case_with_http_info(provider_id, opts) + data + end + + # Get all cases (Support/Feature requests) for provider + # This endpoint returns the cases (Support/Feature requests) for the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(CasesResponse, Integer, Hash)>] CasesResponse data, response status code and response headers + def providers_provider_list_case_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.providers_provider_list_case ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.providers_provider_list_case" + end + # resource path + local_var_path = '/providers/{provider_id}/cases'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'CasesResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#providers_provider_list_case\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Download a provider's invoice. + # Retrieves an invoice for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [String] + def providers_retrieve_invoice(provider_id, id, opts = {}) + data, _status_code, _headers = providers_retrieve_invoice_with_http_info(provider_id, id, opts) + data + end + + # Download a provider's invoice. + # Retrieves an invoice for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(String, Integer, Hash)>] String data, response status code and response headers + def providers_retrieve_invoice_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.providers_retrieve_invoice ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.providers_retrieve_invoice" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ManagedServiceProviderApi.providers_retrieve_invoice" + end + # resource path + local_var_path = '/providers/{provider_id}/invoices/{ID}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'ID' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/pdf']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'String' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#providers_retrieve_invoice\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List a provider's invoices. + # Retrieves a list of invoices for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @return [ProviderInvoiceResponse] + def providers_retrieve_invoices(provider_id, opts = {}) + data, _status_code, _headers = providers_retrieve_invoices_with_http_info(provider_id, opts) + data + end + + # List a provider's invoices. + # Retrieves a list of invoices for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @return [Array<(ProviderInvoiceResponse, Integer, Hash)>] ProviderInvoiceResponse data, response status code and response headers + def providers_retrieve_invoices_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ManagedServiceProviderApi.providers_retrieve_invoices ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ManagedServiceProviderApi.providers_retrieve_invoices" + end + # resource path + local_var_path = '/providers/{provider_id}/invoices'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ProviderInvoiceResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ManagedServiceProviderApi#providers_retrieve_invoices\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/office365_api.rb b/jcapiv2/lib/jcapiv2/api/office365_api.rb index 0bf3e94..c3b17a4 100644 --- a/jcapiv2/lib/jcapiv2/api/office365_api.rb +++ b/jcapiv2/lib/jcapiv2/api/office365_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class Office365Api attr_accessor :api_client @@ -19,37 +16,220 @@ class Office365Api def initialize(api_client = ApiClient.default) @api_client = api_client end + # Delete a domain from an Office 365 instance + # Delete a domain from a specific M365/Azure AD directory sync integration instance. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains/{DOMAIN_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param office365_id Id for the specific M365/Azure AD directory sync integration instance. + # @param domain_id ObjectID of the domain to be deleted. + # @param [Hash] opts the optional parameters + # @return [O365DomainResponse] + def domains_delete(office365_id, domain_id, opts = {}) + data, _status_code, _headers = domains_delete_with_http_info(office365_id, domain_id, opts) + data + end + + # Delete a domain from an Office 365 instance + # Delete a domain from a specific M365/Azure AD directory sync integration instance. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains/{DOMAIN_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param office365_id Id for the specific M365/Azure AD directory sync integration instance. + # @param domain_id ObjectID of the domain to be deleted. + # @param [Hash] opts the optional parameters + # @return [Array<(O365DomainResponse, Integer, Hash)>] O365DomainResponse data, response status code and response headers + def domains_delete_with_http_info(office365_id, domain_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: Office365Api.domains_delete ...' + end + # verify the required parameter 'office365_id' is set + if @api_client.config.client_side_validation && office365_id.nil? + fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.domains_delete" + end + # verify the required parameter 'domain_id' is set + if @api_client.config.client_side_validation && domain_id.nil? + fail ArgumentError, "Missing the required parameter 'domain_id' when calling Office365Api.domains_delete" + end + # resource path + local_var_path = '/office365s/{office365_id}/domains/{domain_id}'.sub('{' + 'office365_id' + '}', office365_id.to_s).sub('{' + 'domain_id' + '}', domain_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'O365DomainResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: Office365Api#domains_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Add a domain to an Office 365 instance + # Add a domain to a specific M365/Azure AD directory sync integration instance. The domain must be a verified domain in M365/Azure AD. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"domain\": \"{domain name}\"}' ``` + # @param body + # @param office365_id Id for the specific M365/Azure AD directory sync integration instance. + # @param [Hash] opts the optional parameters + # @return [O365DomainResponse] + def domains_insert(body, office365_id, opts = {}) + data, _status_code, _headers = domains_insert_with_http_info(body, office365_id, opts) + data + end + + # Add a domain to an Office 365 instance + # Add a domain to a specific M365/Azure AD directory sync integration instance. The domain must be a verified domain in M365/Azure AD. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"domain\": \"{domain name}\"}' ``` + # @param body + # @param office365_id Id for the specific M365/Azure AD directory sync integration instance. + # @param [Hash] opts the optional parameters + # @return [Array<(O365DomainResponse, Integer, Hash)>] O365DomainResponse data, response status code and response headers + def domains_insert_with_http_info(body, office365_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: Office365Api.domains_insert ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling Office365Api.domains_insert" + end + # verify the required parameter 'office365_id' is set + if @api_client.config.client_side_validation && office365_id.nil? + fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.domains_insert" + end + # resource path + local_var_path = '/office365s/{office365_id}/domains'.sub('{' + 'office365_id' + '}', office365_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'O365DomainResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: Office365Api#domains_insert\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List all domains configured for an Office 365 instance + # List the domains configured for a specific M365/Azure AD directory sync integration instance. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param office365_id Id for the specific M365/Azure AD directory sync integration instance. + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. (default to 100) + # @option opts [String] :skip The offset into the records to return. (default to 0) + # @return [O365DomainsListResponse] + def domains_list(office365_id, opts = {}) + data, _status_code, _headers = domains_list_with_http_info(office365_id, opts) + data + end + + # List all domains configured for an Office 365 instance + # List the domains configured for a specific M365/Azure AD directory sync integration instance. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param office365_id Id for the specific M365/Azure AD directory sync integration instance. + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :skip The offset into the records to return. + # @return [Array<(O365DomainsListResponse, Integer, Hash)>] O365DomainsListResponse data, response status code and response headers + def domains_list_with_http_info(office365_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: Office365Api.domains_list ...' + end + # verify the required parameter 'office365_id' is set + if @api_client.config.client_side_validation && office365_id.nil? + fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.domains_list" + end + # resource path + local_var_path = '/office365s/{office365_id}/domains'.sub('{' + 'office365_id' + '}', office365_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'O365DomainsListResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: Office365Api#domains_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # List the associations of an Office 365 instance - # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations?targets=user_group' \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"office_365\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_office365_associations_list(office365_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_office365_associations_list_with_http_info(office365_id, targets, content_type, accept, opts) - return data + def graph_office365_associations_list(office365_id, targets, opts = {}) + data, _status_code, _headers = graph_office365_associations_list_with_http_info(office365_id, targets, opts) + data end # List the associations of an Office 365 instance - # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations?targets=user_group' \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"office_365\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_office365_associations_list_with_http_info(office365_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_office365_associations_list_with_http_info(office365_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: Office365Api.graph_office365_associations_list ..." + @api_client.config.logger.debug 'Calling API: Office365Api.graph_office365_associations_list ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? @@ -59,323 +239,459 @@ def graph_office365_associations_list_with_http_info(office365_id, targets, cont if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling Office365Api.graph_office365_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling Office365Api.graph_office365_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling Office365Api.graph_office365_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling Office365Api.graph_office365_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/office365s/{office365_id}/associations".sub('{' + 'office365_id' + '}', office365_id.to_s) + local_var_path = '/office365s/{office365_id}/associations'.sub('{' + 'office365_id' + '}', office365_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: Office365Api#graph_office365_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of an Office 365 instance - # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationOffice365] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_office365_associations_post(office365_id, content_type, accept, opts = {}) - graph_office365_associations_post_with_http_info(office365_id, content_type, accept, opts) - return nil + def graph_office365_associations_post(office365_id, opts = {}) + graph_office365_associations_post_with_http_info(office365_id, opts) + nil end # Manage the associations of an Office 365 instance - # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_office365_associations_post_with_http_info(office365_id, content_type, accept, opts = {}) + # @option opts [GraphOperationOffice365] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_office365_associations_post_with_http_info(office365_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: Office365Api.graph_office365_associations_post ..." + @api_client.config.logger.debug 'Calling API: Office365Api.graph_office365_associations_post ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.graph_office365_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling Office365Api.graph_office365_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling Office365Api.graph_office365_associations_post" - end # resource path - local_var_path = "/office365s/{office365_id}/associations".sub('{' + 'office365_id' + '}', office365_id.to_s) + local_var_path = '/office365s/{office365_id}/associations'.sub('{' + 'office365_id' + '}', office365_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: Office365Api#graph_office365_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to an Office 365 instance - # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_office365_traverse_user(office365_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_office365_traverse_user_with_http_info(office365_id, content_type, accept, opts) - return data + def graph_office365_traverse_user(office365_id, opts = {}) + data, _status_code, _headers = graph_office365_traverse_user_with_http_info(office365_id, opts) + data end # List the Users bound to an Office 365 instance - # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_office365_traverse_user_with_http_info(office365_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_office365_traverse_user_with_http_info(office365_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: Office365Api.graph_office365_traverse_user ..." + @api_client.config.logger.debug 'Calling API: Office365Api.graph_office365_traverse_user ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.graph_office365_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling Office365Api.graph_office365_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling Office365Api.graph_office365_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling Office365Api.graph_office365_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/office365s/{office365_id}/users".sub('{' + 'office365_id' + '}', office365_id.to_s) + local_var_path = '/office365s/{office365_id}/users'.sub('{' + 'office365_id' + '}', office365_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: Office365Api#graph_office365_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to an Office 365 instance - # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_office365_traverse_user_group(office365_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_office365_traverse_user_group_with_http_info(office365_id, content_type, accept, opts) - return data + def graph_office365_traverse_user_group(office365_id, opts = {}) + data, _status_code, _headers = graph_office365_traverse_user_group_with_http_info(office365_id, opts) + data end # List the User Groups bound to an Office 365 instance - # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_office365_traverse_user_group_with_http_info(office365_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_office365_traverse_user_group_with_http_info(office365_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: Office365Api.graph_office365_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: Office365Api.graph_office365_traverse_user_group ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.graph_office365_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling Office365Api.graph_office365_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling Office365Api.graph_office365_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling Office365Api.graph_office365_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/office365s/{office365_id}/usergroups".sub('{' + 'office365_id' + '}', office365_id.to_s) + local_var_path = '/office365s/{office365_id}/usergroups'.sub('{' + 'office365_id' + '}', office365_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: Office365Api#graph_office365_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Get Office 365 instance + # This endpoint returns a specific Office 365 instance. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param office365_id ObjectID of the Office 365 instance. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Office365] + def office365s_get(office365_id, opts = {}) + data, _status_code, _headers = office365s_get_with_http_info(office365_id, opts) + data + end + + # Get Office 365 instance + # This endpoint returns a specific Office 365 instance. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param office365_id ObjectID of the Office 365 instance. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Office365, Integer, Hash)>] Office365 data, response status code and response headers + def office365s_get_with_http_info(office365_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: Office365Api.office365s_get ...' + end + # verify the required parameter 'office365_id' is set + if @api_client.config.client_side_validation && office365_id.nil? + fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.office365s_get" + end + # resource path + local_var_path = '/office365s/{office365_id}'.sub('{' + 'office365_id' + '}', office365_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Office365' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: Office365Api#office365s_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get a list of users to import from an Office 365 instance + # Lists Office 365 users available for import. + # @param office365_id + # @param [Hash] opts the optional parameters + # @option opts [String] :consistency_level Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers + # @option opts [Integer] :top Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :skip_token Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :filter Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :search Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :orderby Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [BOOLEAN] :count Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @return [InlineResponse20012] + def office365s_list_import_users(office365_id, opts = {}) + data, _status_code, _headers = office365s_list_import_users_with_http_info(office365_id, opts) + data + end + + # Get a list of users to import from an Office 365 instance + # Lists Office 365 users available for import. + # @param office365_id + # @param [Hash] opts the optional parameters + # @option opts [String] :consistency_level Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers + # @option opts [Integer] :top Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :skip_token Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :filter Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :search Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :orderby Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [BOOLEAN] :count Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @return [Array<(InlineResponse20012, Integer, Hash)>] InlineResponse20012 data, response status code and response headers + def office365s_list_import_users_with_http_info(office365_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: Office365Api.office365s_list_import_users ...' + end + # verify the required parameter 'office365_id' is set + if @api_client.config.client_side_validation && office365_id.nil? + fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.office365s_list_import_users" + end + # resource path + local_var_path = '/office365s/{office365_id}/import/users'.sub('{' + 'office365_id' + '}', office365_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'top'] = opts[:'top'] if !opts[:'top'].nil? + query_params[:'skipToken'] = opts[:'skip_token'] if !opts[:'skip_token'].nil? + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil? + query_params[:'orderby'] = opts[:'orderby'] if !opts[:'orderby'].nil? + query_params[:'count'] = opts[:'count'] if !opts[:'count'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'ConsistencyLevel'] = opts[:'consistency_level'] if !opts[:'consistency_level'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse20012' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: Office365Api#office365s_list_import_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update existing Office 365 instance. + # This endpoint allows updating some attributes of an Office 365 instance. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"maintain\", \"userPasswordExpirationAction\": \"suspend\", }' ``` Sample Request, set a default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": { \"id\": \"{domainObjectID}\" } }' ``` Sample Request, unset the default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": {} }' ``` + # @param office365_id ObjectID of the Office 365 instance. + # @param [Hash] opts the optional parameters + # @option opts [Office365] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Office365] + def office365s_patch(office365_id, opts = {}) + data, _status_code, _headers = office365s_patch_with_http_info(office365_id, opts) + data + end + + # Update existing Office 365 instance. + # This endpoint allows updating some attributes of an Office 365 instance. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"maintain\", \"userPasswordExpirationAction\": \"suspend\", }' ``` Sample Request, set a default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": { \"id\": \"{domainObjectID}\" } }' ``` Sample Request, unset the default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": {} }' ``` + # @param office365_id ObjectID of the Office 365 instance. + # @param [Hash] opts the optional parameters + # @option opts [Office365] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Office365, Integer, Hash)>] Office365 data, response status code and response headers + def office365s_patch_with_http_info(office365_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: Office365Api.office365s_patch ...' + end + # verify the required parameter 'office365_id' is set + if @api_client.config.client_side_validation && office365_id.nil? + fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.office365s_patch" + end + # resource path + local_var_path = '/office365s/{office365_id}'.sub('{' + 'office365_id' + '}', office365_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Office365' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: Office365Api#office365s_patch\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # Deletes a Office 365 translation rule # This endpoint allows you to delete a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @return [nil] - def translation_rules_office365_delete(office365_id, id, content_type, accept, opts = {}) - translation_rules_office365_delete_with_http_info(office365_id, id, content_type, accept, opts) - return nil + def translation_rules_office365_delete(office365_id, id, opts = {}) + translation_rules_office365_delete_with_http_info(office365_id, id, opts) + nil end # Deletes a Office 365 translation rule - # This endpoint allows you to delete a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def translation_rules_office365_delete_with_http_info(office365_id, id, content_type, accept, opts = {}) + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def translation_rules_office365_delete_with_http_info(office365_id, id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: Office365Api.translation_rules_office365_delete ..." + @api_client.config.logger.debug 'Calling API: Office365Api.translation_rules_office365_delete ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? @@ -385,71 +701,57 @@ def translation_rules_office365_delete_with_http_info(office365_id, id, content_ if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling Office365Api.translation_rules_office365_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling Office365Api.translation_rules_office365_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling Office365Api.translation_rules_office365_delete" - end # resource path - local_var_path = "/office365s/{office365_id}/translationrules/{id}".sub('{' + 'office365_id' + '}', office365_id.to_s).sub('{' + 'id' + '}', id.to_s) + local_var_path = '/office365s/{office365_id}/translationrules/{id}'.sub('{' + 'office365_id' + '}', office365_id.to_s).sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept + header_params = opts[:header_params] || {} # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: Office365Api#translation_rules_office365_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Gets a specific Office 365 translation rule # This endpoint returns a specific translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @return [Office365TranslationRule] - def translation_rules_office365_get(office365_id, id, content_type, accept, opts = {}) - data, _status_code, _headers = translation_rules_office365_get_with_http_info(office365_id, id, content_type, accept, opts) - return data + def translation_rules_office365_get(office365_id, id, opts = {}) + data, _status_code, _headers = translation_rules_office365_get_with_http_info(office365_id, id, opts) + data end # Gets a specific Office 365 translation rule - # This endpoint returns a specific translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @return [Array<(Office365TranslationRule, Fixnum, Hash)>] Office365TranslationRule data, response status code and response headers - def translation_rules_office365_get_with_http_info(office365_id, id, content_type, accept, opts = {}) + # @return [Array<(Office365TranslationRule, Integer, Hash)>] Office365TranslationRule data, response status code and response headers + def translation_rules_office365_get_with_http_info(office365_id, id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: Office365Api.translation_rules_office365_get ..." + @api_client.config.logger.debug 'Calling API: Office365Api.translation_rules_office365_get ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? @@ -459,102 +761,77 @@ def translation_rules_office365_get_with_http_info(office365_id, id, content_typ if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling Office365Api.translation_rules_office365_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling Office365Api.translation_rules_office365_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling Office365Api.translation_rules_office365_get" - end # resource path - local_var_path = "/office365s/{office365_id}/translationrules/{id}".sub('{' + 'office365_id' + '}', office365_id.to_s).sub('{' + 'id' + '}', id.to_s) + local_var_path = '/office365s/{office365_id}/translationrules/{id}'.sub('{' + 'office365_id' + '}', office365_id.to_s).sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Office365TranslationRule' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Office365TranslationRule') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: Office365Api#translation_rules_office365_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List all the Office 365 Translation Rules # This endpoint returns all translation rules for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @return [Array] - def translation_rules_office365_list(office365_id, content_type, accept, opts = {}) - data, _status_code, _headers = translation_rules_office365_list_with_http_info(office365_id, content_type, accept, opts) - return data + def translation_rules_office365_list(office365_id, opts = {}) + data, _status_code, _headers = translation_rules_office365_list_with_http_info(office365_id, opts) + data end # List all the Office 365 Translation Rules - # This endpoint returns all translation rules for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all translation rules for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def translation_rules_office365_list_with_http_info(office365_id, content_type, accept, opts = {}) + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def translation_rules_office365_list_with_http_info(office365_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: Office365Api.translation_rules_office365_list ..." + @api_client.config.logger.debug 'Calling API: Office365Api.translation_rules_office365_list ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.translation_rules_office365_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling Office365Api.translation_rules_office365_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling Office365Api.translation_rules_office365_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling Office365Api.translation_rules_office365_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/office365s/{office365_id}/translationrules".sub('{' + 'office365_id' + '}', office365_id.to_s) + local_var_path = '/office365s/{office365_id}/translationrules'.sub('{' + 'office365_id' + '}', office365_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -562,98 +839,87 @@ def translation_rules_office365_list_with_http_info(office365_id, content_type, query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: Office365Api#translation_rules_office365_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create a new Office 365 Translation Rule - # This endpoint allows you to create a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` + # This endpoint allows you to create a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` # @param office365_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Office365TranslationRuleRequest] :body # @return [Office365TranslationRule] - def translation_rules_office365_post(office365_id, content_type, accept, opts = {}) - data, _status_code, _headers = translation_rules_office365_post_with_http_info(office365_id, content_type, accept, opts) - return data + def translation_rules_office365_post(office365_id, opts = {}) + data, _status_code, _headers = translation_rules_office365_post_with_http_info(office365_id, opts) + data end # Create a new Office 365 Translation Rule - # This endpoint allows you to create a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` + # This endpoint allows you to create a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` # @param office365_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Office365TranslationRuleRequest] :body - # @return [Array<(Office365TranslationRule, Fixnum, Hash)>] Office365TranslationRule data, response status code and response headers - def translation_rules_office365_post_with_http_info(office365_id, content_type, accept, opts = {}) + # @return [Array<(Office365TranslationRule, Integer, Hash)>] Office365TranslationRule data, response status code and response headers + def translation_rules_office365_post_with_http_info(office365_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: Office365Api.translation_rules_office365_post ..." + @api_client.config.logger.debug 'Calling API: Office365Api.translation_rules_office365_post ...' end # verify the required parameter 'office365_id' is set if @api_client.config.client_side_validation && office365_id.nil? fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365Api.translation_rules_office365_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling Office365Api.translation_rules_office365_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling Office365Api.translation_rules_office365_post" - end # resource path - local_var_path = "/office365s/{office365_id}/translationrules".sub('{' + 'office365_id' + '}', office365_id.to_s) + local_var_path = '/office365s/{office365_id}/translationrules'.sub('{' + 'office365_id' + '}', office365_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Office365TranslationRule' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Office365TranslationRule') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: Office365Api#translation_rules_office365_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/office365_import_api.rb b/jcapiv2/lib/jcapiv2/api/office365_import_api.rb new file mode 100644 index 0000000..79ca9a8 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/office365_import_api.rb @@ -0,0 +1,97 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class Office365ImportApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Get a list of users to import from an Office 365 instance + # Lists Office 365 users available for import. + # @param office365_id + # @param [Hash] opts the optional parameters + # @option opts [String] :consistency_level Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers + # @option opts [Integer] :top Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :skip_token Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :filter Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :search Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :orderby Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [BOOLEAN] :count Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @return [InlineResponse20012] + def office365s_list_import_users(office365_id, opts = {}) + data, _status_code, _headers = office365s_list_import_users_with_http_info(office365_id, opts) + data + end + + # Get a list of users to import from an Office 365 instance + # Lists Office 365 users available for import. + # @param office365_id + # @param [Hash] opts the optional parameters + # @option opts [String] :consistency_level Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers + # @option opts [Integer] :top Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :skip_token Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :filter Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :search Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :orderby Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [BOOLEAN] :count Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @return [Array<(InlineResponse20012, Integer, Hash)>] InlineResponse20012 data, response status code and response headers + def office365s_list_import_users_with_http_info(office365_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: Office365ImportApi.office365s_list_import_users ...' + end + # verify the required parameter 'office365_id' is set + if @api_client.config.client_side_validation && office365_id.nil? + fail ArgumentError, "Missing the required parameter 'office365_id' when calling Office365ImportApi.office365s_list_import_users" + end + # resource path + local_var_path = '/office365s/{office365_id}/import/users'.sub('{' + 'office365_id' + '}', office365_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'top'] = opts[:'top'] if !opts[:'top'].nil? + query_params[:'skipToken'] = opts[:'skip_token'] if !opts[:'skip_token'].nil? + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil? + query_params[:'orderby'] = opts[:'orderby'] if !opts[:'orderby'].nil? + query_params[:'count'] = opts[:'count'] if !opts[:'count'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'ConsistencyLevel'] = opts[:'consistency_level'] if !opts[:'consistency_level'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse20012' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: Office365ImportApi#office365s_list_import_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/organizations_api.rb b/jcapiv2/lib/jcapiv2/api/organizations_api.rb index f2c36e7..a948438 100644 --- a/jcapiv2/lib/jcapiv2/api/organizations_api.rb +++ b/jcapiv2/lib/jcapiv2/api/organizations_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class OrganizationsApi attr_accessor :api_client @@ -19,187 +16,311 @@ class OrganizationsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - - # Get Crypto Settings - # + # Allow Adminstrator access to an Organization. + # This endpoint allows you to grant Administrator access to an Organization. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id (default to ) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @return [OrgCryptoSettings] - def org_crypto_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = org_crypto_get_with_http_info(id, content_type, accept, opts) - return data + # @option opts [AdministratorOrganizationLinkReq] :body + # @return [AdministratorOrganizationLink] + def administrator_organizations_create_by_administrator(id, opts = {}) + data, _status_code, _headers = administrator_organizations_create_by_administrator_with_http_info(id, opts) + data end - # Get Crypto Settings - # + # Allow Adminstrator access to an Organization. + # This endpoint allows you to grant Administrator access to an Organization. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @return [Array<(OrgCryptoSettings, Fixnum, Hash)>] OrgCryptoSettings data, response status code and response headers - def org_crypto_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [AdministratorOrganizationLinkReq] :body + # @return [Array<(AdministratorOrganizationLink, Integer, Hash)>] AdministratorOrganizationLink data, response status code and response headers + def administrator_organizations_create_by_administrator_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: OrganizationsApi.org_crypto_get ..." + @api_client.config.logger.debug 'Calling API: OrganizationsApi.administrator_organizations_create_by_administrator ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling OrganizationsApi.org_crypto_get" + fail ArgumentError, "Missing the required parameter 'id' when calling OrganizationsApi.administrator_organizations_create_by_administrator" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling OrganizationsApi.org_crypto_get" + # resource path + local_var_path = '/administrators/{id}/organizationlinks'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'AdministratorOrganizationLink' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: OrganizationsApi#administrator_organizations_create_by_administrator\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling OrganizationsApi.org_crypto_get" + return data, status_code, headers + end + # List the association links between an Administrator and Organizations. + # This endpoint returns the association links between an Administrator and Organizations. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def administrator_organizations_list_by_administrator(id, opts = {}) + data, _status_code, _headers = administrator_organizations_list_by_administrator_with_http_info(id, opts) + data + end + + # List the association links between an Administrator and Organizations. + # This endpoint returns the association links between an Administrator and Organizations. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def administrator_organizations_list_by_administrator_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: OrganizationsApi.administrator_organizations_list_by_administrator ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling OrganizationsApi.org_crypto_get, must be greater than or equal to 0.' + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling OrganizationsApi.administrator_organizations_list_by_administrator" end - # resource path - local_var_path = "/organizations/{id}/crypto".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/administrators/{id}/organizationlinks'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} - query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? - query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'OrgCryptoSettings') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: OrganizationsApi#org_crypto_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: OrganizationsApi#administrator_organizations_list_by_administrator\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Edit Crypto Settings - # + # List the association links between an Organization and Administrators. + # This endpoint returns the association links between an Organization and Administrators. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [OrgCryptoSettings] :body - # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id (default to ) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @return [Object] - def org_crypto_put(id, content_type, accept, opts = {}) - data, _status_code, _headers = org_crypto_put_with_http_info(id, content_type, accept, opts) - return data + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def administrator_organizations_list_by_organization(id, opts = {}) + data, _status_code, _headers = administrator_organizations_list_by_organization_with_http_info(id, opts) + data end - # Edit Crypto Settings - # + # List the association links between an Organization and Administrators. + # This endpoint returns the association links between an Organization and Administrators. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [OrgCryptoSettings] :body - # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @return [Array<(Object, Fixnum, Hash)>] Object data, response status code and response headers - def org_crypto_put_with_http_info(id, content_type, accept, opts = {}) + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def administrator_organizations_list_by_organization_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: OrganizationsApi.org_crypto_put ..." + @api_client.config.logger.debug 'Calling API: OrganizationsApi.administrator_organizations_list_by_organization ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling OrganizationsApi.org_crypto_put" + fail ArgumentError, "Missing the required parameter 'id' when calling OrganizationsApi.administrator_organizations_list_by_organization" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling OrganizationsApi.org_crypto_put" + # resource path + local_var_path = '/organizations/{id}/administratorlinks'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: OrganizationsApi#administrator_organizations_list_by_organization\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling OrganizationsApi.org_crypto_put" + return data, status_code, headers + end + # Remove association between an Administrator and an Organization. + # This endpoint removes the association link between an Administrator and an Organization. + # @param administrator_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def administrator_organizations_remove_by_administrator(administrator_id, id, opts = {}) + administrator_organizations_remove_by_administrator_with_http_info(administrator_id, id, opts) + nil + end + + # Remove association between an Administrator and an Organization. + # This endpoint removes the association link between an Administrator and an Organization. + # @param administrator_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def administrator_organizations_remove_by_administrator_with_http_info(administrator_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: OrganizationsApi.administrator_organizations_remove_by_administrator ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling OrganizationsApi.org_crypto_put, must be greater than or equal to 0.' + # verify the required parameter 'administrator_id' is set + if @api_client.config.client_side_validation && administrator_id.nil? + fail ArgumentError, "Missing the required parameter 'administrator_id' when calling OrganizationsApi.administrator_organizations_remove_by_administrator" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling OrganizationsApi.administrator_organizations_remove_by_administrator" + end + # resource path + local_var_path = '/administrators/{administrator_id}/organizationlinks/{id}'.sub('{' + 'administrator_id' + '}', administrator_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: OrganizationsApi#administrator_organizations_remove_by_administrator\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end + return data, status_code, headers + end + # Get all cases (Support/Feature requests) for organization + # This endpoint returns the cases (Support/Feature requests) for the organization + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [CasesResponse] + def organizations_org_list_cases(opts = {}) + data, _status_code, _headers = organizations_org_list_cases_with_http_info(opts) + data + end + # Get all cases (Support/Feature requests) for organization + # This endpoint returns the cases (Support/Feature requests) for the organization + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(CasesResponse, Integer, Hash)>] CasesResponse data, response status code and response headers + def organizations_org_list_cases_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: OrganizationsApi.organizations_org_list_cases ...' + end # resource path - local_var_path = "/organizations/{id}/crypto".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/organizations/cases' # query parameters - query_params = {} - query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? - query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + post_body = opts[:body] + + return_type = opts[:return_type] || 'CasesResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Object') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: OrganizationsApi#org_crypto_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: OrganizationsApi#organizations_org_list_cases\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv2/lib/jcapiv2/api/password_manager_api.rb b/jcapiv2/lib/jcapiv2/api/password_manager_api.rb new file mode 100644 index 0000000..e374e09 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/password_manager_api.rb @@ -0,0 +1,137 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class PasswordManagerApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Get Device + # @param uuid + # @param [Hash] opts the optional parameters + # @return [DevicePackageV1Device] + def device_service_get_device(uuid, opts = {}) + data, _status_code, _headers = device_service_get_device_with_http_info(uuid, opts) + data + end + + # Get Device + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(DevicePackageV1Device, Integer, Hash)>] DevicePackageV1Device data, response status code and response headers + def device_service_get_device_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PasswordManagerApi.device_service_get_device ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling PasswordManagerApi.device_service_get_device" + end + # resource path + local_var_path = '/passwordmanager/devices/{UUID}'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'DevicePackageV1Device' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PasswordManagerApi#device_service_get_device\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List Devices + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit + # @option opts [Integer] :skip + # @option opts [String] :sort + # @option opts [Array] :fields + # @option opts [Array] :filter + # @return [DevicePackageV1ListDevicesResponse] + def device_service_list_devices(opts = {}) + data, _status_code, _headers = device_service_list_devices_with_http_info(opts) + data + end + + # List Devices + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit + # @option opts [Integer] :skip + # @option opts [String] :sort + # @option opts [Array] :fields + # @option opts [Array] :filter + # @return [Array<(DevicePackageV1ListDevicesResponse, Integer, Hash)>] DevicePackageV1ListDevicesResponse data, response status code and response headers + def device_service_list_devices_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PasswordManagerApi.device_service_list_devices ...' + end + # resource path + local_var_path = '/passwordmanager/devices' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :multi) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :multi) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'DevicePackageV1ListDevicesResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PasswordManagerApi#device_service_list_devices\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/policies_api.rb b/jcapiv2/lib/jcapiv2/api/policies_api.rb index dbdc71f..e213087 100644 --- a/jcapiv2/lib/jcapiv2/api/policies_api.rb +++ b/jcapiv2/lib/jcapiv2/api/policies_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class PoliciesApi attr_accessor :api_client @@ -19,37 +16,32 @@ class PoliciesApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List the associations of a Policy # This endpoint returns the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Policy. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"policy\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_policy_associations_list(policy_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_policy_associations_list_with_http_info(policy_id, targets, content_type, accept, opts) - return data + def graph_policy_associations_list(policy_id, targets, opts = {}) + data, _status_code, _headers = graph_policy_associations_list_with_http_info(policy_id, targets, opts) + data end # List the associations of a Policy - # This endpoint returns the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Policy. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"policy\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_policy_associations_list_with_http_info(policy_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_associations_list_with_http_info(policy_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.graph_policy_associations_list ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.graph_policy_associations_list ...' end # verify the required parameter 'policy_id' is set if @api_client.config.client_side_validation && policy_id.nil? @@ -59,492 +51,467 @@ def graph_policy_associations_list_with_http_info(policy_id, targets, content_ty if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling PoliciesApi.graph_policy_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.graph_policy_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.graph_policy_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling PoliciesApi.graph_policy_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/policies/{policy_id}/associations".sub('{' + 'policy_id' + '}', policy_id.to_s) + local_var_path = '/policies/{policy_id}/associations'.sub('{' + 'policy_id' + '}', policy_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#graph_policy_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a Policy - # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` # @param policy_id ObjectID of the Policy. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_policy_associations_post(policy_id, content_type, accept, opts = {}) - graph_policy_associations_post_with_http_info(policy_id, content_type, accept, opts) - return nil + def graph_policy_associations_post(policy_id, opts = {}) + graph_policy_associations_post_with_http_info(policy_id, opts) + nil end # Manage the associations of a Policy - # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` # @param policy_id ObjectID of the Policy. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_policy_associations_post_with_http_info(policy_id, content_type, accept, opts = {}) + # @option opts [GraphOperationPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_policy_associations_post_with_http_info(policy_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.graph_policy_associations_post ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.graph_policy_associations_post ...' end # verify the required parameter 'policy_id' is set if @api_client.config.client_side_validation && policy_id.nil? fail ArgumentError, "Missing the required parameter 'policy_id' when calling PoliciesApi.graph_policy_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.graph_policy_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.graph_policy_associations_post" - end # resource path - local_var_path = "/policies/{policy_id}/associations".sub('{' + 'policy_id' + '}', policy_id.to_s) + local_var_path = '/policies/{policy_id}/associations'.sub('{' + 'policy_id' + '}', policy_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#graph_policy_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # List the parent Groups of a Policy + # This endpoint returns all the Policy Groups a Policy is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param policy_id ObjectID of the Policy. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_member_of(policy_id, opts = {}) + data, _status_code, _headers = graph_policy_member_of_with_http_info(policy_id, opts) + data + end + + # List the parent Groups of a Policy + # This endpoint returns all the Policy Groups a Policy is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param policy_id ObjectID of the Policy. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_member_of_with_http_info(policy_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PoliciesApi.graph_policy_member_of ...' + end + # verify the required parameter 'policy_id' is set + if @api_client.config.client_side_validation && policy_id.nil? + fail ArgumentError, "Missing the required parameter 'policy_id' when calling PoliciesApi.graph_policy_member_of" + end + # resource path + local_var_path = '/policies/{policy_id}/memberof'.sub('{' + 'policy_id' + '}', policy_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? + header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PoliciesApi#graph_policy_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # List the Systems bound to a Policy # This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_policy_traverse_system(policy_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_policy_traverse_system_with_http_info(policy_id, content_type, accept, opts) - return data + def graph_policy_traverse_system(policy_id, opts = {}) + data, _status_code, _headers = graph_policy_traverse_system_with_http_info(policy_id, opts) + data end # List the Systems bound to a Policy - # This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_policy_traverse_system_with_http_info(policy_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_traverse_system_with_http_info(policy_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.graph_policy_traverse_system ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.graph_policy_traverse_system ...' end # verify the required parameter 'policy_id' is set if @api_client.config.client_side_validation && policy_id.nil? fail ArgumentError, "Missing the required parameter 'policy_id' when calling PoliciesApi.graph_policy_traverse_system" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.graph_policy_traverse_system" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.graph_policy_traverse_system" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling PoliciesApi.graph_policy_traverse_system, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/policies/{policy_id}/systems".sub('{' + 'policy_id' + '}', policy_id.to_s) + local_var_path = '/policies/{policy_id}/systems'.sub('{' + 'policy_id' + '}', policy_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#graph_policy_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the System Groups bound to a Policy # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_policy_traverse_system_group(policy_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_policy_traverse_system_group_with_http_info(policy_id, content_type, accept, opts) - return data + def graph_policy_traverse_system_group(policy_id, opts = {}) + data, _status_code, _headers = graph_policy_traverse_system_group_with_http_info(policy_id, opts) + data end # List the System Groups bound to a Policy - # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_policy_traverse_system_group_with_http_info(policy_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_traverse_system_group_with_http_info(policy_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.graph_policy_traverse_system_group ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.graph_policy_traverse_system_group ...' end # verify the required parameter 'policy_id' is set if @api_client.config.client_side_validation && policy_id.nil? fail ArgumentError, "Missing the required parameter 'policy_id' when calling PoliciesApi.graph_policy_traverse_system_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.graph_policy_traverse_system_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.graph_policy_traverse_system_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling PoliciesApi.graph_policy_traverse_system_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/policies/{policy_id}/systemgroups".sub('{' + 'policy_id' + '}', policy_id.to_s) + local_var_path = '/policies/{policy_id}/systemgroups'.sub('{' + 'policy_id' + '}', policy_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#graph_policy_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Deletes a Policy # This endpoint allows you to delete a policy. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/policies/5a837ecd232e110d4291e6b9 \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy object. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def policies_delete(id, content_type, accept, opts = {}) - policies_delete_with_http_info(id, content_type, accept, opts) - return nil + def policies_delete(id, opts = {}) + policies_delete_with_http_info(id, opts) + nil end # Deletes a Policy - # This endpoint allows you to delete a policy. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/policies/5a837ecd232e110d4291e6b9 \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a policy. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/policies/5a837ecd232e110d4291e6b9 \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy object. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def policies_delete_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def policies_delete_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policies_delete ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.policies_delete ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling PoliciesApi.policies_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policies_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policies_delete" - end # resource path - local_var_path = "/policies/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/policies/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept + header_params = opts[:header_params] || {} header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#policies_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Gets a specific Policy. # This endpoint returns a specific policy. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{PolicyID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy object. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [PolicyWithDetails] - def policies_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = policies_get_with_http_info(id, content_type, accept, opts) - return data + def policies_get(id, opts = {}) + data, _status_code, _headers = policies_get_with_http_info(id, opts) + data end # Gets a specific Policy. - # This endpoint returns a specific policy. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{PolicyID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific policy. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{PolicyID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy object. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(PolicyWithDetails, Fixnum, Hash)>] PolicyWithDetails data, response status code and response headers - def policies_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PolicyWithDetails, Integer, Hash)>] PolicyWithDetails data, response status code and response headers + def policies_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policies_get ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.policies_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling PoliciesApi.policies_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policies_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policies_get" - end # resource path - local_var_path = "/policies/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/policies/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyWithDetails' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'PolicyWithDetails') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#policies_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Lists all the Policies # This endpoint returns all policies. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def policies_list(content_type, accept, opts = {}) - data, _status_code, _headers = policies_list_with_http_info(content_type, accept, opts) - return data + def policies_list(opts = {}) + data, _status_code, _headers = policies_list_with_http_info(opts) + data end # Lists all the Policies - # This endpoint returns all policies. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all policies. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def policies_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def policies_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policies_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policies_list" + @api_client.config.logger.debug 'Calling API: PoliciesApi.policies_list ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policies_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling PoliciesApi.policies_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/policies" + local_var_path = '/policies' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -552,137 +519,125 @@ def policies_list_with_http_info(content_type, accept, opts = {}) query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#policies_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create a new Policy - # This endpoint allows you to create a policy. Given the amount of configurable parameters required to create a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a policy. Given the amount of configurable parameters required to create a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` # @param [Hash] opts the optional parameters # @option opts [PolicyRequest] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [PolicyWithDetails] - def policies_post(content_type, accept, opts = {}) - data, _status_code, _headers = policies_post_with_http_info(content_type, accept, opts) - return data + def policies_post(opts = {}) + data, _status_code, _headers = policies_post_with_http_info(opts) + data end # Create a new Policy - # This endpoint allows you to create a policy. Given the amount of configurable parameters required to create a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a policy. Given the amount of configurable parameters required to create a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` # @param [Hash] opts the optional parameters # @option opts [PolicyRequest] :body - # @option opts [String] :x_org_id - # @return [Array<(PolicyWithDetails, Fixnum, Hash)>] PolicyWithDetails data, response status code and response headers - def policies_post_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PolicyWithDetails, Integer, Hash)>] PolicyWithDetails data, response status code and response headers + def policies_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policies_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policies_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policies_post" + @api_client.config.logger.debug 'Calling API: PoliciesApi.policies_post ...' end # resource path - local_var_path = "/policies" + local_var_path = '/policies' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'PolicyWithDetails' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'PolicyWithDetails') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#policies_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Update an existing Policy - # This endpoint allows you to update a policy. Given the amount of configurable parameters required to update a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policies/59fced45c9118022172547ff \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY' \\ -d '{ {Policy_Parameters} }' ``` + # This endpoint allows you to update a policy. Given the amount of configurable parameters required to update a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policies/59fced45c9118022172547ff \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` # @param id ObjectID of the Policy object. # @param [Hash] opts the optional parameters # @option opts [PolicyRequest] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Policy] def policies_put(id, opts = {}) data, _status_code, _headers = policies_put_with_http_info(id, opts) - return data + data end # Update an existing Policy - # This endpoint allows you to update a policy. Given the amount of configurable parameters required to update a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policies/59fced45c9118022172547ff \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY' \\ -d '{ {Policy_Parameters} }' ``` + # This endpoint allows you to update a policy. Given the amount of configurable parameters required to update a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policies/59fced45c9118022172547ff \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` # @param id ObjectID of the Policy object. # @param [Hash] opts the optional parameters # @option opts [PolicyRequest] :body - # @option opts [String] :x_org_id - # @return [Array<(Policy, Fixnum, Hash)>] Policy data, response status code and response headers + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Policy, Integer, Hash)>] Policy data, response status code and response headers def policies_put_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policies_put ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.policies_put ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling PoliciesApi.policies_put" end # resource path - local_var_path = "/policies/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/policies/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' @@ -690,152 +645,126 @@ def policies_put_with_http_info(id, opts = {}) header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Policy' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Policy') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#policies_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get a specific Policy Result. # This endpoint will return the policy results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults/{Policy_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy Result. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [PolicyResult] - def policyresults_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = policyresults_get_with_http_info(id, content_type, accept, opts) - return data + def policyresults_get(id, opts = {}) + data, _status_code, _headers = policyresults_get_with_http_info(id, opts) + data end # Get a specific Policy Result. - # This endpoint will return the policy results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults/{Policy_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return the policy results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults/{Policy_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy Result. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(PolicyResult, Fixnum, Hash)>] PolicyResult data, response status code and response headers - def policyresults_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PolicyResult, Integer, Hash)>] PolicyResult data, response status code and response headers + def policyresults_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policyresults_get ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.policyresults_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling PoliciesApi.policyresults_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policyresults_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policyresults_get" - end # resource path - local_var_path = "/policyresults/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/policyresults/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyResult' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'PolicyResult') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#policyresults_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Lists all the policy results of a policy. # This endpoint returns all policies results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @return [Array] - def policyresults_list(policy_id, content_type, accept, opts = {}) - data, _status_code, _headers = policyresults_list_with_http_info(policy_id, content_type, accept, opts) - return data + def policyresults_list(policy_id, opts = {}) + data, _status_code, _headers = policyresults_list_with_http_info(policy_id, opts) + data end # Lists all the policy results of a policy. - # This endpoint returns all policies results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all policies results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def policyresults_list_with_http_info(policy_id, content_type, accept, opts = {}) + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def policyresults_list_with_http_info(policy_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policyresults_list ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.policyresults_list ...' end # verify the required parameter 'policy_id' is set if @api_client.config.client_side_validation && policy_id.nil? fail ArgumentError, "Missing the required parameter 'policy_id' when calling PoliciesApi.policyresults_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policyresults_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policyresults_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling PoliciesApi.policyresults_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/policies/{policy_id}/policyresults".sub('{' + 'policy_id' + '}', policy_id.to_s) + local_var_path = '/policies/{policy_id}/policyresults'.sub('{' + 'policy_id' + '}', policy_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -843,84 +772,67 @@ def policyresults_list_with_http_info(policy_id, content_type, accept, opts = {} query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#policyresults_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Lists all the policy results for an organization. - # This endpoint returns all policies results for an organization. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # Lists all of the policy results for an organization. + # This endpoint returns all policy results for an organization. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @return [Array] - def policyresults_org_list(content_type, accept, opts = {}) - data, _status_code, _headers = policyresults_org_list_with_http_info(content_type, accept, opts) - return data + def policyresults_org_list(opts = {}) + data, _status_code, _headers = policyresults_org_list_with_http_info(opts) + data end - # Lists all the policy results for an organization. - # This endpoint returns all policies results for an organization. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # Lists all of the policy results for an organization. + # This endpoint returns all policy results for an organization. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def policyresults_org_list_with_http_info(content_type, accept, opts = {}) + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def policyresults_org_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policyresults_org_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policyresults_org_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policyresults_org_list" + @api_client.config.logger.debug 'Calling API: PoliciesApi.policyresults_org_list ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling PoliciesApi.policyresults_org_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/policyresults" + local_var_path = '/policyresults' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -928,90 +840,73 @@ def policyresults_org_list_with_http_info(content_type, accept, opts = {}) query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#policyresults_org_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Lists the latest policy results of a policy. - # This endpoint returns the latest policies results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the latest policy results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def policystatuses_list(policy_id, content_type, accept, opts = {}) - data, _status_code, _headers = policystatuses_list_with_http_info(policy_id, content_type, accept, opts) - return data + def policystatuses_policies_list(policy_id, opts = {}) + data, _status_code, _headers = policystatuses_policies_list_with_http_info(policy_id, opts) + data end # Lists the latest policy results of a policy. - # This endpoint returns the latest policies results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the latest policy results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def policystatuses_list_with_http_info(policy_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def policystatuses_policies_list_with_http_info(policy_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policystatuses_list ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.policystatuses_policies_list ...' end # verify the required parameter 'policy_id' is set if @api_client.config.client_side_validation && policy_id.nil? - fail ArgumentError, "Missing the required parameter 'policy_id' when calling PoliciesApi.policystatuses_list" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policystatuses_list" + fail ArgumentError, "Missing the required parameter 'policy_id' when calling PoliciesApi.policystatuses_policies_list" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policystatuses_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling PoliciesApi.policystatuses_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/policies/{policy_id}/policystatuses".sub('{' + 'policy_id' + '}', policy_id.to_s) + local_var_path = '/policies/{policy_id}/policystatuses'.sub('{' + 'policy_id' + '}', policy_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -1019,90 +914,73 @@ def policystatuses_list_with_http_info(policy_id, content_type, accept, opts = { query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: PoliciesApi#policystatuses_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: PoliciesApi#policystatuses_policies_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the policy statuses for a system # This endpoint returns the policy results for a particular system. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def policystatuses_list_0(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = policystatuses_list_0_with_http_info(system_id, content_type, accept, opts) - return data + def policystatuses_systems_list(system_id, opts = {}) + data, _status_code, _headers = policystatuses_systems_list_with_http_info(system_id, opts) + data end # List the policy statuses for a system - # This endpoint returns the policy results for a particular system. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the policy results for a particular system. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def policystatuses_list_0_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def policystatuses_systems_list_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policystatuses_list_0 ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.policystatuses_systems_list ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling PoliciesApi.policystatuses_list_0" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policystatuses_list_0" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policystatuses_list_0" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling PoliciesApi.policystatuses_list_0, must be greater than or equal to 0.' + fail ArgumentError, "Missing the required parameter 'system_id' when calling PoliciesApi.policystatuses_systems_list" end - # resource path - local_var_path = "/systems/{system_id}/policystatuses".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/policystatuses'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -1110,156 +988,126 @@ def policystatuses_list_0_with_http_info(system_id, content_type, accept, opts = query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: PoliciesApi#policystatuses_list_0\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: PoliciesApi#policystatuses_systems_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get a specific Policy Template - # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates/{Policy_Template_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy Template. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [PolicyTemplateWithDetails] - def policytemplates_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = policytemplates_get_with_http_info(id, content_type, accept, opts) - return data + def policytemplates_get(id, opts = {}) + data, _status_code, _headers = policytemplates_get_with_http_info(id, opts) + data end # Get a specific Policy Template - # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates/{Policy_Template_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy Template. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(PolicyTemplateWithDetails, Fixnum, Hash)>] PolicyTemplateWithDetails data, response status code and response headers - def policytemplates_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PolicyTemplateWithDetails, Integer, Hash)>] PolicyTemplateWithDetails data, response status code and response headers + def policytemplates_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policytemplates_get ..." + @api_client.config.logger.debug 'Calling API: PoliciesApi.policytemplates_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling PoliciesApi.policytemplates_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policytemplates_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policytemplates_get" - end # resource path - local_var_path = "/policytemplates/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/policytemplates/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyTemplateWithDetails' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'PolicyTemplateWithDetails') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#policytemplates_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Lists all of the Policy Templates # This endpoint returns all policy templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def policytemplates_list(content_type, accept, opts = {}) - data, _status_code, _headers = policytemplates_list_with_http_info(content_type, accept, opts) - return data + def policytemplates_list(opts = {}) + data, _status_code, _headers = policytemplates_list_with_http_info(opts) + data end # Lists all of the Policy Templates - # This endpoint returns all policy templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all policy templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def policytemplates_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def policytemplates_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PoliciesApi.policytemplates_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PoliciesApi.policytemplates_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PoliciesApi.policytemplates_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling PoliciesApi.policytemplates_list, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: PoliciesApi.policytemplates_list ...' end - # resource path - local_var_path = "/policytemplates" + local_var_path = '/policytemplates' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -1267,28 +1115,28 @@ def policytemplates_list_with_http_info(content_type, accept, opts = {}) query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PoliciesApi#policytemplates_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/policy_group_associations_api.rb b/jcapiv2/lib/jcapiv2/api/policy_group_associations_api.rb new file mode 100644 index 0000000..14061be --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/policy_group_associations_api.rb @@ -0,0 +1,289 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class PolicyGroupAssociationsApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # List the associations of a Policy Group. + # This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param targets Targets which a \"policy_group\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_group_associations_list(group_id, targets, opts = {}) + data, _status_code, _headers = graph_policy_group_associations_list_with_http_info(group_id, targets, opts) + data + end + + # List the associations of a Policy Group. + # This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param targets Targets which a \"policy_group\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_associations_list_with_http_info(group_id, targets, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupAssociationsApi.graph_policy_group_associations_list ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupAssociationsApi.graph_policy_group_associations_list" + end + # verify the required parameter 'targets' is set + if @api_client.config.client_side_validation && targets.nil? + fail ArgumentError, "Missing the required parameter 'targets' when calling PolicyGroupAssociationsApi.graph_policy_group_associations_list" + end + # resource path + local_var_path = '/policygroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupAssociationsApi#graph_policy_group_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Manage the associations of a Policy Group + # This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def graph_policy_group_associations_post(group_id, opts = {}) + graph_policy_group_associations_post_with_http_info(group_id, opts) + nil + end + + # Manage the associations of a Policy Group + # This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_policy_group_associations_post_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupAssociationsApi.graph_policy_group_associations_post ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupAssociationsApi.graph_policy_group_associations_post" + end + # resource path + local_var_path = '/policygroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupAssociationsApi#graph_policy_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the Systems bound to a Policy Group + # This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_policy_group_traverse_system(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_traverse_system_with_http_info(group_id, opts) + data + end + + # List the Systems bound to a Policy Group + # This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_traverse_system_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupAssociationsApi.graph_policy_group_traverse_system ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupAssociationsApi.graph_policy_group_traverse_system" + end + # resource path + local_var_path = '/policygroups/{group_id}/systems'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupAssociationsApi#graph_policy_group_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the System Groups bound to Policy Groups + # This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_policy_group_traverse_system_group(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_traverse_system_group_with_http_info(group_id, opts) + data + end + + # List the System Groups bound to Policy Groups + # This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_traverse_system_group_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupAssociationsApi.graph_policy_group_traverse_system_group ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupAssociationsApi.graph_policy_group_traverse_system_group" + end + # resource path + local_var_path = '/policygroups/{group_id}/systemgroups'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupAssociationsApi#graph_policy_group_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/policy_group_members_membership_api.rb b/jcapiv2/lib/jcapiv2/api/policy_group_members_membership_api.rb new file mode 100644 index 0000000..509af4e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/policy_group_members_membership_api.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class PolicyGroupMembersMembershipApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # List the members of a Policy Group + # This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_group_members_list(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_members_list_with_http_info(group_id, opts) + data + end + + # List the members of a Policy Group + # This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_members_list_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupMembersMembershipApi.graph_policy_group_members_list ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupMembersMembershipApi.graph_policy_group_members_list" + end + # resource path + local_var_path = '/policygroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupMembersMembershipApi#graph_policy_group_members_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Manage the members of a Policy Group + # This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def graph_policy_group_members_post(group_id, opts = {}) + graph_policy_group_members_post_with_http_info(group_id, opts) + nil + end + + # Manage the members of a Policy Group + # This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_policy_group_members_post_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupMembersMembershipApi.graph_policy_group_members_post ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupMembersMembershipApi.graph_policy_group_members_post" + end + # resource path + local_var_path = '/policygroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupMembersMembershipApi#graph_policy_group_members_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the Policy Group's membership + # This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_group_membership(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_membership_with_http_info(group_id, opts) + data + end + + # List the Policy Group's membership + # This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_membership_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupMembersMembershipApi.graph_policy_group_membership ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupMembersMembershipApi.graph_policy_group_membership" + end + # resource path + local_var_path = '/policygroups/{group_id}/membership'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupMembersMembershipApi#graph_policy_group_membership\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/policy_group_templates_api.rb b/jcapiv2/lib/jcapiv2/api/policy_group_templates_api.rb new file mode 100644 index 0000000..47f22cb --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/policy_group_templates_api.rb @@ -0,0 +1,419 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class PolicyGroupTemplatesApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Deletes policy group template. + # Deletes a Policy Group Template. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def policy_group_templates_delete(provider_id, id, opts = {}) + policy_group_templates_delete_with_http_info(provider_id, id, opts) + nil + end + + # Deletes policy group template. + # Deletes a Policy Group Template. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def policy_group_templates_delete_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupTemplatesApi.policy_group_templates_delete ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling PolicyGroupTemplatesApi.policy_group_templates_delete" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling PolicyGroupTemplatesApi.policy_group_templates_delete" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupTemplatesApi#policy_group_templates_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Gets a provider's policy group template. + # Retrieves a Policy Group Template for this provider. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [PolicyGroupTemplate] + def policy_group_templates_get(provider_id, id, opts = {}) + data, _status_code, _headers = policy_group_templates_get_with_http_info(provider_id, id, opts) + data + end + + # Gets a provider's policy group template. + # Retrieves a Policy Group Template for this provider. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(PolicyGroupTemplate, Integer, Hash)>] PolicyGroupTemplate data, response status code and response headers + def policy_group_templates_get_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupTemplatesApi.policy_group_templates_get ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling PolicyGroupTemplatesApi.policy_group_templates_get" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling PolicyGroupTemplatesApi.policy_group_templates_get" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroupTemplate' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupTemplatesApi#policy_group_templates_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve a configured policy template by id. + # Retrieves a Configured Policy Templates for this provider and Id. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [ConfiguredPolicyTemplate] + def policy_group_templates_get_configured_policy_template(provider_id, id, opts = {}) + data, _status_code, _headers = policy_group_templates_get_configured_policy_template_with_http_info(provider_id, id, opts) + data + end + + # Retrieve a configured policy template by id. + # Retrieves a Configured Policy Templates for this provider and Id. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(ConfiguredPolicyTemplate, Integer, Hash)>] ConfiguredPolicyTemplate data, response status code and response headers + def policy_group_templates_get_configured_policy_template_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupTemplatesApi.policy_group_templates_get_configured_policy_template ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling PolicyGroupTemplatesApi.policy_group_templates_get_configured_policy_template" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling PolicyGroupTemplatesApi.policy_group_templates_get_configured_policy_template" + end + # resource path + local_var_path = '/providers/{provider_id}/configuredpolicytemplates/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ConfiguredPolicyTemplate' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupTemplatesApi#policy_group_templates_get_configured_policy_template\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List a provider's policy group templates. + # Retrieves a list of Policy Group Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplates] + def policy_group_templates_list(provider_id, opts = {}) + data, _status_code, _headers = policy_group_templates_list_with_http_info(provider_id, opts) + data + end + + # List a provider's policy group templates. + # Retrieves a list of Policy Group Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(PolicyGroupTemplates, Integer, Hash)>] PolicyGroupTemplates data, response status code and response headers + def policy_group_templates_list_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupTemplatesApi.policy_group_templates_list ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling PolicyGroupTemplatesApi.policy_group_templates_list" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroupTemplates' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupTemplatesApi#policy_group_templates_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List a provider's configured policy templates. + # Retrieves a list of Configured Policy Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [InlineResponse20014] + def policy_group_templates_list_configured_policy_templates(provider_id, opts = {}) + data, _status_code, _headers = policy_group_templates_list_configured_policy_templates_with_http_info(provider_id, opts) + data + end + + # List a provider's configured policy templates. + # Retrieves a list of Configured Policy Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(InlineResponse20014, Integer, Hash)>] InlineResponse20014 data, response status code and response headers + def policy_group_templates_list_configured_policy_templates_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupTemplatesApi.policy_group_templates_list_configured_policy_templates ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling PolicyGroupTemplatesApi.policy_group_templates_list_configured_policy_templates" + end + # resource path + local_var_path = '/providers/{provider_id}/configuredpolicytemplates'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse20014' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupTemplatesApi#policy_group_templates_list_configured_policy_templates\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Gets the list of members from a policy group template. + # Retrieves a Policy Group Template's Members. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplateMembers] + def policy_group_templates_list_members(provider_id, id, opts = {}) + data, _status_code, _headers = policy_group_templates_list_members_with_http_info(provider_id, id, opts) + data + end + + # Gets the list of members from a policy group template. + # Retrieves a Policy Group Template's Members. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(PolicyGroupTemplateMembers, Integer, Hash)>] PolicyGroupTemplateMembers data, response status code and response headers + def policy_group_templates_list_members_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupTemplatesApi.policy_group_templates_list_members ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling PolicyGroupTemplatesApi.policy_group_templates_list_members" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling PolicyGroupTemplatesApi.policy_group_templates_list_members" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates/{id}/members'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroupTemplateMembers' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupTemplatesApi#policy_group_templates_list_members\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/policy_groups_api.rb b/jcapiv2/lib/jcapiv2/api/policy_groups_api.rb new file mode 100644 index 0000000..fc67dec --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/policy_groups_api.rb @@ -0,0 +1,792 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class PolicyGroupsApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # List the associations of a Policy Group. + # This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param targets Targets which a \"policy_group\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_group_associations_list(group_id, targets, opts = {}) + data, _status_code, _headers = graph_policy_group_associations_list_with_http_info(group_id, targets, opts) + data + end + + # List the associations of a Policy Group. + # This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param targets Targets which a \"policy_group\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_associations_list_with_http_info(group_id, targets, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.graph_policy_group_associations_list ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupsApi.graph_policy_group_associations_list" + end + # verify the required parameter 'targets' is set + if @api_client.config.client_side_validation && targets.nil? + fail ArgumentError, "Missing the required parameter 'targets' when calling PolicyGroupsApi.graph_policy_group_associations_list" + end + # resource path + local_var_path = '/policygroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#graph_policy_group_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Manage the associations of a Policy Group + # This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def graph_policy_group_associations_post(group_id, opts = {}) + graph_policy_group_associations_post_with_http_info(group_id, opts) + nil + end + + # Manage the associations of a Policy Group + # This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_policy_group_associations_post_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.graph_policy_group_associations_post ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupsApi.graph_policy_group_associations_post" + end + # resource path + local_var_path = '/policygroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#graph_policy_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the members of a Policy Group + # This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_group_members_list(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_members_list_with_http_info(group_id, opts) + data + end + + # List the members of a Policy Group + # This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_members_list_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.graph_policy_group_members_list ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupsApi.graph_policy_group_members_list" + end + # resource path + local_var_path = '/policygroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#graph_policy_group_members_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Manage the members of a Policy Group + # This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def graph_policy_group_members_post(group_id, opts = {}) + graph_policy_group_members_post_with_http_info(group_id, opts) + nil + end + + # Manage the members of a Policy Group + # This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_policy_group_members_post_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.graph_policy_group_members_post ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupsApi.graph_policy_group_members_post" + end + # resource path + local_var_path = '/policygroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#graph_policy_group_members_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the Policy Group's membership + # This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_policy_group_membership(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_membership_with_http_info(group_id, opts) + data + end + + # List the Policy Group's membership + # This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_membership_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.graph_policy_group_membership ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupsApi.graph_policy_group_membership" + end + # resource path + local_var_path = '/policygroups/{group_id}/membership'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#graph_policy_group_membership\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the Systems bound to a Policy Group + # This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_policy_group_traverse_system(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_traverse_system_with_http_info(group_id, opts) + data + end + + # List the Systems bound to a Policy Group + # This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_traverse_system_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.graph_policy_group_traverse_system ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupsApi.graph_policy_group_traverse_system" + end + # resource path + local_var_path = '/policygroups/{group_id}/systems'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#graph_policy_group_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the System Groups bound to Policy Groups + # This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_policy_group_traverse_system_group(group_id, opts = {}) + data, _status_code, _headers = graph_policy_group_traverse_system_group_with_http_info(group_id, opts) + data + end + + # List the System Groups bound to Policy Groups + # This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_policy_group_traverse_system_group_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.graph_policy_group_traverse_system_group ...' + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling PolicyGroupsApi.graph_policy_group_traverse_system_group" + end + # resource path + local_var_path = '/policygroups/{group_id}/systemgroups'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#graph_policy_group_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete a Policy Group + # This endpoint allows you to delete a Policy Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/policygroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PolicyGroup] + def groups_policy_delete(id, opts = {}) + data, _status_code, _headers = groups_policy_delete_with_http_info(id, opts) + data + end + + # Delete a Policy Group + # This endpoint allows you to delete a Policy Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/policygroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PolicyGroup, Integer, Hash)>] PolicyGroup data, response status code and response headers + def groups_policy_delete_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.groups_policy_delete ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling PolicyGroupsApi.groups_policy_delete" + end + # resource path + local_var_path = '/policygroups/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#groups_policy_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # View an individual Policy Group details + # This endpoint returns the details of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PolicyGroup] + def groups_policy_get(id, opts = {}) + data, _status_code, _headers = groups_policy_get_with_http_info(id, opts) + data + end + + # View an individual Policy Group details + # This endpoint returns the details of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PolicyGroup, Integer, Hash)>] PolicyGroup data, response status code and response headers + def groups_policy_get_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.groups_policy_get ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling PolicyGroupsApi.groups_policy_get" + end + # resource path + local_var_path = '/policygroups/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#groups_policy_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List all Policy Groups + # This endpoint returns all Policy Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def groups_policy_list(opts = {}) + data, _status_code, _headers = groups_policy_list_with_http_info(opts) + data + end + + # List all Policy Groups + # This endpoint returns all Policy Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def groups_policy_list_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.groups_policy_list ...' + end + # resource path + local_var_path = '/policygroups' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#groups_policy_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create a new Policy Group + # This endpoint allows you to create a new Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [PolicyGroupData] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PolicyGroup] + def groups_policy_post(opts = {}) + data, _status_code, _headers = groups_policy_post_with_http_info(opts) + data + end + + # Create a new Policy Group + # This endpoint allows you to create a new Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [PolicyGroupData] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PolicyGroup, Integer, Hash)>] PolicyGroup data, response status code and response headers + def groups_policy_post_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.groups_policy_post ...' + end + # resource path + local_var_path = '/policygroups' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'PolicyGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#groups_policy_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update a Policy Group + # This endpoint allows you to do a full update of the Policy Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policygroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"group_update\" }' ``` + # @param id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [PolicyGroupData] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PolicyGroup] + def groups_policy_put(id, opts = {}) + data, _status_code, _headers = groups_policy_put_with_http_info(id, opts) + data + end + + # Update a Policy Group + # This endpoint allows you to do a full update of the Policy Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policygroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"group_update\" }' ``` + # @param id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [PolicyGroupData] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PolicyGroup, Integer, Hash)>] PolicyGroup data, response status code and response headers + def groups_policy_put_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: PolicyGroupsApi.groups_policy_put ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling PolicyGroupsApi.groups_policy_put" + end + # resource path + local_var_path = '/policygroups/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'PolicyGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: PolicyGroupsApi#groups_policy_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/policytemplates_api.rb b/jcapiv2/lib/jcapiv2/api/policytemplates_api.rb index 4a5ba84..d70dfa0 100644 --- a/jcapiv2/lib/jcapiv2/api/policytemplates_api.rb +++ b/jcapiv2/lib/jcapiv2/api/policytemplates_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class PolicytemplatesApi attr_accessor :api_client @@ -19,129 +16,99 @@ class PolicytemplatesApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Get a specific Policy Template - # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates/{Policy_Template_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy Template. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [PolicyTemplateWithDetails] - def policytemplates_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = policytemplates_get_with_http_info(id, content_type, accept, opts) - return data + def policytemplates_get(id, opts = {}) + data, _status_code, _headers = policytemplates_get_with_http_info(id, opts) + data end # Get a specific Policy Template - # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates/{Policy_Template_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy Template. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(PolicyTemplateWithDetails, Fixnum, Hash)>] PolicyTemplateWithDetails data, response status code and response headers - def policytemplates_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PolicyTemplateWithDetails, Integer, Hash)>] PolicyTemplateWithDetails data, response status code and response headers + def policytemplates_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PolicytemplatesApi.policytemplates_get ..." + @api_client.config.logger.debug 'Calling API: PolicytemplatesApi.policytemplates_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling PolicytemplatesApi.policytemplates_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PolicytemplatesApi.policytemplates_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PolicytemplatesApi.policytemplates_get" - end # resource path - local_var_path = "/policytemplates/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/policytemplates/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyTemplateWithDetails' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'PolicyTemplateWithDetails') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PolicytemplatesApi#policytemplates_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Lists all of the Policy Templates # This endpoint returns all policy templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def policytemplates_list(content_type, accept, opts = {}) - data, _status_code, _headers = policytemplates_list_with_http_info(content_type, accept, opts) - return data + def policytemplates_list(opts = {}) + data, _status_code, _headers = policytemplates_list_with_http_info(opts) + data end # Lists all of the Policy Templates - # This endpoint returns all policy templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all policy templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def policytemplates_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def policytemplates_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: PolicytemplatesApi.policytemplates_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling PolicytemplatesApi.policytemplates_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling PolicytemplatesApi.policytemplates_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling PolicytemplatesApi.policytemplates_list, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: PolicytemplatesApi.policytemplates_list ...' end - # resource path - local_var_path = "/policytemplates" + local_var_path = '/policytemplates' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -149,28 +116,28 @@ def policytemplates_list_with_http_info(content_type, accept, opts = {}) query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: PolicytemplatesApi#policytemplates_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/providers_api.rb b/jcapiv2/lib/jcapiv2/api/providers_api.rb index 4621669..f48aa14 100644 --- a/jcapiv2/lib/jcapiv2/api/providers_api.rb +++ b/jcapiv2/lib/jcapiv2/api/providers_api.rb @@ -1,79 +1,3866 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class ProvidersApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Creates a new Autotask integration for the provider + # Creates a new Autotask integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with Autotask. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [AutotaskIntegrationReq] :body + # @return [InlineResponse201] + def autotask_create_configuration(provider_id, opts = {}) + data, _status_code, _headers = autotask_create_configuration_with_http_info(provider_id, opts) + data + end + + # Creates a new Autotask integration for the provider + # Creates a new Autotask integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with Autotask. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [AutotaskIntegrationReq] :body + # @return [Array<(InlineResponse201, Integer, Hash)>] InlineResponse201 data, response status code and response headers + def autotask_create_configuration_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_create_configuration ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.autotask_create_configuration" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/autotask'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'InlineResponse201' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_create_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete Autotask Integration + # Removes a Autotask integration. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [nil] + def autotask_delete_configuration(uuid, opts = {}) + autotask_delete_configuration_with_http_info(uuid, opts) + nil + end + + # Delete Autotask Integration + # Removes a Autotask integration. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def autotask_delete_configuration_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_delete_configuration ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_delete_configuration" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_delete_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Autotask Integration Configuration + # Retrieves configuration for given Autotask integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [AutotaskIntegration] + def autotask_get_configuration(uuid, opts = {}) + data, _status_code, _headers = autotask_get_configuration_with_http_info(uuid, opts) + data + end + + # Retrieve Autotask Integration Configuration + # Retrieves configuration for given Autotask integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(AutotaskIntegration, Integer, Hash)>] AutotaskIntegration data, response status code and response headers + def autotask_get_configuration_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_get_configuration ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_get_configuration" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AutotaskIntegration' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_get_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create, edit, and/or delete Autotask Mappings + # Create, edit, and/or delete mappings between Jumpcloud organizations and Autotask companies/contracts/services. You must be associated to the same provider as the Autotask integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskMappingRequest] :body + # @return [AutotaskMappingResponse] + def autotask_patch_mappings(uuid, opts = {}) + data, _status_code, _headers = autotask_patch_mappings_with_http_info(uuid, opts) + data + end + + # Create, edit, and/or delete Autotask Mappings + # Create, edit, and/or delete mappings between Jumpcloud organizations and Autotask companies/contracts/services. You must be associated to the same provider as the Autotask integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskMappingRequest] :body + # @return [Array<(AutotaskMappingResponse, Integer, Hash)>] AutotaskMappingResponse data, response status code and response headers + def autotask_patch_mappings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_patch_mappings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_patch_mappings" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}/mappings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'AutotaskMappingResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_patch_mappings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create, edit, and/or delete Autotask Integration settings + # Create, edit, and/or delete Autotask settings. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskSettingsPatchReq] :body + # @return [AutotaskSettings] + def autotask_patch_settings(uuid, opts = {}) + data, _status_code, _headers = autotask_patch_settings_with_http_info(uuid, opts) + data + end + + # Create, edit, and/or delete Autotask Integration settings + # Create, edit, and/or delete Autotask settings. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskSettingsPatchReq] :body + # @return [Array<(AutotaskSettings, Integer, Hash)>] AutotaskSettings data, response status code and response headers + def autotask_patch_settings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_patch_settings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_patch_settings" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}/settings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'AutotaskSettings' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_patch_settings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get all Autotask ticketing alert configuration options for a provider + # Get all Autotask ticketing alert configuration options for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [AutotaskTicketingAlertConfigurationOptions] + def autotask_retrieve_all_alert_configuration_options(provider_id, opts = {}) + data, _status_code, _headers = autotask_retrieve_all_alert_configuration_options_with_http_info(provider_id, opts) + data + end + + # Get all Autotask ticketing alert configuration options for a provider + # Get all Autotask ticketing alert configuration options for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [Array<(AutotaskTicketingAlertConfigurationOptions, Integer, Hash)>] AutotaskTicketingAlertConfigurationOptions data, response status code and response headers + def autotask_retrieve_all_alert_configuration_options_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_retrieve_all_alert_configuration_options ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.autotask_retrieve_all_alert_configuration_options" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/autotask/alerts/configuration/options'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AutotaskTicketingAlertConfigurationOptions' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_retrieve_all_alert_configuration_options\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get all Autotask ticketing alert configurations for a provider + # Get all Autotask ticketing alert configurations for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [AutotaskTicketingAlertConfigurationList] + def autotask_retrieve_all_alert_configurations(provider_id, opts = {}) + data, _status_code, _headers = autotask_retrieve_all_alert_configurations_with_http_info(provider_id, opts) + data + end + + # Get all Autotask ticketing alert configurations for a provider + # Get all Autotask ticketing alert configurations for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [Array<(AutotaskTicketingAlertConfigurationList, Integer, Hash)>] AutotaskTicketingAlertConfigurationList data, response status code and response headers + def autotask_retrieve_all_alert_configurations_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_retrieve_all_alert_configurations ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.autotask_retrieve_all_alert_configurations" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/autotask/alerts/configuration'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AutotaskTicketingAlertConfigurationList' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_retrieve_all_alert_configurations\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Autotask Companies + # Retrieves a list of Autotask companies for the given Autotask id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [AutotaskCompanyResp] + def autotask_retrieve_companies(uuid, opts = {}) + data, _status_code, _headers = autotask_retrieve_companies_with_http_info(uuid, opts) + data + end + + # Retrieve Autotask Companies + # Retrieves a list of Autotask companies for the given Autotask id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(AutotaskCompanyResp, Integer, Hash)>] AutotaskCompanyResp data, response status code and response headers + def autotask_retrieve_companies_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_retrieve_companies ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_retrieve_companies" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}/companies'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AutotaskCompanyResp' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_retrieve_companies\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Autotask Company Types + # Retrieves a list of user defined company types from Autotask for the given Autotask id. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [AutotaskCompanyTypeResp] + def autotask_retrieve_company_types(uuid, opts = {}) + data, _status_code, _headers = autotask_retrieve_company_types_with_http_info(uuid, opts) + data + end + + # Retrieve Autotask Company Types + # Retrieves a list of user defined company types from Autotask for the given Autotask id. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(AutotaskCompanyTypeResp, Integer, Hash)>] AutotaskCompanyTypeResp data, response status code and response headers + def autotask_retrieve_company_types_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_retrieve_company_types ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_retrieve_company_types" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}/companytypes'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AutotaskCompanyTypeResp' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_retrieve_company_types\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Autotask Contracts + # Retrieves a list of Autotask contracts for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2003] + def autotask_retrieve_contracts(uuid, opts = {}) + data, _status_code, _headers = autotask_retrieve_contracts_with_http_info(uuid, opts) + data + end + + # Retrieve Autotask Contracts + # Retrieves a list of Autotask contracts for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse2003, Integer, Hash)>] InlineResponse2003 data, response status code and response headers + def autotask_retrieve_contracts_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_retrieve_contracts ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_retrieve_contracts" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}/contracts'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2003' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_retrieve_contracts\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Autotask Contract Fields + # Retrieves a list of Autotask contract fields for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [InlineResponse2004] + def autotask_retrieve_contracts_fields(uuid, opts = {}) + data, _status_code, _headers = autotask_retrieve_contracts_fields_with_http_info(uuid, opts) + data + end + + # Retrieve Autotask Contract Fields + # Retrieves a list of Autotask contract fields for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(InlineResponse2004, Integer, Hash)>] InlineResponse2004 data, response status code and response headers + def autotask_retrieve_contracts_fields_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_retrieve_contracts_fields ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_retrieve_contracts_fields" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}/contracts/fields'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2004' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_retrieve_contracts_fields\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Autotask mappings + # Retrieves the list of mappings for this Autotask integration. You must be associated to the same provider as the Autotask integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2006] + def autotask_retrieve_mappings(uuid, opts = {}) + data, _status_code, _headers = autotask_retrieve_mappings_with_http_info(uuid, opts) + data + end + + # Retrieve Autotask mappings + # Retrieves the list of mappings for this Autotask integration. You must be associated to the same provider as the Autotask integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse2006, Integer, Hash)>] InlineResponse2006 data, response status code and response headers + def autotask_retrieve_mappings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_retrieve_mappings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_retrieve_mappings" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}/mappings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2006' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_retrieve_mappings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Autotask Contract Services + # Retrieves a list of Autotask contract services for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2005] + def autotask_retrieve_services(uuid, opts = {}) + data, _status_code, _headers = autotask_retrieve_services_with_http_info(uuid, opts) + data + end + + # Retrieve Autotask Contract Services + # Retrieves a list of Autotask contract services for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse2005, Integer, Hash)>] InlineResponse2005 data, response status code and response headers + def autotask_retrieve_services_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_retrieve_services ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_retrieve_services" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}/contracts/services'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2005' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_retrieve_services\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Autotask Integration settings + # Retrieve the Autotask integration settings. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [AutotaskSettings] + def autotask_retrieve_settings(uuid, opts = {}) + data, _status_code, _headers = autotask_retrieve_settings_with_http_info(uuid, opts) + data + end + + # Retrieve Autotask Integration settings + # Retrieve the Autotask integration settings. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(AutotaskSettings, Integer, Hash)>] AutotaskSettings data, response status code and response headers + def autotask_retrieve_settings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_retrieve_settings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_retrieve_settings" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}/settings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'AutotaskSettings' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_retrieve_settings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update an Autotask ticketing alert's configuration + # Update an Autotask ticketing alert's configuration + # @param provider_id + # @param alert_uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskTicketingAlertConfigurationRequest] :body + # @return [AutotaskTicketingAlertConfiguration] + def autotask_update_alert_configuration(provider_id, alert_uuid, opts = {}) + data, _status_code, _headers = autotask_update_alert_configuration_with_http_info(provider_id, alert_uuid, opts) + data + end + + # Update an Autotask ticketing alert's configuration + # Update an Autotask ticketing alert's configuration + # @param provider_id + # @param alert_uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskTicketingAlertConfigurationRequest] :body + # @return [Array<(AutotaskTicketingAlertConfiguration, Integer, Hash)>] AutotaskTicketingAlertConfiguration data, response status code and response headers + def autotask_update_alert_configuration_with_http_info(provider_id, alert_uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_update_alert_configuration ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.autotask_update_alert_configuration" + end + # verify the required parameter 'alert_uuid' is set + if @api_client.config.client_side_validation && alert_uuid.nil? + fail ArgumentError, "Missing the required parameter 'alert_uuid' when calling ProvidersApi.autotask_update_alert_configuration" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/autotask/alerts/{alert_UUID}/configuration'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'alert_UUID' + '}', alert_uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'AutotaskTicketingAlertConfiguration' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_update_alert_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update Autotask Integration configuration + # Update the Autotask integration configuration. A 422 Unprocessable Entity response means the server failed to validate with Autotask. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskIntegrationPatchReq] :body + # @return [AutotaskIntegration] + def autotask_update_configuration(uuid, opts = {}) + data, _status_code, _headers = autotask_update_configuration_with_http_info(uuid, opts) + data + end + + # Update Autotask Integration configuration + # Update the Autotask integration configuration. A 422 Unprocessable Entity response means the server failed to validate with Autotask. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskIntegrationPatchReq] :body + # @return [Array<(AutotaskIntegration, Integer, Hash)>] AutotaskIntegration data, response status code and response headers + def autotask_update_configuration_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.autotask_update_configuration ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.autotask_update_configuration" + end + # resource path + local_var_path = '/integrations/autotask/{UUID}'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'AutotaskIntegration' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#autotask_update_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve contract for a Provider + # Retrieve contract for a Provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [String] + def billing_get_contract(provider_id, opts = {}) + data, _status_code, _headers = billing_get_contract_with_http_info(provider_id, opts) + data + end + + # Retrieve contract for a Provider + # Retrieve contract for a Provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [Array<(String, Integer, Hash)>] String data, response status code and response headers + def billing_get_contract_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.billing_get_contract ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.billing_get_contract" + end + # resource path + local_var_path = '/providers/{provider_id}/billing/contract'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/pdf']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'String' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#billing_get_contract\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve billing details for a Provider + # Retrieve billing details for a Provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudMspGetDetailsResponse] + def billing_get_details(provider_id, opts = {}) + data, _status_code, _headers = billing_get_details_with_http_info(provider_id, opts) + data + end + + # Retrieve billing details for a Provider + # Retrieve billing details for a Provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudMspGetDetailsResponse, Integer, Hash)>] JumpcloudMspGetDetailsResponse data, response status code and response headers + def billing_get_details_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.billing_get_details ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.billing_get_details" + end + # resource path + local_var_path = '/providers/{provider_id}/billing/details'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'JumpcloudMspGetDetailsResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#billing_get_details\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Creates a new ConnectWise integration for the provider + # Creates a new ConnectWise integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with ConnectWise. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [ConnectwiseIntegrationReq] :body + # @return [InlineResponse201] + def connectwise_create_configuration(provider_id, opts = {}) + data, _status_code, _headers = connectwise_create_configuration_with_http_info(provider_id, opts) + data + end + + # Creates a new ConnectWise integration for the provider + # Creates a new ConnectWise integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with ConnectWise. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [ConnectwiseIntegrationReq] :body + # @return [Array<(InlineResponse201, Integer, Hash)>] InlineResponse201 data, response status code and response headers + def connectwise_create_configuration_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_create_configuration ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.connectwise_create_configuration" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/connectwise'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'InlineResponse201' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_create_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete ConnectWise Integration + # Removes a ConnectWise integration. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [nil] + def connectwise_delete_configuration(uuid, opts = {}) + connectwise_delete_configuration_with_http_info(uuid, opts) + nil + end + + # Delete ConnectWise Integration + # Removes a ConnectWise integration. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def connectwise_delete_configuration_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_delete_configuration ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_delete_configuration" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_delete_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve ConnectWise Integration Configuration + # Retrieves configuration for given ConnectWise integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [ConnectwiseIntegration] + def connectwise_get_configuration(uuid, opts = {}) + data, _status_code, _headers = connectwise_get_configuration_with_http_info(uuid, opts) + data + end + + # Retrieve ConnectWise Integration Configuration + # Retrieves configuration for given ConnectWise integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(ConnectwiseIntegration, Integer, Hash)>] ConnectwiseIntegration data, response status code and response headers + def connectwise_get_configuration_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_get_configuration ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_get_configuration" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ConnectwiseIntegration' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_get_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create, edit, and/or delete ConnectWise Mappings + # Create, edit, and/or delete mappings between Jumpcloud organizations and ConnectWise companies/agreements/additions. You must be associated to the same provider as the ConnectWise integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectWiseMappingRequest] :body + # @return [ConnectWiseMappingRequest] + def connectwise_patch_mappings(uuid, opts = {}) + data, _status_code, _headers = connectwise_patch_mappings_with_http_info(uuid, opts) + data + end + + # Create, edit, and/or delete ConnectWise Mappings + # Create, edit, and/or delete mappings between Jumpcloud organizations and ConnectWise companies/agreements/additions. You must be associated to the same provider as the ConnectWise integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectWiseMappingRequest] :body + # @return [Array<(ConnectWiseMappingRequest, Integer, Hash)>] ConnectWiseMappingRequest data, response status code and response headers + def connectwise_patch_mappings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_patch_mappings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_patch_mappings" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}/mappings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'ConnectWiseMappingRequest' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_patch_mappings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create, edit, and/or delete ConnectWise Integration settings + # Create, edit, and/or delete ConnectWiseIntegration settings. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectWiseSettingsPatchReq] :body + # @return [ConnectWiseSettings] + def connectwise_patch_settings(uuid, opts = {}) + data, _status_code, _headers = connectwise_patch_settings_with_http_info(uuid, opts) + data + end + + # Create, edit, and/or delete ConnectWise Integration settings + # Create, edit, and/or delete ConnectWiseIntegration settings. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectWiseSettingsPatchReq] :body + # @return [Array<(ConnectWiseSettings, Integer, Hash)>] ConnectWiseSettings data, response status code and response headers + def connectwise_patch_settings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_patch_settings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_patch_settings" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}/settings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'ConnectWiseSettings' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_patch_settings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve ConnectWise Additions + # Retrieves a list of ConnectWise additions for the given ConnectWise id and Agreement id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param agreement_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2008] + def connectwise_retrieve_additions(uuid, agreement_id, opts = {}) + data, _status_code, _headers = connectwise_retrieve_additions_with_http_info(uuid, agreement_id, opts) + data + end + + # Retrieve ConnectWise Additions + # Retrieves a list of ConnectWise additions for the given ConnectWise id and Agreement id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param agreement_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse2008, Integer, Hash)>] InlineResponse2008 data, response status code and response headers + def connectwise_retrieve_additions_with_http_info(uuid, agreement_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_retrieve_additions ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_retrieve_additions" + end + # verify the required parameter 'agreement_id' is set + if @api_client.config.client_side_validation && agreement_id.nil? + fail ArgumentError, "Missing the required parameter 'agreement_id' when calling ProvidersApi.connectwise_retrieve_additions" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}/agreements/{agreement_ID}/additions'.sub('{' + 'UUID' + '}', uuid.to_s).sub('{' + 'agreement_ID' + '}', agreement_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2008' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_retrieve_additions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve ConnectWise Agreements + # Retrieves a list of ConnectWise agreements for the given ConnectWise id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2007] + def connectwise_retrieve_agreements(uuid, opts = {}) + data, _status_code, _headers = connectwise_retrieve_agreements_with_http_info(uuid, opts) + data + end + + # Retrieve ConnectWise Agreements + # Retrieves a list of ConnectWise agreements for the given ConnectWise id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse2007, Integer, Hash)>] InlineResponse2007 data, response status code and response headers + def connectwise_retrieve_agreements_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_retrieve_agreements ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_retrieve_agreements" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}/agreements'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2007' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_retrieve_agreements\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get all ConnectWise ticketing alert configuration options for a provider + # Get all ConnectWise ticketing alert configuration options for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [ConnectWiseTicketingAlertConfigurationOptions] + def connectwise_retrieve_all_alert_configuration_options(provider_id, opts = {}) + data, _status_code, _headers = connectwise_retrieve_all_alert_configuration_options_with_http_info(provider_id, opts) + data + end + + # Get all ConnectWise ticketing alert configuration options for a provider + # Get all ConnectWise ticketing alert configuration options for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [Array<(ConnectWiseTicketingAlertConfigurationOptions, Integer, Hash)>] ConnectWiseTicketingAlertConfigurationOptions data, response status code and response headers + def connectwise_retrieve_all_alert_configuration_options_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_retrieve_all_alert_configuration_options ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.connectwise_retrieve_all_alert_configuration_options" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/connectwise/alerts/configuration/options'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ConnectWiseTicketingAlertConfigurationOptions' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_retrieve_all_alert_configuration_options\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get all ConnectWise ticketing alert configurations for a provider + # Get all ConnectWise ticketing alert configurations for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [ConnectWiseTicketingAlertConfigurationList] + def connectwise_retrieve_all_alert_configurations(provider_id, opts = {}) + data, _status_code, _headers = connectwise_retrieve_all_alert_configurations_with_http_info(provider_id, opts) + data + end + + # Get all ConnectWise ticketing alert configurations for a provider + # Get all ConnectWise ticketing alert configurations for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [Array<(ConnectWiseTicketingAlertConfigurationList, Integer, Hash)>] ConnectWiseTicketingAlertConfigurationList data, response status code and response headers + def connectwise_retrieve_all_alert_configurations_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_retrieve_all_alert_configurations ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.connectwise_retrieve_all_alert_configurations" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/connectwise/alerts/configuration'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ConnectWiseTicketingAlertConfigurationList' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_retrieve_all_alert_configurations\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve ConnectWise Companies + # Retrieves a list of ConnectWise companies for the given ConnectWise id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [ConnectwiseCompanyResp] + def connectwise_retrieve_companies(uuid, opts = {}) + data, _status_code, _headers = connectwise_retrieve_companies_with_http_info(uuid, opts) + data + end + + # Retrieve ConnectWise Companies + # Retrieves a list of ConnectWise companies for the given ConnectWise id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(ConnectwiseCompanyResp, Integer, Hash)>] ConnectwiseCompanyResp data, response status code and response headers + def connectwise_retrieve_companies_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_retrieve_companies ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_retrieve_companies" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}/companies'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ConnectwiseCompanyResp' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_retrieve_companies\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve ConnectWise Company Types + # Retrieves a list of user defined company types from ConnectWise for the given ConnectWise id. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [ConnectwiseCompanyTypeResp] + def connectwise_retrieve_company_types(uuid, opts = {}) + data, _status_code, _headers = connectwise_retrieve_company_types_with_http_info(uuid, opts) + data + end + + # Retrieve ConnectWise Company Types + # Retrieves a list of user defined company types from ConnectWise for the given ConnectWise id. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(ConnectwiseCompanyTypeResp, Integer, Hash)>] ConnectwiseCompanyTypeResp data, response status code and response headers + def connectwise_retrieve_company_types_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_retrieve_company_types ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_retrieve_company_types" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}/companytypes'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ConnectwiseCompanyTypeResp' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_retrieve_company_types\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve ConnectWise mappings + # Retrieves the list of mappings for this ConnectWise integration. You must be associated to the same provider as the ConnectWise integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2009] + def connectwise_retrieve_mappings(uuid, opts = {}) + data, _status_code, _headers = connectwise_retrieve_mappings_with_http_info(uuid, opts) + data + end + + # Retrieve ConnectWise mappings + # Retrieves the list of mappings for this ConnectWise integration. You must be associated to the same provider as the ConnectWise integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse2009, Integer, Hash)>] InlineResponse2009 data, response status code and response headers + def connectwise_retrieve_mappings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_retrieve_mappings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_retrieve_mappings" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}/mappings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse2009' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_retrieve_mappings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve ConnectWise Integration settings + # Retrieve the ConnectWise integration settings. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [ConnectWiseSettings] + def connectwise_retrieve_settings(uuid, opts = {}) + data, _status_code, _headers = connectwise_retrieve_settings_with_http_info(uuid, opts) + data + end + + # Retrieve ConnectWise Integration settings + # Retrieve the ConnectWise integration settings. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(ConnectWiseSettings, Integer, Hash)>] ConnectWiseSettings data, response status code and response headers + def connectwise_retrieve_settings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_retrieve_settings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_retrieve_settings" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}/settings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ConnectWiseSettings' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_retrieve_settings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update a ConnectWise ticketing alert's configuration + # Update a ConnectWise ticketing alert's configuration. + # @param provider_id + # @param alert_uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectWiseTicketingAlertConfigurationRequest] :body + # @return [ConnectWiseTicketingAlertConfiguration] + def connectwise_update_alert_configuration(provider_id, alert_uuid, opts = {}) + data, _status_code, _headers = connectwise_update_alert_configuration_with_http_info(provider_id, alert_uuid, opts) + data + end + + # Update a ConnectWise ticketing alert's configuration + # Update a ConnectWise ticketing alert's configuration. + # @param provider_id + # @param alert_uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectWiseTicketingAlertConfigurationRequest] :body + # @return [Array<(ConnectWiseTicketingAlertConfiguration, Integer, Hash)>] ConnectWiseTicketingAlertConfiguration data, response status code and response headers + def connectwise_update_alert_configuration_with_http_info(provider_id, alert_uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_update_alert_configuration ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.connectwise_update_alert_configuration" + end + # verify the required parameter 'alert_uuid' is set + if @api_client.config.client_side_validation && alert_uuid.nil? + fail ArgumentError, "Missing the required parameter 'alert_uuid' when calling ProvidersApi.connectwise_update_alert_configuration" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/connectwise/alerts/{alert_UUID}/configuration'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'alert_UUID' + '}', alert_uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'ConnectWiseTicketingAlertConfiguration' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_update_alert_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update ConnectWise Integration configuration + # Update the ConnectWise integration configuration. A 422 Unprocessable Entity response means the server failed to validate with ConnectWise. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectwiseIntegrationPatchReq] :body + # @return [ConnectwiseIntegration] + def connectwise_update_configuration(uuid, opts = {}) + data, _status_code, _headers = connectwise_update_configuration_with_http_info(uuid, opts) + data + end + + # Update ConnectWise Integration configuration + # Update the ConnectWise integration configuration. A 422 Unprocessable Entity response means the server failed to validate with ConnectWise. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectwiseIntegrationPatchReq] :body + # @return [Array<(ConnectwiseIntegration, Integer, Hash)>] ConnectwiseIntegration data, response status code and response headers + def connectwise_update_configuration_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.connectwise_update_configuration ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.connectwise_update_configuration" + end + # resource path + local_var_path = '/integrations/connectwise/{UUID}'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'ConnectwiseIntegration' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#connectwise_update_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get all ticketing alerts available for a provider's ticketing integration. + # Get all ticketing alerts available for a provider's ticketing integration. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [TicketingIntegrationAlertsResp] + def mtp_integration_retrieve_alerts(provider_id, opts = {}) + data, _status_code, _headers = mtp_integration_retrieve_alerts_with_http_info(provider_id, opts) + data + end + + # Get all ticketing alerts available for a provider's ticketing integration. + # Get all ticketing alerts available for a provider's ticketing integration. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [Array<(TicketingIntegrationAlertsResp, Integer, Hash)>] TicketingIntegrationAlertsResp data, response status code and response headers + def mtp_integration_retrieve_alerts_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.mtp_integration_retrieve_alerts ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.mtp_integration_retrieve_alerts" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/ticketing/alerts'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'TicketingIntegrationAlertsResp' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#mtp_integration_retrieve_alerts\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Recent Integration Sync Errors + # Retrieves recent sync errors for given integration type and integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param integration_type + # @param [Hash] opts the optional parameters + # @return [IntegrationSyncErrorResp] + def mtp_integration_retrieve_sync_errors(uuid, integration_type, opts = {}) + data, _status_code, _headers = mtp_integration_retrieve_sync_errors_with_http_info(uuid, integration_type, opts) + data + end + + # Retrieve Recent Integration Sync Errors + # Retrieves recent sync errors for given integration type and integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param integration_type + # @param [Hash] opts the optional parameters + # @return [Array<(IntegrationSyncErrorResp, Integer, Hash)>] IntegrationSyncErrorResp data, response status code and response headers + def mtp_integration_retrieve_sync_errors_with_http_info(uuid, integration_type, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.mtp_integration_retrieve_sync_errors ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.mtp_integration_retrieve_sync_errors" + end + # verify the required parameter 'integration_type' is set + if @api_client.config.client_side_validation && integration_type.nil? + fail ArgumentError, "Missing the required parameter 'integration_type' when calling ProvidersApi.mtp_integration_retrieve_sync_errors" + end + # resource path + local_var_path = '/integrations/{integration_type}/{UUID}/errors'.sub('{' + 'UUID' + '}', uuid.to_s).sub('{' + 'integration_type' + '}', integration_type.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'IntegrationSyncErrorResp' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#mtp_integration_retrieve_sync_errors\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Deletes policy group template. + # Deletes a Policy Group Template. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def policy_group_templates_delete(provider_id, id, opts = {}) + policy_group_templates_delete_with_http_info(provider_id, id, opts) + nil + end + + # Deletes policy group template. + # Deletes a Policy Group Template. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def policy_group_templates_delete_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.policy_group_templates_delete ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.policy_group_templates_delete" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ProvidersApi.policy_group_templates_delete" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#policy_group_templates_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Gets a provider's policy group template. + # Retrieves a Policy Group Template for this provider. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [PolicyGroupTemplate] + def policy_group_templates_get(provider_id, id, opts = {}) + data, _status_code, _headers = policy_group_templates_get_with_http_info(provider_id, id, opts) + data + end + + # Gets a provider's policy group template. + # Retrieves a Policy Group Template for this provider. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(PolicyGroupTemplate, Integer, Hash)>] PolicyGroupTemplate data, response status code and response headers + def policy_group_templates_get_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.policy_group_templates_get ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.policy_group_templates_get" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ProvidersApi.policy_group_templates_get" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroupTemplate' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#policy_group_templates_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve a configured policy template by id. + # Retrieves a Configured Policy Templates for this provider and Id. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [ConfiguredPolicyTemplate] + def policy_group_templates_get_configured_policy_template(provider_id, id, opts = {}) + data, _status_code, _headers = policy_group_templates_get_configured_policy_template_with_http_info(provider_id, id, opts) + data + end + + # Retrieve a configured policy template by id. + # Retrieves a Configured Policy Templates for this provider and Id. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(ConfiguredPolicyTemplate, Integer, Hash)>] ConfiguredPolicyTemplate data, response status code and response headers + def policy_group_templates_get_configured_policy_template_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.policy_group_templates_get_configured_policy_template ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.policy_group_templates_get_configured_policy_template" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ProvidersApi.policy_group_templates_get_configured_policy_template" + end + # resource path + local_var_path = '/providers/{provider_id}/configuredpolicytemplates/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ConfiguredPolicyTemplate' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#policy_group_templates_get_configured_policy_template\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List a provider's policy group templates. + # Retrieves a list of Policy Group Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplates] + def policy_group_templates_list(provider_id, opts = {}) + data, _status_code, _headers = policy_group_templates_list_with_http_info(provider_id, opts) + data + end + + # List a provider's policy group templates. + # Retrieves a list of Policy Group Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(PolicyGroupTemplates, Integer, Hash)>] PolicyGroupTemplates data, response status code and response headers + def policy_group_templates_list_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.policy_group_templates_list ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.policy_group_templates_list" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroupTemplates' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#policy_group_templates_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List a provider's configured policy templates. + # Retrieves a list of Configured Policy Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [InlineResponse20014] + def policy_group_templates_list_configured_policy_templates(provider_id, opts = {}) + data, _status_code, _headers = policy_group_templates_list_configured_policy_templates_with_http_info(provider_id, opts) + data + end + + # List a provider's configured policy templates. + # Retrieves a list of Configured Policy Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(InlineResponse20014, Integer, Hash)>] InlineResponse20014 data, response status code and response headers + def policy_group_templates_list_configured_policy_templates_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.policy_group_templates_list_configured_policy_templates ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.policy_group_templates_list_configured_policy_templates" + end + # resource path + local_var_path = '/providers/{provider_id}/configuredpolicytemplates'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse20014' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#policy_group_templates_list_configured_policy_templates\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Gets the list of members from a policy group template. + # Retrieves a Policy Group Template's Members. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplateMembers] + def policy_group_templates_list_members(provider_id, id, opts = {}) + data, _status_code, _headers = policy_group_templates_list_members_with_http_info(provider_id, id, opts) + data + end + + # Gets the list of members from a policy group template. + # Retrieves a Policy Group Template's Members. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(PolicyGroupTemplateMembers, Integer, Hash)>] PolicyGroupTemplateMembers data, response status code and response headers + def policy_group_templates_list_members_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.policy_group_templates_list_members ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.policy_group_templates_list_members" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ProvidersApi.policy_group_templates_list_members" + end + # resource path + local_var_path = '/providers/{provider_id}/policygrouptemplates/{id}/members'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PolicyGroupTemplateMembers' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#policy_group_templates_list_members\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create Provider Organization + # This endpoint creates a new organization under the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [CreateOrganization] :body + # @return [Organization] + def provider_organizations_create_org(provider_id, opts = {}) + data, _status_code, _headers = provider_organizations_create_org_with_http_info(provider_id, opts) + data + end + + # Create Provider Organization + # This endpoint creates a new organization under the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [CreateOrganization] :body + # @return [Array<(Organization, Integer, Hash)>] Organization data, response status code and response headers + def provider_organizations_create_org_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.provider_organizations_create_org ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.provider_organizations_create_org" + end + # resource path + local_var_path = '/providers/{provider_id}/organizations'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Organization' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#provider_organizations_create_org\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update Provider Organization + # This endpoint updates a provider's organization + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Organization] :body + # @return [Organization] + def provider_organizations_update_org(provider_id, id, opts = {}) + data, _status_code, _headers = provider_organizations_update_org_with_http_info(provider_id, id, opts) + data + end + + # Update Provider Organization + # This endpoint updates a provider's organization + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Organization] :body + # @return [Array<(Organization, Integer, Hash)>] Organization data, response status code and response headers + def provider_organizations_update_org_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.provider_organizations_update_org ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.provider_organizations_update_org" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ProvidersApi.provider_organizations_update_org" + end + # resource path + local_var_path = '/providers/{provider_id}/organizations/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Organization' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#provider_organizations_update_org\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Provider + # This endpoint returns details about a provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @return [Provider] + def providers_get_provider(provider_id, opts = {}) + data, _status_code, _headers = providers_get_provider_with_http_info(provider_id, opts) + data + end + + # Retrieve Provider + # This endpoint returns details about a provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @return [Array<(Provider, Integer, Hash)>] Provider data, response status code and response headers + def providers_get_provider_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.providers_get_provider ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_get_provider" + end + # resource path + local_var_path = '/providers/{provider_id}'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Provider' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#providers_get_provider\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List Provider Administrators + # This endpoint returns a list of the Administrators associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse20013] + def providers_list_administrators(provider_id, opts = {}) + data, _status_code, _headers = providers_list_administrators_with_http_info(provider_id, opts) + data + end + + # List Provider Administrators + # This endpoint returns a list of the Administrators associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse20013, Integer, Hash)>] InlineResponse20013 data, response status code and response headers + def providers_list_administrators_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.providers_list_administrators ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_list_administrators" + end + # resource path + local_var_path = '/providers/{provider_id}/administrators'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'sortIgnoreCase'] = @api_client.build_collection_param(opts[:'sort_ignore_case'], :csv) if !opts[:'sort_ignore_case'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse20013' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#providers_list_administrators\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List Provider Organizations + # This endpoint returns a list of the Organizations associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse20015] + def providers_list_organizations(provider_id, opts = {}) + data, _status_code, _headers = providers_list_organizations_with_http_info(provider_id, opts) + data + end + + # List Provider Organizations + # This endpoint returns a list of the Organizations associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse20015, Integer, Hash)>] InlineResponse20015 data, response status code and response headers + def providers_list_organizations_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.providers_list_organizations ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_list_organizations" + end + # resource path + local_var_path = '/providers/{provider_id}/organizations'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'sortIgnoreCase'] = @api_client.build_collection_param(opts[:'sort_ignore_case'], :csv) if !opts[:'sort_ignore_case'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse20015' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#providers_list_organizations\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create a new Provider Administrator + # This endpoint allows you to create a provider administrator. You must be associated with the provider to use this route. You must provide either `role` or `roleName`. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [ProviderAdminReq] :body + # @return [Administrator] + def providers_post_admins(provider_id, opts = {}) + data, _status_code, _headers = providers_post_admins_with_http_info(provider_id, opts) + data + end + + # Create a new Provider Administrator + # This endpoint allows you to create a provider administrator. You must be associated with the provider to use this route. You must provide either `role` or `roleName`. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [ProviderAdminReq] :body + # @return [Array<(Administrator, Integer, Hash)>] Administrator data, response status code and response headers + def providers_post_admins_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.providers_post_admins ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_post_admins" + end + # resource path + local_var_path = '/providers/{provider_id}/administrators'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'Administrator' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#providers_post_admins\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get all cases (Support/Feature requests) for provider + # This endpoint returns the cases (Support/Feature requests) for the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [CasesResponse] + def providers_provider_list_case(provider_id, opts = {}) + data, _status_code, _headers = providers_provider_list_case_with_http_info(provider_id, opts) + data + end + + # Get all cases (Support/Feature requests) for provider + # This endpoint returns the cases (Support/Feature requests) for the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(CasesResponse, Integer, Hash)>] CasesResponse data, response status code and response headers + def providers_provider_list_case_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.providers_provider_list_case ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_provider_list_case" + end + # resource path + local_var_path = '/providers/{provider_id}/cases'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'CasesResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#providers_provider_list_case\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete Provider Administrator + # This endpoint removes an Administrator associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + def providers_remove_administrator(provider_id, id, opts = {}) + providers_remove_administrator_with_http_info(provider_id, id, opts) + nil + end + + # Delete Provider Administrator + # This endpoint removes an Administrator associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def providers_remove_administrator_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.providers_remove_administrator ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_remove_administrator" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ProvidersApi.providers_remove_administrator" + end + # resource path + local_var_path = '/providers/{provider_id}/administrators/{id}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#providers_remove_administrator\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Integrations for Provider + # Retrieves a list of integrations this provider has configured. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [IntegrationsResponse] + def providers_retrieve_integrations(provider_id, opts = {}) + data, _status_code, _headers = providers_retrieve_integrations_with_http_info(provider_id, opts) + data + end + + # Retrieve Integrations for Provider + # Retrieves a list of integrations this provider has configured. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(IntegrationsResponse, Integer, Hash)>] IntegrationsResponse data, response status code and response headers + def providers_retrieve_integrations_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.providers_retrieve_integrations ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_retrieve_integrations" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'IntegrationsResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#providers_retrieve_integrations\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Download a provider's invoice. + # Retrieves an invoice for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [String] + def providers_retrieve_invoice(provider_id, id, opts = {}) + data, _status_code, _headers = providers_retrieve_invoice_with_http_info(provider_id, id, opts) + data + end + + # Download a provider's invoice. + # Retrieves an invoice for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [Array<(String, Integer, Hash)>] String data, response status code and response headers + def providers_retrieve_invoice_with_http_info(provider_id, id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.providers_retrieve_invoice ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_retrieve_invoice" + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling ProvidersApi.providers_retrieve_invoice" + end + # resource path + local_var_path = '/providers/{provider_id}/invoices/{ID}'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'ID' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/pdf']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'String' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#providers_retrieve_invoice\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List a provider's invoices. + # Retrieves a list of invoices for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @return [ProviderInvoiceResponse] + def providers_retrieve_invoices(provider_id, opts = {}) + data, _status_code, _headers = providers_retrieve_invoices_with_http_info(provider_id, opts) + data + end + + # List a provider's invoices. + # Retrieves a list of invoices for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @return [Array<(ProviderInvoiceResponse, Integer, Hash)>] ProviderInvoiceResponse data, response status code and response headers + def providers_retrieve_invoices_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.providers_retrieve_invoices ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_retrieve_invoices" + end + # resource path + local_var_path = '/providers/{provider_id}/invoices'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ProviderInvoiceResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#providers_retrieve_invoices\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Creates a new Syncro integration for the provider + # Creates a new Syncro integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with Syncro. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [SyncroIntegrationReq] :body + # @return [InlineResponse201] + def syncro_create_configuration(provider_id, opts = {}) + data, _status_code, _headers = syncro_create_configuration_with_http_info(provider_id, opts) + data + end + + # Creates a new Syncro integration for the provider + # Creates a new Syncro integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with Syncro. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [SyncroIntegrationReq] :body + # @return [Array<(InlineResponse201, Integer, Hash)>] InlineResponse201 data, response status code and response headers + def syncro_create_configuration_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_create_configuration ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.syncro_create_configuration" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/syncro'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'InlineResponse201' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_create_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete Syncro Integration + # Removes a Syncro integration. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [nil] + def syncro_delete_configuration(uuid, opts = {}) + syncro_delete_configuration_with_http_info(uuid, opts) + nil + end + + # Delete Syncro Integration + # Removes a Syncro integration. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def syncro_delete_configuration_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_delete_configuration ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.syncro_delete_configuration" + end + # resource path + local_var_path = '/integrations/syncro/{UUID}'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_delete_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Syncro Integration Configuration + # Retrieves configuration for given Syncro integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [SyncroIntegration] + def syncro_get_configuration(uuid, opts = {}) + data, _status_code, _headers = syncro_get_configuration_with_http_info(uuid, opts) + data + end + + # Retrieve Syncro Integration Configuration + # Retrieves configuration for given Syncro integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(SyncroIntegration, Integer, Hash)>] SyncroIntegration data, response status code and response headers + def syncro_get_configuration_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_get_configuration ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.syncro_get_configuration" + end + # resource path + local_var_path = '/integrations/syncro/{UUID}'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'SyncroIntegration' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_get_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create, edit, and/or delete Syncro Mappings + # Create, edit, and/or delete mappings between Jumpcloud organizations and Syncro companies. You must be associated to the same provider as the Syncro integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [SyncroMappingRequest] :body + # @return [SyncroMappingRequest] + def syncro_patch_mappings(uuid, opts = {}) + data, _status_code, _headers = syncro_patch_mappings_with_http_info(uuid, opts) + data + end + + # Create, edit, and/or delete Syncro Mappings + # Create, edit, and/or delete mappings between Jumpcloud organizations and Syncro companies. You must be associated to the same provider as the Syncro integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [SyncroMappingRequest] :body + # @return [Array<(SyncroMappingRequest, Integer, Hash)>] SyncroMappingRequest data, response status code and response headers + def syncro_patch_mappings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_patch_mappings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.syncro_patch_mappings" + end + # resource path + local_var_path = '/integrations/syncro/{UUID}/mappings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'SyncroMappingRequest' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_patch_mappings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create, edit, and/or delete Syncro Integration settings + # Create, edit, and/or delete SyncroIntegration settings. You must be associated to the same provider as the Syncro integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [SyncroSettingsPatchReq] :body + # @return [SyncroSettings] + def syncro_patch_settings(uuid, opts = {}) + data, _status_code, _headers = syncro_patch_settings_with_http_info(uuid, opts) + data + end + + # Create, edit, and/or delete Syncro Integration settings + # Create, edit, and/or delete SyncroIntegration settings. You must be associated to the same provider as the Syncro integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [SyncroSettingsPatchReq] :body + # @return [Array<(SyncroSettings, Integer, Hash)>] SyncroSettings data, response status code and response headers + def syncro_patch_settings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_patch_settings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.syncro_patch_settings" + end + # resource path + local_var_path = '/integrations/syncro/{UUID}/settings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 + # form parameters + form_params = opts[:form_params] || {} -=end + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) -require "uri" + return_type = opts[:return_type] || 'SyncroSettings' -module JCAPIv2 - class ProvidersApi - attr_accessor :api_client + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) - def initialize(api_client = ApiClient.default) - @api_client = api_client + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_patch_settings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get all Syncro ticketing alert configuration options for a provider + # Get all Syncro ticketing alert configuration options for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [SyncroTicketingAlertConfigurationOptions] + def syncro_retrieve_all_alert_configuration_options(provider_id, opts = {}) + data, _status_code, _headers = syncro_retrieve_all_alert_configuration_options_with_http_info(provider_id, opts) + data end - # List Provider Administrators - # This endpoint returns a list of the Administrators associated with the Provider. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/providers/{ProviderID}/administrators \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Get all Syncro ticketing alert configuration options for a provider + # Get all Syncro ticketing alert configuration options for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [Array<(SyncroTicketingAlertConfigurationOptions, Integer, Hash)>] SyncroTicketingAlertConfigurationOptions data, response status code and response headers + def syncro_retrieve_all_alert_configuration_options_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_retrieve_all_alert_configuration_options ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.syncro_retrieve_all_alert_configuration_options" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/syncro/alerts/configuration/options'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'SyncroTicketingAlertConfigurationOptions' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_retrieve_all_alert_configuration_options\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get all Syncro ticketing alert configurations for a provider + # Get all Syncro ticketing alert configurations for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [SyncroTicketingAlertConfigurationList] + def syncro_retrieve_all_alert_configurations(provider_id, opts = {}) + data, _status_code, _headers = syncro_retrieve_all_alert_configurations_with_http_info(provider_id, opts) + data + end + + # Get all Syncro ticketing alert configurations for a provider + # Get all Syncro ticketing alert configurations for a provider. # @param provider_id - # @param content_type - # @param accept + # @param [Hash] opts the optional parameters + # @return [Array<(SyncroTicketingAlertConfigurationList, Integer, Hash)>] SyncroTicketingAlertConfigurationList data, response status code and response headers + def syncro_retrieve_all_alert_configurations_with_http_info(provider_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_retrieve_all_alert_configurations ...' + end + # verify the required parameter 'provider_id' is set + if @api_client.config.client_side_validation && provider_id.nil? + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.syncro_retrieve_all_alert_configurations" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/syncro/alerts/configuration'.sub('{' + 'provider_id' + '}', provider_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'SyncroTicketingAlertConfigurationList' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_retrieve_all_alert_configurations\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve Syncro billing mappings dependencies + # Retrieves a list of dependencies for Syncro billing mappings. + # @param uuid # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @return [InlineResponse2001] - def providers_list_administrators(provider_id, content_type, accept, opts = {}) - data, _status_code, _headers = providers_list_administrators_with_http_info(provider_id, content_type, accept, opts) - return data + # @return [SyncroBillingMappingConfigurationOptionsResp] + def syncro_retrieve_billing_mapping_configuration_options(uuid, opts = {}) + data, _status_code, _headers = syncro_retrieve_billing_mapping_configuration_options_with_http_info(uuid, opts) + data end - # List Provider Administrators - # This endpoint returns a list of the Administrators associated with the Provider. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/providers/{ProviderID}/administrators \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param provider_id - # @param content_type - # @param accept + # Retrieve Syncro billing mappings dependencies + # Retrieves a list of dependencies for Syncro billing mappings. + # @param uuid # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @return [Array<(InlineResponse2001, Fixnum, Hash)>] InlineResponse2001 data, response status code and response headers - def providers_list_administrators_with_http_info(provider_id, content_type, accept, opts = {}) + # @return [Array<(SyncroBillingMappingConfigurationOptionsResp, Integer, Hash)>] SyncroBillingMappingConfigurationOptionsResp data, response status code and response headers + def syncro_retrieve_billing_mapping_configuration_options_with_http_info(uuid, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ProvidersApi.providers_list_administrators ..." + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_retrieve_billing_mapping_configuration_options ...' end - # verify the required parameter 'provider_id' is set - if @api_client.config.client_side_validation && provider_id.nil? - fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_list_administrators" + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.syncro_retrieve_billing_mapping_configuration_options" + end + # resource path + local_var_path = '/integrations/syncro/{UUID}/billing_mapping_configuration_options'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'SyncroBillingMappingConfigurationOptionsResp' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_retrieve_billing_mapping_configuration_options\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ProvidersApi.providers_list_administrators" + return data, status_code, headers + end + # Retrieve Syncro Companies + # Retrieves a list of Syncro companies for the given Syncro id. You must be associated to the same provider as the Syncro integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [SyncroCompanyResp] + def syncro_retrieve_companies(uuid, opts = {}) + data, _status_code, _headers = syncro_retrieve_companies_with_http_info(uuid, opts) + data + end + + # Retrieve Syncro Companies + # Retrieves a list of Syncro companies for the given Syncro id. You must be associated to the same provider as the Syncro integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(SyncroCompanyResp, Integer, Hash)>] SyncroCompanyResp data, response status code and response headers + def syncro_retrieve_companies_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_retrieve_companies ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ProvidersApi.providers_list_administrators" + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.syncro_retrieve_companies" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling ProvidersApi.providers_list_administrators, must be greater than or equal to 0.' + # resource path + local_var_path = '/integrations/syncro/{UUID}/companies'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'SyncroCompanyResp' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_retrieve_companies\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end + return data, status_code, headers + end + # Retrieve Syncro mappings + # Retrieves the list of mappings for this Syncro integration. You must be associated to the same provider as the Syncro integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse20010] + def syncro_retrieve_mappings(uuid, opts = {}) + data, _status_code, _headers = syncro_retrieve_mappings_with_http_info(uuid, opts) + data + end + # Retrieve Syncro mappings + # Retrieves the list of mappings for this Syncro integration. You must be associated to the same provider as the Syncro integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(InlineResponse20010, Integer, Hash)>] InlineResponse20010 data, response status code and response headers + def syncro_retrieve_mappings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_retrieve_mappings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.syncro_retrieve_mappings" + end # resource path - local_var_path = "/providers/{provider_id}/administrators".sub('{' + 'provider_id' + '}', provider_id.to_s) + local_var_path = '/integrations/syncro/{UUID}/mappings'.sub('{' + 'UUID' + '}', uuid.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -81,100 +3868,211 @@ def providers_list_administrators_with_http_info(provider_id, content_type, acce query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'InlineResponse20010' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'InlineResponse2001') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: ProvidersApi#providers_list_administrators\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: ProvidersApi#syncro_retrieve_mappings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Retrieve Syncro Integration settings + # Retrieve the Syncro integration settings. You must be associated to the same provider as the Syncro integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [SyncroSettings] + def syncro_retrieve_settings(uuid, opts = {}) + data, _status_code, _headers = syncro_retrieve_settings_with_http_info(uuid, opts) + data + end - # Create a new Provider Administrator - # This endpoint allows you to create a provider administrator. You must be associated to the provider to use this route. **Sample Request** ``` curl -X POST https://console.jumpcloud.com/api/v2/providers/{ProviderID}/administrators \\ -H 'Accept: application/json' \\ -H 'Context-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"email\":\"{ADMIN_EMAIL}\" }' ``` + # Retrieve Syncro Integration settings + # Retrieve the Syncro integration settings. You must be associated to the same provider as the Syncro integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [Array<(SyncroSettings, Integer, Hash)>] SyncroSettings data, response status code and response headers + def syncro_retrieve_settings_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_retrieve_settings ...' + end + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.syncro_retrieve_settings" + end + # resource path + local_var_path = '/integrations/syncro/{UUID}/settings'.sub('{' + 'UUID' + '}', uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'SyncroSettings' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_retrieve_settings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update a Syncro ticketing alert's configuration + # Update a Syncro ticketing alert's configuration # @param provider_id - # @param content_type - # @param accept + # @param alert_uuid # @param [Hash] opts the optional parameters - # @option opts [ProviderAdminReq] :body - # @return [Administrator] - def providers_post_admins(provider_id, content_type, accept, opts = {}) - data, _status_code, _headers = providers_post_admins_with_http_info(provider_id, content_type, accept, opts) - return data + # @option opts [SyncroTicketingAlertConfigurationRequest] :body + # @return [SyncroTicketingAlertConfiguration] + def syncro_update_alert_configuration(provider_id, alert_uuid, opts = {}) + data, _status_code, _headers = syncro_update_alert_configuration_with_http_info(provider_id, alert_uuid, opts) + data end - # Create a new Provider Administrator - # This endpoint allows you to create a provider administrator. You must be associated to the provider to use this route. **Sample Request** ``` curl -X POST https://console.jumpcloud.com/api/v2/providers/{ProviderID}/administrators \\ -H 'Accept: application/json' \\ -H 'Context-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"email\":\"{ADMIN_EMAIL}\" }' ``` + # Update a Syncro ticketing alert's configuration + # Update a Syncro ticketing alert's configuration # @param provider_id - # @param content_type - # @param accept + # @param alert_uuid # @param [Hash] opts the optional parameters - # @option opts [ProviderAdminReq] :body - # @return [Array<(Administrator, Fixnum, Hash)>] Administrator data, response status code and response headers - def providers_post_admins_with_http_info(provider_id, content_type, accept, opts = {}) + # @option opts [SyncroTicketingAlertConfigurationRequest] :body + # @return [Array<(SyncroTicketingAlertConfiguration, Integer, Hash)>] SyncroTicketingAlertConfiguration data, response status code and response headers + def syncro_update_alert_configuration_with_http_info(provider_id, alert_uuid, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: ProvidersApi.providers_post_admins ..." + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_update_alert_configuration ...' end # verify the required parameter 'provider_id' is set if @api_client.config.client_side_validation && provider_id.nil? - fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.providers_post_admins" + fail ArgumentError, "Missing the required parameter 'provider_id' when calling ProvidersApi.syncro_update_alert_configuration" + end + # verify the required parameter 'alert_uuid' is set + if @api_client.config.client_side_validation && alert_uuid.nil? + fail ArgumentError, "Missing the required parameter 'alert_uuid' when calling ProvidersApi.syncro_update_alert_configuration" + end + # resource path + local_var_path = '/providers/{provider_id}/integrations/syncro/alerts/{alert_UUID}/configuration'.sub('{' + 'provider_id' + '}', provider_id.to_s).sub('{' + 'alert_UUID' + '}', alert_uuid.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'SyncroTicketingAlertConfiguration' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: ProvidersApi#syncro_update_alert_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling ProvidersApi.providers_post_admins" + return data, status_code, headers + end + # Update Syncro Integration configuration + # Update the Syncro integration configuration. A 422 Unprocessable Entity response means the server failed to validate with Syncro. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [SyncroIntegrationPatchReq] :body + # @return [SyncroIntegration] + def syncro_update_configuration(uuid, opts = {}) + data, _status_code, _headers = syncro_update_configuration_with_http_info(uuid, opts) + data + end + + # Update Syncro Integration configuration + # Update the Syncro integration configuration. A 422 Unprocessable Entity response means the server failed to validate with Syncro. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [SyncroIntegrationPatchReq] :body + # @return [Array<(SyncroIntegration, Integer, Hash)>] SyncroIntegration data, response status code and response headers + def syncro_update_configuration_with_http_info(uuid, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: ProvidersApi.syncro_update_configuration ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling ProvidersApi.providers_post_admins" + # verify the required parameter 'uuid' is set + if @api_client.config.client_side_validation && uuid.nil? + fail ArgumentError, "Missing the required parameter 'uuid' when calling ProvidersApi.syncro_update_configuration" end # resource path - local_var_path = "/providers/{provider_id}/administrators".sub('{' + 'provider_id' + '}', provider_id.to_s) + local_var_path = '/integrations/syncro/{UUID}'.sub('{' + 'UUID' + '}', uuid.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:POST, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'SyncroIntegration' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Administrator') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: ProvidersApi#providers_post_admins\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: ProvidersApi#syncro_update_configuration\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv2/lib/jcapiv2/api/radius_servers_api.rb b/jcapiv2/lib/jcapiv2/api/radius_servers_api.rb index 0c5934b..490176a 100644 --- a/jcapiv2/lib/jcapiv2/api/radius_servers_api.rb +++ b/jcapiv2/lib/jcapiv2/api/radius_servers_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class RADIUSServersApi attr_accessor :api_client @@ -19,37 +16,32 @@ class RADIUSServersApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List the associations of a RADIUS Server # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"radius_server\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_radius_server_associations_list(radiusserver_id, targets, content_type, accept, opts = {}) - data, _status_code, _headers = graph_radius_server_associations_list_with_http_info(radiusserver_id, targets, content_type, accept, opts) - return data + def graph_radius_server_associations_list(radiusserver_id, targets, opts = {}) + data, _status_code, _headers = graph_radius_server_associations_list_with_http_info(radiusserver_id, targets, opts) + data end # List the associations of a RADIUS Server - # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"radius_server\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_radius_server_associations_list_with_http_info(radiusserver_id, targets, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_radius_server_associations_list_with_http_info(radiusserver_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: RADIUSServersApi.graph_radius_server_associations_list ..." + @api_client.config.logger.debug 'Calling API: RADIUSServersApi.graph_radius_server_associations_list ...' end # verify the required parameter 'radiusserver_id' is set if @api_client.config.client_side_validation && radiusserver_id.nil? @@ -59,293 +51,235 @@ def graph_radius_server_associations_list_with_http_info(radiusserver_id, target if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling RADIUSServersApi.graph_radius_server_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling RADIUSServersApi.graph_radius_server_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling RADIUSServersApi.graph_radius_server_associations_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling RADIUSServersApi.graph_radius_server_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/radiusservers/{radiusserver_id}/associations".sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) + local_var_path = '/radiusservers/{radiusserver_id}/associations'.sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: RADIUSServersApi#graph_radius_server_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a RADIUS Server # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationRadiusServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_radius_server_associations_post(radiusserver_id, content_type, accept, opts = {}) - graph_radius_server_associations_post_with_http_info(radiusserver_id, content_type, accept, opts) - return nil + def graph_radius_server_associations_post(radiusserver_id, opts = {}) + graph_radius_server_associations_post_with_http_info(radiusserver_id, opts) + nil end # Manage the associations of a RADIUS Server - # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_radius_server_associations_post_with_http_info(radiusserver_id, content_type, accept, opts = {}) + # @option opts [GraphOperationRadiusServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_radius_server_associations_post_with_http_info(radiusserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: RADIUSServersApi.graph_radius_server_associations_post ..." + @api_client.config.logger.debug 'Calling API: RADIUSServersApi.graph_radius_server_associations_post ...' end # verify the required parameter 'radiusserver_id' is set if @api_client.config.client_side_validation && radiusserver_id.nil? fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling RADIUSServersApi.graph_radius_server_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling RADIUSServersApi.graph_radius_server_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling RADIUSServersApi.graph_radius_server_associations_post" - end # resource path - local_var_path = "/radiusservers/{radiusserver_id}/associations".sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) + local_var_path = '/radiusservers/{radiusserver_id}/associations'.sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: RADIUSServersApi#graph_radius_server_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to a RADIUS Server # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_radius_server_traverse_user(radiusserver_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_radius_server_traverse_user_with_http_info(radiusserver_id, content_type, accept, opts) - return data + def graph_radius_server_traverse_user(radiusserver_id, opts = {}) + data, _status_code, _headers = graph_radius_server_traverse_user_with_http_info(radiusserver_id, opts) + data end # List the Users bound to a RADIUS Server - # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_radius_server_traverse_user_with_http_info(radiusserver_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_radius_server_traverse_user_with_http_info(radiusserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: RADIUSServersApi.graph_radius_server_traverse_user ..." + @api_client.config.logger.debug 'Calling API: RADIUSServersApi.graph_radius_server_traverse_user ...' end # verify the required parameter 'radiusserver_id' is set if @api_client.config.client_side_validation && radiusserver_id.nil? fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling RADIUSServersApi.graph_radius_server_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling RADIUSServersApi.graph_radius_server_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling RADIUSServersApi.graph_radius_server_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling RADIUSServersApi.graph_radius_server_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/radiusservers/{radiusserver_id}/users".sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) + local_var_path = '/radiusservers/{radiusserver_id}/users'.sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: RADIUSServersApi#graph_radius_server_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to a RADIUS Server # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_radius_server_traverse_user_group(radiusserver_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_radius_server_traverse_user_group_with_http_info(radiusserver_id, content_type, accept, opts) - return data + def graph_radius_server_traverse_user_group(radiusserver_id, opts = {}) + data, _status_code, _headers = graph_radius_server_traverse_user_group_with_http_info(radiusserver_id, opts) + data end # List the User Groups bound to a RADIUS Server - # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_radius_server_traverse_user_group_with_http_info(radiusserver_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_radius_server_traverse_user_group_with_http_info(radiusserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: RADIUSServersApi.graph_radius_server_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: RADIUSServersApi.graph_radius_server_traverse_user_group ...' end # verify the required parameter 'radiusserver_id' is set if @api_client.config.client_side_validation && radiusserver_id.nil? fail ArgumentError, "Missing the required parameter 'radiusserver_id' when calling RADIUSServersApi.graph_radius_server_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling RADIUSServersApi.graph_radius_server_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling RADIUSServersApi.graph_radius_server_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling RADIUSServersApi.graph_radius_server_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/radiusservers/{radiusserver_id}/usergroups".sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) + local_var_path = '/radiusservers/{radiusserver_id}/usergroups'.sub('{' + 'radiusserver_id' + '}', radiusserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: RADIUSServersApi#graph_radius_server_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/samba_domains_api.rb b/jcapiv2/lib/jcapiv2/api/samba_domains_api.rb index e729c20..9e899e8 100644 --- a/jcapiv2/lib/jcapiv2/api/samba_domains_api.rb +++ b/jcapiv2/lib/jcapiv2/api/samba_domains_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class SambaDomainsApi attr_accessor :api_client @@ -19,33 +16,28 @@ class SambaDomainsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Delete Samba Domain # This endpoint allows you to delete a samba domain from an LDAP server. ##### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param id Unique identifier of the samba domain. # @param [Hash] opts the optional parameters - # @option opts [String] :content_type (default to application/json) - # @option opts [String] :accept (default to application/json) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [String] def ldapservers_samba_domains_delete(ldapserver_id, id, opts = {}) data, _status_code, _headers = ldapservers_samba_domains_delete_with_http_info(ldapserver_id, id, opts) - return data + data end # Delete Samba Domain - # This endpoint allows you to delete a samba domain from an LDAP server. ##### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a samba domain from an LDAP server. ##### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param id Unique identifier of the samba domain. # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept - # @option opts [String] :x_org_id - # @return [Array<(String, Fixnum, Hash)>] String data, response status code and response headers + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(String, Integer, Hash)>] String data, response status code and response headers def ldapservers_samba_domains_delete_with_http_info(ldapserver_id, id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SambaDomainsApi.ldapservers_samba_domains_delete ..." + @api_client.config.logger.debug 'Calling API: SambaDomainsApi.ldapservers_samba_domains_delete ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? @@ -56,66 +48,61 @@ def ldapservers_samba_domains_delete_with_http_info(ldapserver_id, id, opts = {} fail ArgumentError, "Missing the required parameter 'id' when calling SambaDomainsApi.ldapservers_samba_domains_delete" end # resource path - local_var_path = "/ldapservers/{ldapserver_id}/sambadomains/{id}".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s).sub('{' + 'id' + '}', id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/sambadomains/{id}'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s).sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = opts[:'content_type'] if !opts[:'content_type'].nil? - header_params[:'Accept'] = opts[:'accept'] if !opts[:'accept'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'String' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'String') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SambaDomainsApi#ldapservers_samba_domains_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get Samba Domain # This endpoint returns a specific samba domain for an LDAP server. ##### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/ldapservers/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param id Unique identifier of the samba domain. # @param [Hash] opts the optional parameters - # @option opts [String] :content_type (default to application/json) - # @option opts [String] :accept (default to application/json) - # @option opts [String] :x_org_id (default to ) - # @return [SambaDomainOutput] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SambaDomain] def ldapservers_samba_domains_get(ldapserver_id, id, opts = {}) data, _status_code, _headers = ldapservers_samba_domains_get_with_http_info(ldapserver_id, id, opts) - return data + data end # Get Samba Domain - # This endpoint returns a specific samba domain for an LDAP server. ##### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/ldapservers/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific samba domain for an LDAP server. ##### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/ldapservers/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param id Unique identifier of the samba domain. # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept - # @option opts [String] :x_org_id - # @return [Array<(SambaDomainOutput, Fixnum, Hash)>] SambaDomainOutput data, response status code and response headers + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(SambaDomain, Integer, Hash)>] SambaDomain data, response status code and response headers def ldapservers_samba_domains_get_with_http_info(ldapserver_id, id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SambaDomainsApi.ldapservers_samba_domains_get ..." + @api_client.config.logger.debug 'Calling API: SambaDomainsApi.ldapservers_samba_domains_get ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? @@ -126,88 +113,79 @@ def ldapservers_samba_domains_get_with_http_info(ldapserver_id, id, opts = {}) fail ArgumentError, "Missing the required parameter 'id' when calling SambaDomainsApi.ldapservers_samba_domains_get" end # resource path - local_var_path = "/ldapservers/{ldapserver_id}/sambadomains/{id}".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s).sub('{' + 'id' + '}', id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/sambadomains/{id}'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s).sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = opts[:'content_type'] if !opts[:'content_type'].nil? - header_params[:'Accept'] = opts[:'accept'] if !opts[:'accept'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'SambaDomain' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'SambaDomainOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SambaDomainsApi#ldapservers_samba_domains_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List Samba Domains # This endpoint returns all samba domains for an LDAP server. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param [Hash] opts the optional parameters - # @option opts [String] :content_type (default to application/json) - # @option opts [String] :accept (default to application/json) # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) - # @return [Array] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] def ldapservers_samba_domains_list(ldapserver_id, opts = {}) data, _status_code, _headers = ldapservers_samba_domains_list_with_http_info(ldapserver_id, opts) - return data + data end # List Samba Domains - # This endpoint returns all samba domains for an LDAP server. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all samba domains for an LDAP server. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers def ldapservers_samba_domains_list_with_http_info(ldapserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SambaDomainsApi.ldapservers_samba_domains_list ..." + @api_client.config.logger.debug 'Calling API: SambaDomainsApi.ldapservers_samba_domains_list ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? fail ArgumentError, "Missing the required parameter 'ldapserver_id' when calling SambaDomainsApi.ldapservers_samba_domains_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SambaDomainsApi.ldapservers_samba_domains_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/ldapservers/{ldapserver_id}/sambadomains".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/sambadomains'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -215,128 +193,118 @@ def ldapservers_samba_domains_list_with_http_info(ldapserver_id, opts = {}) query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = opts[:'content_type'] if !opts[:'content_type'].nil? - header_params[:'Accept'] = opts[:'accept'] if !opts[:'accept'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SambaDomainsApi#ldapservers_samba_domains_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create Samba Domain - # This endpoint allows you to create a samba domain for an LDAP server. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` + # This endpoint allows you to create a samba domain for an LDAP server. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param [Hash] opts the optional parameters - # @option opts [SambaDomainInput] :body - # @option opts [String] :content_type (default to application/json) - # @option opts [String] :accept (default to application/json) - # @option opts [String] :x_org_id (default to ) - # @return [SambaDomainOutput] + # @option opts [SambaDomain] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SambaDomain] def ldapservers_samba_domains_post(ldapserver_id, opts = {}) data, _status_code, _headers = ldapservers_samba_domains_post_with_http_info(ldapserver_id, opts) - return data + data end # Create Samba Domain - # This endpoint allows you to create a samba domain for an LDAP server. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` + # This endpoint allows you to create a samba domain for an LDAP server. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param [Hash] opts the optional parameters - # @option opts [SambaDomainInput] :body - # @option opts [String] :content_type - # @option opts [String] :accept - # @option opts [String] :x_org_id - # @return [Array<(SambaDomainOutput, Fixnum, Hash)>] SambaDomainOutput data, response status code and response headers + # @option opts [SambaDomain] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(SambaDomain, Integer, Hash)>] SambaDomain data, response status code and response headers def ldapservers_samba_domains_post_with_http_info(ldapserver_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SambaDomainsApi.ldapservers_samba_domains_post ..." + @api_client.config.logger.debug 'Calling API: SambaDomainsApi.ldapservers_samba_domains_post ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? fail ArgumentError, "Missing the required parameter 'ldapserver_id' when calling SambaDomainsApi.ldapservers_samba_domains_post" end # resource path - local_var_path = "/ldapservers/{ldapserver_id}/sambadomains".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/sambadomains'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = opts[:'content_type'] if !opts[:'content_type'].nil? - header_params[:'Accept'] = opts[:'accept'] if !opts[:'accept'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'SambaDomain' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'SambaDomainOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SambaDomainsApi#ldapservers_samba_domains_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Update Samba Domain - # This endpoint allows you to update the samba domain information for an LDAP server. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` + # This endpoint allows you to update the samba domain information for an LDAP server. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param id Unique identifier of the samba domain. # @param [Hash] opts the optional parameters - # @option opts [SambaDomainInput] :body - # @option opts [String] :content_type (default to application/json) - # @option opts [String] :accept (default to application/json) - # @option opts [String] :x_org_id (default to ) - # @return [SambaDomainOutput] + # @option opts [SambaDomain] :body + # @return [SambaDomain] def ldapservers_samba_domains_put(ldapserver_id, id, opts = {}) data, _status_code, _headers = ldapservers_samba_domains_put_with_http_info(ldapserver_id, id, opts) - return data + data end # Update Samba Domain - # This endpoint allows you to update the samba domain information for an LDAP server. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` + # This endpoint allows you to update the samba domain information for an LDAP server. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param id Unique identifier of the samba domain. # @param [Hash] opts the optional parameters - # @option opts [SambaDomainInput] :body - # @option opts [String] :content_type - # @option opts [String] :accept - # @option opts [String] :x_org_id - # @return [Array<(SambaDomainOutput, Fixnum, Hash)>] SambaDomainOutput data, response status code and response headers + # @option opts [SambaDomain] :body + # @return [Array<(SambaDomain, Integer, Hash)>] SambaDomain data, response status code and response headers def ldapservers_samba_domains_put_with_http_info(ldapserver_id, id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SambaDomainsApi.ldapservers_samba_domains_put ..." + @api_client.config.logger.debug 'Calling API: SambaDomainsApi.ldapservers_samba_domains_put ...' end # verify the required parameter 'ldapserver_id' is set if @api_client.config.client_side_validation && ldapserver_id.nil? @@ -347,34 +315,35 @@ def ldapservers_samba_domains_put_with_http_info(ldapserver_id, id, opts = {}) fail ArgumentError, "Missing the required parameter 'id' when calling SambaDomainsApi.ldapservers_samba_domains_put" end # resource path - local_var_path = "/ldapservers/{ldapserver_id}/sambadomains/{id}".sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s).sub('{' + 'id' + '}', id.to_s) + local_var_path = '/ldapservers/{ldapserver_id}/sambadomains/{id}'.sub('{' + 'ldapserver_id' + '}', ldapserver_id.to_s).sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = opts[:'content_type'] if !opts[:'content_type'].nil? - header_params[:'Accept'] = opts[:'accept'] if !opts[:'accept'].nil? - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'SambaDomain' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'SambaDomainOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SambaDomainsApi#ldapservers_samba_domains_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/scim_import_api.rb b/jcapiv2/lib/jcapiv2/api/scim_import_api.rb new file mode 100644 index 0000000..2738a37 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/scim_import_api.rb @@ -0,0 +1,103 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class SCIMImportApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Get a list of users to import from an Application IdM service provider + # Get a list of users to import from an Application IdM service provider. + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [String] :filter Filter users by a search term + # @option opts [String] :query URL query to merge with the service provider request + # @option opts [String] :sort Sort users by supported fields + # @option opts [String] :sort_order (default to asc) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [ImportUsersResponse] + def import_users(application_id, opts = {}) + data, _status_code, _headers = import_users_with_http_info(application_id, opts) + data + end + + # Get a list of users to import from an Application IdM service provider + # Get a list of users to import from an Application IdM service provider. + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [String] :filter Filter users by a search term + # @option opts [String] :query URL query to merge with the service provider request + # @option opts [String] :sort Sort users by supported fields + # @option opts [String] :sort_order + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(ImportUsersResponse, Integer, Hash)>] ImportUsersResponse data, response status code and response headers + def import_users_with_http_info(application_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SCIMImportApi.import_users ...' + end + # verify the required parameter 'application_id' is set + if @api_client.config.client_side_validation && application_id.nil? + fail ArgumentError, "Missing the required parameter 'application_id' when calling SCIMImportApi.import_users" + end + if @api_client.config.client_side_validation && opts[:'sort'] && !['', 'firstname', 'lastname', 'email'].include?(opts[:'sort']) + fail ArgumentError, 'invalid value for "sort", must be one of , firstname, lastname, email' + end + if @api_client.config.client_side_validation && opts[:'sort_order'] && !['asc', 'desc'].include?(opts[:'sort_order']) + fail ArgumentError, 'invalid value for "sort_order", must be one of asc, desc' + end + # resource path + local_var_path = '/applications/{application_id}/import/users'.sub('{' + 'application_id' + '}', application_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil? + query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil? + query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? + query_params[:'sortOrder'] = opts[:'sort_order'] if !opts[:'sort_order'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'ImportUsersResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SCIMImportApi#import_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/software_apps_api.rb b/jcapiv2/lib/jcapiv2/api/software_apps_api.rb new file mode 100644 index 0000000..ec55e78 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/software_apps_api.rb @@ -0,0 +1,841 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class SoftwareAppsApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # List the associations of a Software Application + # This endpoint will return the _direct_ associations of a Software Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Software Application and System Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param targets Targets which a \"software_app\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def graph_softwareapps_associations_list(software_app_id, targets, opts = {}) + data, _status_code, _headers = graph_softwareapps_associations_list_with_http_info(software_app_id, targets, opts) + data + end + + # List the associations of a Software Application + # This endpoint will return the _direct_ associations of a Software Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Software Application and System Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param targets Targets which a \"software_app\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_softwareapps_associations_list_with_http_info(software_app_id, targets, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.graph_softwareapps_associations_list ...' + end + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling SoftwareAppsApi.graph_softwareapps_associations_list" + end + # verify the required parameter 'targets' is set + if @api_client.config.client_side_validation && targets.nil? + fail ArgumentError, "Missing the required parameter 'targets' when calling SoftwareAppsApi.graph_softwareapps_associations_list" + end + # resource path + local_var_path = '/softwareapps/{software_app_id}/associations'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#graph_softwareapps_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Manage the associations of a software application. + # This endpoint allows you to associate or disassociate a software application to a system or system group. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"id\": \"\", \"op\": \"add\", \"type\": \"system\" }' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationSoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def graph_softwareapps_associations_post(software_app_id, opts = {}) + graph_softwareapps_associations_post_with_http_info(software_app_id, opts) + nil + end + + # Manage the associations of a software application. + # This endpoint allows you to associate or disassociate a software application to a system or system group. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"id\": \"<object_id>\", \"op\": \"add\", \"type\": \"system\" }' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationSoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_softwareapps_associations_post_with_http_info(software_app_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.graph_softwareapps_associations_post ...' + end + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling SoftwareAppsApi.graph_softwareapps_associations_post" + end + # resource path + local_var_path = '/softwareapps/{software_app_id}/associations'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#graph_softwareapps_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the Systems bound to a Software App. + # This endpoint will return all Systems bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_softwareapps_traverse_system(software_app_id, opts = {}) + data, _status_code, _headers = graph_softwareapps_traverse_system_with_http_info(software_app_id, opts) + data + end + + # List the Systems bound to a Software App. + # This endpoint will return all Systems bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_softwareapps_traverse_system_with_http_info(software_app_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.graph_softwareapps_traverse_system ...' + end + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling SoftwareAppsApi.graph_softwareapps_traverse_system" + end + # resource path + local_var_path = '/softwareapps/{software_app_id}/systems'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#graph_softwareapps_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List the System Groups bound to a Software App. + # This endpoint will return all Systems Groups bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_softwareapps_traverse_system_group(software_app_id, opts = {}) + data, _status_code, _headers = graph_softwareapps_traverse_system_group_with_http_info(software_app_id, opts) + data + end + + # List the System Groups bound to a Software App. + # This endpoint will return all Systems Groups bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_softwareapps_traverse_system_group_with_http_info(software_app_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.graph_softwareapps_traverse_system_group ...' + end + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling SoftwareAppsApi.graph_softwareapps_traverse_system_group" + end + # resource path + local_var_path = '/softwareapps/{software_app_id}/systemgroups'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#graph_softwareapps_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get the status of the provided Software Application + # This endpoint allows you to get the status of the provided Software Application on associated JumpCloud systems. #### Sample Request ``` $ curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/statuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + def software_app_statuses_list(software_app_id, opts = {}) + data, _status_code, _headers = software_app_statuses_list_with_http_info(software_app_id, opts) + data + end + + # Get the status of the provided Software Application + # This endpoint allows you to get the status of the provided Software Application on associated JumpCloud systems. #### Sample Request ``` $ curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/statuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def software_app_statuses_list_with_http_info(software_app_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.software_app_statuses_list ...' + end + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling SoftwareAppsApi.software_app_statuses_list" + end + # resource path + local_var_path = '/softwareapps/{software_app_id}/statuses'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#software_app_statuses_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete a configured Software Application + # Removes a Software Application configuration. Warning: This is a destructive operation and will unmanage the application on all affected systems. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + def software_apps_delete(id, opts = {}) + software_apps_delete_with_http_info(id, opts) + nil + end + + # Delete a configured Software Application + # Removes a Software Application configuration. Warning: This is a destructive operation and will unmanage the application on all affected systems. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def software_apps_delete_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.software_apps_delete ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SoftwareAppsApi.software_apps_delete" + end + # resource path + local_var_path = '/softwareapps/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#software_apps_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retrieve a configured Software Application. + # Retrieves a Software Application. The optional isConfigEnabled and appConfiguration apple_vpp attributes are populated in this response. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SoftwareApp] + def software_apps_get(id, opts = {}) + data, _status_code, _headers = software_apps_get_with_http_info(id, opts) + data + end + + # Retrieve a configured Software Application. + # Retrieves a Software Application. The optional isConfigEnabled and appConfiguration apple_vpp attributes are populated in this response. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(SoftwareApp, Integer, Hash)>] SoftwareApp data, response status code and response headers + def software_apps_get_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.software_apps_get ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SoftwareAppsApi.software_apps_get" + end + # resource path + local_var_path = '/softwareapps/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'SoftwareApp' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#software_apps_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get all configured Software Applications. + # This endpoint allows you to get all configured Software Applications that will be managed by JumpCloud on associated JumpCloud systems. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request ``` $ curl -X GET https://console.jumpcloud.com/api/v2/softwareapps \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + def software_apps_list(opts = {}) + data, _status_code, _headers = software_apps_list_with_http_info(opts) + data + end + + # Get all configured Software Applications. + # This endpoint allows you to get all configured Software Applications that will be managed by JumpCloud on associated JumpCloud systems. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request ``` $ curl -X GET https://console.jumpcloud.com/api/v2/softwareapps \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def software_apps_list_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.software_apps_list ...' + end + # resource path + local_var_path = '/softwareapps' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#software_apps_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create a Software Application that will be managed by JumpCloud. + # This endpoint allows you to create a Software Application that will be managed by JumpCloud on associated JumpCloud systems. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"Adobe Reader\", \"settings\": [{\"packageId\": \"adobereader\"}] }' ``` + # @param [Hash] opts the optional parameters + # @option opts [SoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SoftwareAppCreate] + def software_apps_post(opts = {}) + data, _status_code, _headers = software_apps_post_with_http_info(opts) + data + end + + # Create a Software Application that will be managed by JumpCloud. + # This endpoint allows you to create a Software Application that will be managed by JumpCloud on associated JumpCloud systems. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"Adobe Reader\", \"settings\": [{\"packageId\": \"adobereader\"}] }' ``` + # @param [Hash] opts the optional parameters + # @option opts [SoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(SoftwareAppCreate, Integer, Hash)>] SoftwareAppCreate data, response status code and response headers + def software_apps_post_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.software_apps_post ...' + end + # resource path + local_var_path = '/softwareapps' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'SoftwareAppCreate' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#software_apps_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Reclaim Licenses for a Software Application. + # This endpoint allows you to reclaim the licenses from a software app associated with devices that are deleted. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/reclaim-licenses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param software_app_id + # @param [Hash] opts the optional parameters + # @return [SoftwareAppReclaimLicenses] + def software_apps_reclaim_licenses(software_app_id, opts = {}) + data, _status_code, _headers = software_apps_reclaim_licenses_with_http_info(software_app_id, opts) + data + end + + # Reclaim Licenses for a Software Application. + # This endpoint allows you to reclaim the licenses from a software app associated with devices that are deleted. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/reclaim-licenses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param software_app_id + # @param [Hash] opts the optional parameters + # @return [Array<(SoftwareAppReclaimLicenses, Integer, Hash)>] SoftwareAppReclaimLicenses data, response status code and response headers + def software_apps_reclaim_licenses_with_http_info(software_app_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.software_apps_reclaim_licenses ...' + end + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling SoftwareAppsApi.software_apps_reclaim_licenses" + end + # resource path + local_var_path = '/softwareapps/{software_app_id}/reclaim-licenses'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'SoftwareAppReclaimLicenses' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#software_apps_reclaim_licenses\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Retry Installation for a Software Application + # This endpoints initiates an installation retry of an Apple VPP App for the provided system IDs #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/retry-installation \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"system_ids\": \"{, , ...}\"}' ``` + # @param body + # @param software_app_id + # @param [Hash] opts the optional parameters + # @return [nil] + def software_apps_retry_installation(body, software_app_id, opts = {}) + software_apps_retry_installation_with_http_info(body, software_app_id, opts) + nil + end + + # Retry Installation for a Software Application + # This endpoints initiates an installation retry of an Apple VPP App for the provided system IDs #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/retry-installation \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"system_ids\": \"{<system_id_1>, <system_id_2>, ...}\"}' ``` + # @param body + # @param software_app_id + # @param [Hash] opts the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def software_apps_retry_installation_with_http_info(body, software_app_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.software_apps_retry_installation ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SoftwareAppsApi.software_apps_retry_installation" + end + # verify the required parameter 'software_app_id' is set + if @api_client.config.client_side_validation && software_app_id.nil? + fail ArgumentError, "Missing the required parameter 'software_app_id' when calling SoftwareAppsApi.software_apps_retry_installation" + end + # resource path + local_var_path = '/softwareapps/{software_app_id}/retry-installation'.sub('{' + 'software_app_id' + '}', software_app_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#software_apps_retry_installation\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update a Software Application Configuration. + # This endpoint updates a specific Software Application configuration for the organization. displayName can be changed alone if no settings are provided. If a setting is provided, it should include all its information since this endpoint will update all the settings' fields. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request - displayName only ``` curl -X PUT https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"My Software App\" }' ``` #### Sample Request - all attributes ``` curl -X PUT https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"My Software App\", \"settings\": [ { \"packageId\": \"123456\", \"autoUpdate\": false, \"allowUpdateDelay\": false, \"packageManager\": \"APPLE_VPP\", \"locationObjectId\": \"123456789012123456789012\", \"location\": \"123456\", \"desiredState\": \"Install\", \"appleVpp\": { \"appConfiguration\": \"MyKeyMy String\", \"assignedLicenses\": 20, \"availableLicenses\": 10, \"details\": {}, \"isConfigEnabled\": true, \"supportedDeviceFamilies\": [ \"IPAD\", \"MAC\" ], \"totalLicenses\": 30 }, \"packageSubtitle\": \"My package subtitle\", \"packageVersion\": \"1.2.3\", \"packageKind\": \"software-package\", \"assetKind\": \"software\", \"assetSha256Size\": 256, \"assetSha256Strings\": [ \"a123b123c123d123\" ], \"description\": \"My app description\" } ] }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [SoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SoftwareApp] + def software_apps_update(id, opts = {}) + data, _status_code, _headers = software_apps_update_with_http_info(id, opts) + data + end + + # Update a Software Application Configuration. + # This endpoint updates a specific Software Application configuration for the organization. displayName can be changed alone if no settings are provided. If a setting is provided, it should include all its information since this endpoint will update all the settings' fields. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request - displayName only ``` curl -X PUT https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"My Software App\" }' ``` #### Sample Request - all attributes ``` curl -X PUT https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"My Software App\", \"settings\": [ { \"packageId\": \"123456\", \"autoUpdate\": false, \"allowUpdateDelay\": false, \"packageManager\": \"APPLE_VPP\", \"locationObjectId\": \"123456789012123456789012\", \"location\": \"123456\", \"desiredState\": \"Install\", \"appleVpp\": { \"appConfiguration\": \"<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?><!DOCTYPE plist PUBLIC \\\"-//Apple//DTD PLIST 1.0//EN\\\" \\\"http://www.apple.com/DTDs/PropertyList-1.0.dtd\\\"><plist version=\\\"1.0\\\"><dict><key>MyKey</key><string>My String</string></dict></plist>\", \"assignedLicenses\": 20, \"availableLicenses\": 10, \"details\": {}, \"isConfigEnabled\": true, \"supportedDeviceFamilies\": [ \"IPAD\", \"MAC\" ], \"totalLicenses\": 30 }, \"packageSubtitle\": \"My package subtitle\", \"packageVersion\": \"1.2.3\", \"packageKind\": \"software-package\", \"assetKind\": \"software\", \"assetSha256Size\": 256, \"assetSha256Strings\": [ \"a123b123c123d123\" ], \"description\": \"My app description\" } ] }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [SoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(SoftwareApp, Integer, Hash)>] SoftwareApp data, response status code and response headers + def software_apps_update_with_http_info(id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.software_apps_update ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SoftwareAppsApi.software_apps_update" + end + # resource path + local_var_path = '/softwareapps/{id}'.sub('{' + 'id' + '}', id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'SoftwareApp' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#software_apps_update\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Validate Installation Packages + # Validates an application install package from the specified URL to calculate the SHA256 hash and extract the installer manifest details. #### Sample Request ``` curl -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -d '{\"url\": \"https://dl.google.com/dl/chrome/mac/universal/stable/gcem/GoogleChrome.pkg\"}' \\ -i -X POST https://console.jumpcloud.com/api/v2/softwareapps/validate ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [JumpcloudPackageValidatorValidateApplicationInstallPackageResponse] + def validator_validate_application_install_package(body, opts = {}) + data, _status_code, _headers = validator_validate_application_install_package_with_http_info(body, opts) + data + end + + # Validate Installation Packages + # Validates an application install package from the specified URL to calculate the SHA256 hash and extract the installer manifest details. #### Sample Request ``` curl -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -d '{\"url\": \"https://dl.google.com/dl/chrome/mac/universal/stable/gcem/GoogleChrome.pkg\"}' \\ -i -X POST https://console.jumpcloud.com/api/v2/softwareapps/validate ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [Array<(JumpcloudPackageValidatorValidateApplicationInstallPackageResponse, Integer, Hash)>] JumpcloudPackageValidatorValidateApplicationInstallPackageResponse data, response status code and response headers + def validator_validate_application_install_package_with_http_info(body, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SoftwareAppsApi.validator_validate_application_install_package ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SoftwareAppsApi.validator_validate_application_install_package" + end + # resource path + local_var_path = '/softwareapps/validate' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'JumpcloudPackageValidatorValidateApplicationInstallPackageResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SoftwareAppsApi#validator_validate_application_install_package\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/subscriptions_api.rb b/jcapiv2/lib/jcapiv2/api/subscriptions_api.rb new file mode 100644 index 0000000..be08d3a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/subscriptions_api.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class SubscriptionsApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Lists all the Pricing & Packaging Subscriptions + # This endpoint returns all pricing & packaging subscriptions. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/subscriptions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @return [Array] + def subscriptions_get(opts = {}) + data, _status_code, _headers = subscriptions_get_with_http_info(opts) + data + end + + # Lists all the Pricing & Packaging Subscriptions + # This endpoint returns all pricing & packaging subscriptions. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/subscriptions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def subscriptions_get_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SubscriptionsApi.subscriptions_get ...' + end + # resource path + local_var_path = '/subscriptions' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || [] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SubscriptionsApi#subscriptions_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/system_group_associations_api.rb b/jcapiv2/lib/jcapiv2/api/system_group_associations_api.rb index 23081e1..daa00da 100644 --- a/jcapiv2/lib/jcapiv2/api/system_group_associations_api.rb +++ b/jcapiv2/lib/jcapiv2/api/system_group_associations_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class SystemGroupAssociationsApi attr_accessor :api_client @@ -19,503 +16,480 @@ class SystemGroupAssociationsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List the associations of a System Group # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_group_associations_list(group_id, content_type, accept, targets, opts = {}) - data, _status_code, _headers = graph_system_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts) - return data + def graph_system_group_associations_list(group_id, targets, opts = {}) + data, _status_code, _headers = graph_system_group_associations_list_with_http_info(group_id, targets, opts) + data end # List the associations of a System Group - # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_associations_list_with_http_info(group_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupAssociationsApi.graph_system_group_associations_list ..." + @api_client.config.logger.debug 'Calling API: SystemGroupAssociationsApi.graph_system_group_associations_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupAssociationsApi.graph_system_group_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupAssociationsApi.graph_system_group_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupAssociationsApi.graph_system_group_associations_list" - end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling SystemGroupAssociationsApi.graph_system_group_associations_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupAssociationsApi.graph_system_group_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupAssociationsApi#graph_system_group_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a System Group - # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupGraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationSystemGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_system_group_associations_post(group_id, content_type, accept, opts = {}) - graph_system_group_associations_post_with_http_info(group_id, content_type, accept, opts) - return nil + def graph_system_group_associations_post(group_id, opts = {}) + graph_system_group_associations_post_with_http_info(group_id, opts) + nil end # Manage the associations of a System Group - # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupGraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_system_group_associations_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [GraphOperationSystemGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_system_group_associations_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupAssociationsApi.graph_system_group_associations_post ..." + @api_client.config.logger.debug 'Calling API: SystemGroupAssociationsApi.graph_system_group_associations_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupAssociationsApi.graph_system_group_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupAssociationsApi.graph_system_group_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupAssociationsApi.graph_system_group_associations_post" - end # resource path - local_var_path = "/systemgroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupAssociationsApi#graph_system_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Commands bound to a System Group # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array] - def graph_system_group_traverse_command(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_command_with_http_info(group_id, content_type, accept, opts) - return data + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array] + def graph_system_group_traverse_command(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_command_with_http_info(group_id, opts) + data end # List the Commands bound to a System Group - # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_command_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_command_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupAssociationsApi.graph_system_group_traverse_command ..." + @api_client.config.logger.debug 'Calling API: SystemGroupAssociationsApi.graph_system_group_traverse_command ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupAssociationsApi.graph_system_group_traverse_command" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupAssociationsApi.graph_system_group_traverse_command" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupAssociationsApi.graph_system_group_traverse_command" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupAssociationsApi.graph_system_group_traverse_command, must be greater than or equal to 0.' + if @api_client.config.client_side_validation && opts[:'details'] && !['v1'].include?(opts[:'details']) + fail ArgumentError, 'invalid value for "details", must be one of v1' end - # resource path - local_var_path = "/systemgroups/{group_id}/commands".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/commands'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'details'] = opts[:'details'] if !opts[:'details'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupAssociationsApi#graph_system_group_traverse_command\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Policies bound to a System Group # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_group_traverse_policy(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_policy_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_traverse_policy(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_policy_with_http_info(group_id, opts) + data end # List the Policies bound to a System Group - # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_policy_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_policy_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupAssociationsApi.graph_system_group_traverse_policy ..." + @api_client.config.logger.debug 'Calling API: SystemGroupAssociationsApi.graph_system_group_traverse_policy ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupAssociationsApi.graph_system_group_traverse_policy" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupAssociationsApi.graph_system_group_traverse_policy" + # resource path + local_var_path = '/systemgroups/{group_id}/policies'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemGroupAssociationsApi#graph_system_group_traverse_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupAssociationsApi.graph_system_group_traverse_policy" + return data, status_code, headers + end + # List the Policy Groups bound to a System Group + # This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the System Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_system_group_traverse_policy_group(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_policy_group_with_http_info(group_id, opts) + data + end + + # List the Policy Groups bound to a System Group + # This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the System Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_policy_group_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemGroupAssociationsApi.graph_system_group_traverse_policy_group ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupAssociationsApi.graph_system_group_traverse_policy, must be greater than or equal to 0.' + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupAssociationsApi.graph_system_group_traverse_policy_group" end - # resource path - local_var_path = "/systemgroups/{group_id}/policies".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/policygroups'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemGroupAssociationsApi#graph_system_group_traverse_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemGroupAssociationsApi#graph_system_group_traverse_policy_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to a System Group # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_group_traverse_user(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_user_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_traverse_user(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_user_with_http_info(group_id, opts) + data end # List the Users bound to a System Group - # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_user_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_user_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupAssociationsApi.graph_system_group_traverse_user ..." + @api_client.config.logger.debug 'Calling API: SystemGroupAssociationsApi.graph_system_group_traverse_user ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupAssociationsApi.graph_system_group_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupAssociationsApi.graph_system_group_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupAssociationsApi.graph_system_group_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupAssociationsApi.graph_system_group_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/users".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/users'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupAssociationsApi#graph_system_group_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to a System Group # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_group_traverse_user_group(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_user_group_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_traverse_user_group(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_user_group_with_http_info(group_id, opts) + data end # List the User Groups bound to a System Group - # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_user_group_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_user_group_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupAssociationsApi.graph_system_group_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: SystemGroupAssociationsApi.graph_system_group_traverse_user_group ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupAssociationsApi.graph_system_group_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupAssociationsApi.graph_system_group_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupAssociationsApi.graph_system_group_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupAssociationsApi.graph_system_group_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/usergroups".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/usergroups'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupAssociationsApi#graph_system_group_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/system_group_members_membership_api.rb b/jcapiv2/lib/jcapiv2/api/system_group_members_membership_api.rb index 6dba15d..9c8fc73 100644 --- a/jcapiv2/lib/jcapiv2/api/system_group_members_membership_api.rb +++ b/jcapiv2/lib/jcapiv2/api/system_group_members_membership_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class SystemGroupMembersMembershipApi attr_accessor :api_client @@ -19,338 +16,204 @@ class SystemGroupMembersMembershipApi def initialize(api_client = ApiClient.default) @api_client = api_client end - - # List the System Group's parents - # This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. - # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def graph_system_group_member_of(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_member_of_with_http_info(group_id, content_type, accept, opts) - return data - end - - # List the System Group's parents - # This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. - # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_member_of_with_http_info(group_id, content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupMembersMembershipApi.graph_system_group_member_of ..." - end - # verify the required parameter 'group_id' is set - if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupMembersMembershipApi.graph_system_group_member_of" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupMembersMembershipApi.graph_system_group_member_of" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupMembersMembershipApi.graph_system_group_member_of" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupMembersMembershipApi.graph_system_group_member_of, must be greater than or equal to 0.' - end - - # resource path - local_var_path = "/systemgroups/{group_id}/memberof".sub('{' + 'group_id' + '}', group_id.to_s) - - # query parameters - query_params = {} - query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'Array') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemGroupMembersMembershipApi#graph_system_group_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - # List the members of a System Group # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_group_members_list(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_members_list_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_members_list(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_members_list_with_http_info(group_id, opts) + data end # List the members of a System Group - # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_members_list_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_members_list_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupMembersMembershipApi.graph_system_group_members_list ..." + @api_client.config.logger.debug 'Calling API: SystemGroupMembersMembershipApi.graph_system_group_members_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupMembersMembershipApi.graph_system_group_members_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupMembersMembershipApi.graph_system_group_members_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupMembersMembershipApi.graph_system_group_members_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupMembersMembershipApi.graph_system_group_members_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupMembersMembershipApi#graph_system_group_members_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the members of a System Group - # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` + # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupMembersReq] :body + # @option opts [GraphOperationSystemGroupMember] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_system_group_members_post(group_id, content_type, accept, opts = {}) - graph_system_group_members_post_with_http_info(group_id, content_type, accept, opts) - return nil + def graph_system_group_members_post(group_id, opts = {}) + graph_system_group_members_post_with_http_info(group_id, opts) + nil end # Manage the members of a System Group - # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` + # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupMembersReq] :body + # @option opts [GraphOperationSystemGroupMember] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_system_group_members_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_system_group_members_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupMembersMembershipApi.graph_system_group_members_post ..." + @api_client.config.logger.debug 'Calling API: SystemGroupMembersMembershipApi.graph_system_group_members_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupMembersMembershipApi.graph_system_group_members_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupMembersMembershipApi.graph_system_group_members_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupMembersMembershipApi.graph_system_group_members_post" - end # resource path - local_var_path = "/systemgroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupMembersMembershipApi#graph_system_group_members_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the System Group's membership # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id (default to ) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_group_membership(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_membership_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_membership(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_membership_with_http_info(group_id, opts) + data end - # List the System Group's membership - # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the System Group's membership + # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_membership_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_membership_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupMembersMembershipApi.graph_system_group_membership ..." + @api_client.config.logger.debug 'Calling API: SystemGroupMembersMembershipApi.graph_system_group_membership ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupMembersMembershipApi.graph_system_group_membership" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupMembersMembershipApi.graph_system_group_membership" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupMembersMembershipApi.graph_system_group_membership" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupMembersMembershipApi.graph_system_group_membership, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/membership".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/membership'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupMembersMembershipApi#graph_system_group_membership\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/system_groups_api.rb b/jcapiv2/lib/jcapiv2/api/system_groups_api.rb index d570591..305b0e6 100644 --- a/jcapiv2/lib/jcapiv2/api/system_groups_api.rb +++ b/jcapiv2/lib/jcapiv2/api/system_groups_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class SystemGroupsApi attr_accessor :api_client @@ -19,954 +16,766 @@ class SystemGroupsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List the associations of a System Group # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_group_associations_list(group_id, content_type, accept, targets, opts = {}) - data, _status_code, _headers = graph_system_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts) - return data + def graph_system_group_associations_list(group_id, targets, opts = {}) + data, _status_code, _headers = graph_system_group_associations_list_with_http_info(group_id, targets, opts) + data end # List the associations of a System Group - # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_associations_list_with_http_info(group_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.graph_system_group_associations_list ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.graph_system_group_associations_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.graph_system_group_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.graph_system_group_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.graph_system_group_associations_list" - end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling SystemGroupsApi.graph_system_group_associations_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupsApi.graph_system_group_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a System Group - # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupGraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationSystemGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_system_group_associations_post(group_id, content_type, accept, opts = {}) - graph_system_group_associations_post_with_http_info(group_id, content_type, accept, opts) - return nil + def graph_system_group_associations_post(group_id, opts = {}) + graph_system_group_associations_post_with_http_info(group_id, opts) + nil end # Manage the associations of a System Group - # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupGraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_system_group_associations_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [GraphOperationSystemGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_system_group_associations_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.graph_system_group_associations_post ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.graph_system_group_associations_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.graph_system_group_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.graph_system_group_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.graph_system_group_associations_post" - end # resource path - local_var_path = "/systemgroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:POST, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names) - if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) - # List the System Group's parents - # This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. - # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def graph_system_group_member_of(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_member_of_with_http_info(group_id, content_type, accept, opts) - return data - end + return_type = opts[:return_type] - # List the System Group's parents - # This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. - # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_member_of_with_http_info(group_id, content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.graph_system_group_member_of ..." - end - # verify the required parameter 'group_id' is set - if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.graph_system_group_member_of" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.graph_system_group_member_of" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.graph_system_group_member_of" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupsApi.graph_system_group_member_of, must be greater than or equal to 0.' - end - - # resource path - local_var_path = "/systemgroups/{group_id}/memberof".sub('{' + 'group_id' + '}', group_id.to_s) - - # query parameters - query_params = {} - query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the members of a System Group # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_group_members_list(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_members_list_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_members_list(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_members_list_with_http_info(group_id, opts) + data end # List the members of a System Group - # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_members_list_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_members_list_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.graph_system_group_members_list ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.graph_system_group_members_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.graph_system_group_members_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.graph_system_group_members_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.graph_system_group_members_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupsApi.graph_system_group_members_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_members_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the members of a System Group - # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` + # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupMembersReq] :body + # @option opts [GraphOperationSystemGroupMember] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_system_group_members_post(group_id, content_type, accept, opts = {}) - graph_system_group_members_post_with_http_info(group_id, content_type, accept, opts) - return nil + def graph_system_group_members_post(group_id, opts = {}) + graph_system_group_members_post_with_http_info(group_id, opts) + nil end # Manage the members of a System Group - # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` + # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupMembersReq] :body + # @option opts [GraphOperationSystemGroupMember] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_system_group_members_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_system_group_members_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.graph_system_group_members_post ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.graph_system_group_members_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.graph_system_group_members_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.graph_system_group_members_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.graph_system_group_members_post" - end # resource path - local_var_path = "/systemgroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_members_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the System Group's membership # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id (default to ) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_group_membership(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_membership_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_membership(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_membership_with_http_info(group_id, opts) + data end - # List the System Group's membership - # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the System Group's membership + # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_membership_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_membership_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.graph_system_group_membership ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.graph_system_group_membership ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.graph_system_group_membership" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.graph_system_group_membership" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.graph_system_group_membership" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupsApi.graph_system_group_membership, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/membership".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/membership'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_membership\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Policies bound to a System Group # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_group_traverse_policy(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_policy_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_traverse_policy(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_policy_with_http_info(group_id, opts) + data end # List the Policies bound to a System Group - # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_policy_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_policy_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.graph_system_group_traverse_policy ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.graph_system_group_traverse_policy ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.graph_system_group_traverse_policy" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.graph_system_group_traverse_policy" + # resource path + local_var_path = '/systemgroups/{group_id}/policies'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_traverse_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.graph_system_group_traverse_policy" + return data, status_code, headers + end + # List the Policy Groups bound to a System Group + # This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the System Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_system_group_traverse_policy_group(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_policy_group_with_http_info(group_id, opts) + data + end + + # List the Policy Groups bound to a System Group + # This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the System Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_policy_group_with_http_info(group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.graph_system_group_traverse_policy_group ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupsApi.graph_system_group_traverse_policy, must be greater than or equal to 0.' + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.graph_system_group_traverse_policy_group" end - # resource path - local_var_path = "/systemgroups/{group_id}/policies".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/policygroups'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_traverse_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_traverse_policy_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to a System Group # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_group_traverse_user(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_user_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_traverse_user(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_user_with_http_info(group_id, opts) + data end # List the Users bound to a System Group - # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_user_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_user_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.graph_system_group_traverse_user ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.graph_system_group_traverse_user ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.graph_system_group_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.graph_system_group_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.graph_system_group_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupsApi.graph_system_group_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/users".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/users'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to a System Group # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_group_traverse_user_group(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_group_traverse_user_group_with_http_info(group_id, content_type, accept, opts) - return data + def graph_system_group_traverse_user_group(group_id, opts = {}) + data, _status_code, _headers = graph_system_group_traverse_user_group_with_http_info(group_id, opts) + data end # List the User Groups bound to a System Group - # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_group_traverse_user_group_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_group_traverse_user_group_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.graph_system_group_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.graph_system_group_traverse_user_group ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.graph_system_group_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.graph_system_group_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.graph_system_group_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupsApi.graph_system_group_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups/{group_id}/usergroups".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/systemgroups/{group_id}/usergroups'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupsApi#graph_system_group_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Delete a System Group # This endpoint allows you to delete a System Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def groups_system_delete(id, content_type, accept, opts = {}) - groups_system_delete_with_http_info(id, content_type, accept, opts) - return nil + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SystemGroup] + def groups_system_delete(id, opts = {}) + data, _status_code, _headers = groups_system_delete_with_http_info(id, opts) + data end # Delete a System Group - # This endpoint allows you to delete a System Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a System Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def groups_system_delete_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(SystemGroup, Integer, Hash)>] SystemGroup data, response status code and response headers + def groups_system_delete_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.groups_system_delete ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.groups_system_delete ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling SystemGroupsApi.groups_system_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.groups_system_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.groups_system_delete" - end # resource path - local_var_path = "/systemgroups/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemgroups/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'SystemGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupsApi#groups_system_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # View an individual System Group details # This endpoint returns the details of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [SystemGroup] - def groups_system_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = groups_system_get_with_http_info(id, content_type, accept, opts) - return data + def groups_system_get(id, opts = {}) + data, _status_code, _headers = groups_system_get_with_http_info(id, opts) + data end # View an individual System Group details - # This endpoint returns the details of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the details of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(SystemGroup, Fixnum, Hash)>] SystemGroup data, response status code and response headers - def groups_system_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(SystemGroup, Integer, Hash)>] SystemGroup data, response status code and response headers + def groups_system_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.groups_system_get ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.groups_system_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling SystemGroupsApi.groups_system_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.groups_system_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.groups_system_get" - end # resource path - local_var_path = "/systemgroups/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemgroups/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'SystemGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'SystemGroup') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupsApi#groups_system_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List all System Groups # This endpoint returns all System Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def groups_system_list(content_type, accept, opts = {}) - data, _status_code, _headers = groups_system_list_with_http_info(content_type, accept, opts) - return data + def groups_system_list(opts = {}) + data, _status_code, _headers = groups_system_list_with_http_info(opts) + data end # List all System Groups - # This endpoint returns all System Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all System Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def groups_system_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def groups_system_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.groups_system_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.groups_system_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.groups_system_list" + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.groups_system_list ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemGroupsApi.groups_system_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systemgroups" + local_var_path = '/systemgroups' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -974,246 +783,282 @@ def groups_system_list_with_http_info(content_type, accept, opts = {}) query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemGroupsApi#groups_system_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Create a new System Group + # This endpoint allows you to create a new System Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [SystemGroupPost] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SystemGroup] + def groups_system_post(opts = {}) + data, _status_code, _headers = groups_system_post_with_http_info(opts) + data + end + + # Create a new System Group + # This endpoint allows you to create a new System Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [SystemGroupPost] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(SystemGroup, Integer, Hash)>] SystemGroup data, response status code and response headers + def groups_system_post_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.groups_system_post ...' + end + # resource path + local_var_path = '/systemgroups' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) - # Partial update a System Group - # We have hidden PATCH on the systemgroups and usergroups for now; we don't have that implemented correctly yet, people should use PUT until we do a true PATCH operation. #### Sample Request ``` https://console.jumpcloud.com/api/v2/systemgroups/{id} ``` + return_type = opts[:return_type] || 'SystemGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemGroupsApi#groups_system_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update a System Group + # This endpoint allows you to do a full update of the System Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Name_Update\" }' ``` # @param id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupData] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [SystemGroupPut] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [SystemGroup] - def groups_system_patch(id, content_type, accept, opts = {}) - data, _status_code, _headers = groups_system_patch_with_http_info(id, content_type, accept, opts) - return data + def groups_system_put(id, opts = {}) + data, _status_code, _headers = groups_system_put_with_http_info(id, opts) + data end - # Partial update a System Group - # We have hidden PATCH on the systemgroups and usergroups for now; we don't have that implemented correctly yet, people should use PUT until we do a true PATCH operation. #### Sample Request ``` https://console.jumpcloud.com/api/v2/systemgroups/{id} ``` + # Update a System Group + # This endpoint allows you to do a full update of the System Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Name_Update\" }' ``` # @param id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupData] :body - # @option opts [String] :x_org_id - # @return [Array<(SystemGroup, Fixnum, Hash)>] SystemGroup data, response status code and response headers - def groups_system_patch_with_http_info(id, content_type, accept, opts = {}) + # @option opts [SystemGroupPut] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(SystemGroup, Integer, Hash)>] SystemGroup data, response status code and response headers + def groups_system_put_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.groups_system_patch ..." + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.groups_system_put ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling SystemGroupsApi.groups_system_patch" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.groups_system_patch" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.groups_system_patch" + fail ArgumentError, "Missing the required parameter 'id' when calling SystemGroupsApi.groups_system_put" end # resource path - local_var_path = "/systemgroups/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemgroups/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'SystemGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'SystemGroup') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemGroupsApi#groups_system_patch\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemGroupsApi#groups_system_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Create a new System Group - # This endpoint allows you to create a new System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` - # @param content_type - # @param accept + # List Suggestions for a System Group + # This endpoint returns available suggestions for a given system group #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ID of the group # @param [Hash] opts the optional parameters - # @option opts [SystemGroupData] :body - # @option opts [String] :x_org_id (default to ) - # @return [SystemGroup] - def groups_system_post(content_type, accept, opts = {}) - data, _status_code, _headers = groups_system_post_with_http_info(content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def groups_system_suggestions_get(group_id, opts = {}) + data, _status_code, _headers = groups_system_suggestions_get_with_http_info(group_id, opts) + data end - # Create a new System Group - # This endpoint allows you to create a new System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` - # @param content_type - # @param accept + # List Suggestions for a System Group + # This endpoint returns available suggestions for a given system group #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ID of the group # @param [Hash] opts the optional parameters - # @option opts [SystemGroupData] :body - # @option opts [String] :x_org_id - # @return [Array<(SystemGroup, Fixnum, Hash)>] SystemGroup data, response status code and response headers - def groups_system_post_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def groups_system_suggestions_get_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.groups_system_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.groups_system_post" + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.groups_system_suggestions_get ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.groups_system_post" + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.groups_system_suggestions_get" end # resource path - local_var_path = "/systemgroups" + local_var_path = '/systemgroups/{group_id}/suggestions'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:POST, local_var_path, + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'SystemGroup') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemGroupsApi#groups_system_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemGroupsApi#groups_system_suggestions_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Update a System Group - # This endpoint allows you to do a full update of the System Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Name_Update\" }' ``` - # @param id ObjectID of the System Group. - # @param content_type - # @param accept + # Apply Suggestions for a System Group + # This endpoint applies the suggestions for the specified system group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"object_ids\": [\"212345678901234567890123\", \"123456789012345678901234\"] }' ``` + # @param body + # @param group_id ID of the group # @param [Hash] opts the optional parameters - # @option opts [SystemGroupData] :body - # @option opts [String] :x_org_id (default to ) - # @return [SystemGroup] - def groups_system_put(id, content_type, accept, opts = {}) - data, _status_code, _headers = groups_system_put_with_http_info(id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def groups_system_suggestions_post(body, group_id, opts = {}) + data, _status_code, _headers = groups_system_suggestions_post_with_http_info(body, group_id, opts) + data end - # Update a System Group - # This endpoint allows you to do a full update of the System Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Name_Update\" }' ``` - # @param id ObjectID of the System Group. - # @param content_type - # @param accept + # Apply Suggestions for a System Group + # This endpoint applies the suggestions for the specified system group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"object_ids\": [\"212345678901234567890123\", \"123456789012345678901234\"] }' ``` + # @param body + # @param group_id ID of the group # @param [Hash] opts the optional parameters - # @option opts [SystemGroupData] :body - # @option opts [String] :x_org_id - # @return [Array<(SystemGroup, Fixnum, Hash)>] SystemGroup data, response status code and response headers - def groups_system_put_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def groups_system_suggestions_post_with_http_info(body, group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemGroupsApi.groups_system_put ..." - end - # verify the required parameter 'id' is set - if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling SystemGroupsApi.groups_system_put" + @api_client.config.logger.debug 'Calling API: SystemGroupsApi.groups_system_suggestions_post ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemGroupsApi.groups_system_put" + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SystemGroupsApi.groups_system_suggestions_post" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemGroupsApi.groups_system_put" + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling SystemGroupsApi.groups_system_suggestions_post" end # resource path - local_var_path = "/systemgroups/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/systemgroups/{group_id}/suggestions'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'SystemGroup') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemGroupsApi#groups_system_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemGroupsApi#groups_system_suggestions_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv2/lib/jcapiv2/api/system_insights_api.rb b/jcapiv2/lib/jcapiv2/api/system_insights_api.rb index 1a88a31..d78e3ce 100644 --- a/jcapiv2/lib/jcapiv2/api/system_insights_api.rb +++ b/jcapiv2/lib/jcapiv2/api/system_insights_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class SystemInsightsApi attr_accessor :api_client @@ -19,4479 +16,3903 @@ class SystemInsightsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - - # List System Insights Apps - # Valid filter fields are `system_id` and `bundle_name`. - # @param content_type - # @param accept + # List System Insights ALF + # Valid filter fields are `system_id` and `global_state`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - def systeminsights_list_apps(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_apps_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_alf(opts = {}) + data, _status_code, _headers = systeminsights_list_alf_with_http_info(opts) + data end - # List System Insights Apps - # Valid filter fields are `system_id` and `bundle_name`. - # @param content_type - # @param accept + # List System Insights ALF + # Valid filter fields are `system_id` and `global_state`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_apps_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_alf_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_apps ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_apps" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_apps" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_apps, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_apps, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_alf ...' end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_apps, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/apps" + local_var_path = '/systeminsights/alf' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_apps\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_alf\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Battery - # Valid filter fields are `system_id` and `health`. - # @param content_type - # @param accept + # List System Insights ALF Exceptions + # Valid filter fields are `system_id` and `state`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - def systeminsights_list_battery(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_battery_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_alf_exceptions(opts = {}) + data, _status_code, _headers = systeminsights_list_alf_exceptions_with_http_info(opts) + data end - # List System Insights Battery - # Valid filter fields are `system_id` and `health`. - # @param content_type - # @param accept + # List System Insights ALF Exceptions + # Valid filter fields are `system_id` and `state`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_battery_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_alf_exceptions_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_battery ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_battery" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_battery" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_battery, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_alf_exceptions ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_battery, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_battery, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/battery" + local_var_path = '/systeminsights/alf_exceptions' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_battery\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_alf_exceptions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Bitlocker Info - # Valid filter fields are `system_id` and `protection_status`. - # @param content_type - # @param accept + # List System Insights ALF Explicit Authentications + # Valid filter fields are `system_id` and `process`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_bitlocker_info(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_bitlocker_info_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_alf_explicit_auths(opts = {}) + data, _status_code, _headers = systeminsights_list_alf_explicit_auths_with_http_info(opts) + data end - # List System Insights Bitlocker Info - # Valid filter fields are `system_id` and `protection_status`. - # @param content_type - # @param accept + # List System Insights ALF Explicit Authentications + # Valid filter fields are `system_id` and `process`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_bitlocker_info_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_alf_explicit_auths_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_bitlocker_info ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_bitlocker_info" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_alf_explicit_auths ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_bitlocker_info" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_bitlocker_info, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_bitlocker_info, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_bitlocker_info, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/bitlocker_info" + local_var_path = '/systeminsights/alf_explicit_auths' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_bitlocker_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_alf_explicit_auths\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Browser Plugins - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Application Compatibility Shims + # Valid filter fields are `system_id` and `enabled`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_browser_plugins(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_browser_plugins_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_appcompat_shims(opts = {}) + data, _status_code, _headers = systeminsights_list_appcompat_shims_with_http_info(opts) + data end - # List System Insights Browser Plugins - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Application Compatibility Shims + # Valid filter fields are `system_id` and `enabled`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_browser_plugins_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_appcompat_shims_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_browser_plugins ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_browser_plugins" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_browser_plugins" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_browser_plugins, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_browser_plugins, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_browser_plugins, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_appcompat_shims ...' end - # resource path - local_var_path = "/systeminsights/browser_plugins" + local_var_path = '/systeminsights/appcompat_shims' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_browser_plugins\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_appcompat_shims\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Chrome Extensions - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Apps + # Lists all apps for macOS devices. For Windows devices, use [List System Insights Programs](#operation/systeminsights_list_programs). Valid filter fields are `system_id` and `bundle_name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_chrome_extensions(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_chrome_extensions_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_apps(opts = {}) + data, _status_code, _headers = systeminsights_list_apps_with_http_info(opts) + data end - # List System Insights Chrome Extensions - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Apps + # Lists all apps for macOS devices. For Windows devices, use [List System Insights Programs](#operation/systeminsights_list_programs). Valid filter fields are `system_id` and `bundle_name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_chrome_extensions_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_apps_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_chrome_extensions ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_chrome_extensions" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_chrome_extensions" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_chrome_extensions, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_chrome_extensions, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_chrome_extensions, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_apps ...' end - # resource path - local_var_path = "/systeminsights/chrome_extensions" + local_var_path = '/systeminsights/apps' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_chrome_extensions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_apps\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Crashes - # Valid filter fields are `system_id` and `identifier`. - # @param content_type - # @param accept + # List System Insights Authorized Keys + # Valid filter fields are `system_id` and `uid`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - def systeminsights_list_crashes(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_crashes_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_authorized_keys(opts = {}) + data, _status_code, _headers = systeminsights_list_authorized_keys_with_http_info(opts) + data end - # List System Insights Crashes - # Valid filter fields are `system_id` and `identifier`. - # @param content_type - # @param accept + # List System Insights Authorized Keys + # Valid filter fields are `system_id` and `uid`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_crashes_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_authorized_keys_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_crashes ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_crashes" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_crashes" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_crashes, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_authorized_keys ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_crashes, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_crashes, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/crashes" + local_var_path = '/systeminsights/authorized_keys' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_crashes\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_authorized_keys\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Disk Encryption - # Valid filter fields are `system_id` and `encryption_status`. - # @param content_type - # @param accept + # List System Insights Azure Instance Metadata + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_disk_encryption(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_disk_encryption_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_azure_instance_metadata(opts = {}) + data, _status_code, _headers = systeminsights_list_azure_instance_metadata_with_http_info(opts) + data end - # List System Insights Disk Encryption - # Valid filter fields are `system_id` and `encryption_status`. - # @param content_type - # @param accept + # List System Insights Azure Instance Metadata + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_disk_encryption_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_azure_instance_metadata_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_disk_encryption ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_disk_encryption" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_disk_encryption" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_disk_encryption, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_azure_instance_metadata ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_disk_encryption, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_disk_encryption, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/disk_encryption" + local_var_path = '/systeminsights/azure_instance_metadata' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || [] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_disk_encryption\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_azure_instance_metadata\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Disk Info - # Valid filter fields are `system_id` and `disk_index`. - # @param content_type - # @param accept + # List System Insights Azure Instance Tags + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_disk_info(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_disk_info_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_azure_instance_tags(opts = {}) + data, _status_code, _headers = systeminsights_list_azure_instance_tags_with_http_info(opts) + data end - # List System Insights Disk Info - # Valid filter fields are `system_id` and `disk_index`. - # @param content_type - # @param accept + # List System Insights Azure Instance Tags + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_disk_info_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_azure_instance_tags_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_disk_info ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_disk_info" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_disk_info" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_disk_info, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_azure_instance_tags ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_disk_info, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_disk_info, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/disk_info" + local_var_path = '/systeminsights/azure_instance_tags' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || [] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_disk_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_azure_instance_tags\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Etc Hosts - # Valid filter fields are `system_id` and `address`. - # @param content_type - # @param accept + # List System Insights Battery + # Valid filter fields are `system_id` and `health`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_etc_hosts(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_etc_hosts_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_battery(opts = {}) + data, _status_code, _headers = systeminsights_list_battery_with_http_info(opts) + data end - # List System Insights Etc Hosts - # Valid filter fields are `system_id` and `address`. - # @param content_type - # @param accept + # List System Insights Battery + # Valid filter fields are `system_id` and `health`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_etc_hosts_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_battery_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_etc_hosts ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_etc_hosts" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_etc_hosts" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_etc_hosts, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_etc_hosts, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_etc_hosts, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_battery ...' end - # resource path - local_var_path = "/systeminsights/etc_hosts" + local_var_path = '/systeminsights/battery' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_etc_hosts\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_battery\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Firefox Addons - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Bitlocker Info + # Valid filter fields are `system_id` and `protection_status`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_firefox_addons(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_firefox_addons_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_bitlocker_info(opts = {}) + data, _status_code, _headers = systeminsights_list_bitlocker_info_with_http_info(opts) + data end - # List System Insights Firefox Addons - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Bitlocker Info + # Valid filter fields are `system_id` and `protection_status`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_firefox_addons_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_bitlocker_info_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_firefox_addons ..." + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_bitlocker_info ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_firefox_addons" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_firefox_addons" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_firefox_addons, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_firefox_addons, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_firefox_addons, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/firefox_addons" + local_var_path = '/systeminsights/bitlocker_info' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_firefox_addons\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_bitlocker_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Groups - # Valid filter fields are `system_id` and `groupname`. - # @param content_type - # @param accept + # List System Insights Browser Plugins + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_groups(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_groups_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_browser_plugins(opts = {}) + data, _status_code, _headers = systeminsights_list_browser_plugins_with_http_info(opts) + data end - # List System Insights Groups - # Valid filter fields are `system_id` and `groupname`. - # @param content_type - # @param accept + # List System Insights Browser Plugins + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_groups_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_browser_plugins_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_groups ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_groups" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_groups" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_browser_plugins ...' end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_groups, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_groups, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_groups, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/groups" + local_var_path = '/systeminsights/browser_plugins' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_groups\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_browser_plugins\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights IE Extensions - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Certificates + # Valid filter fields are `system_id` and `common_name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) - # @option opts [String] :x_org_id (default to ) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - def systeminsights_list_ie_extensions(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_ie_extensions_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `common_name` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_certificates(opts = {}) + data, _status_code, _headers = systeminsights_list_certificates_with_http_info(opts) + data end - # List System Insights IE Extensions - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Certificates + # Valid filter fields are `system_id` and `common_name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_ie_extensions_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `common_name` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_certificates_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_ie_extensions ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_ie_extensions" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_certificates ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_ie_extensions" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_ie_extensions, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_ie_extensions, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_ie_extensions, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/ie_extensions" + local_var_path = '/systeminsights/certificates' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_ie_extensions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_certificates\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Interface Addresses - # Valid filter fields are `system_id` and `address`. - # @param content_type - # @param accept + # List System Insights Chassis Info + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_interface_addresses(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_interface_addresses_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_chassis_info(opts = {}) + data, _status_code, _headers = systeminsights_list_chassis_info_with_http_info(opts) + data end - # List System Insights Interface Addresses - # Valid filter fields are `system_id` and `address`. - # @param content_type - # @param accept + # List System Insights Chassis Info + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_interface_addresses_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_chassis_info_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_interface_addresses ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_interface_addresses" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_chassis_info ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_interface_addresses" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_interface_addresses, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_interface_addresses, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_interface_addresses, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/interface_addresses" + local_var_path = '/systeminsights/chassis_info' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || [] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_interface_addresses\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_chassis_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Kernel Info - # Valid filter fields are `system_id` and `version`. - # @param content_type - # @param accept + # List System Insights Chrome Extensions + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_kernel_info(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_kernel_info_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_chrome_extensions(opts = {}) + data, _status_code, _headers = systeminsights_list_chrome_extensions_with_http_info(opts) + data end - # List System Insights Kernel Info - # Valid filter fields are `system_id` and `version`. - # @param content_type - # @param accept + # List System Insights Chrome Extensions + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_kernel_info_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_chrome_extensions_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_kernel_info ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_kernel_info" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_kernel_info" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_kernel_info, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_kernel_info, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_kernel_info, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_chrome_extensions ...' end - # resource path - local_var_path = "/systeminsights/kernel_info" + local_var_path = '/systeminsights/chrome_extensions' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_kernel_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_chrome_extensions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Launchd - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Connectivity + # The only valid filter field is `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - def systeminsights_list_launchd(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_launchd_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_connectivity(opts = {}) + data, _status_code, _headers = systeminsights_list_connectivity_with_http_info(opts) + data end - # List System Insights Launchd - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Connectivity + # The only valid filter field is `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_launchd_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_connectivity_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_launchd ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_launchd" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_launchd" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_launchd, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_connectivity ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_launchd, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_launchd, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/launchd" + local_var_path = '/systeminsights/connectivity' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_launchd\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_connectivity\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Logged-In Users - # Valid filter fields are `system_id` and `user`. - # @param content_type - # @param accept + # List System Insights Crashes + # Valid filter fields are `system_id` and `identifier`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - def systeminsights_list_logged_in_users(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_logged_in_users_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_crashes(opts = {}) + data, _status_code, _headers = systeminsights_list_crashes_with_http_info(opts) + data end - # List System Insights Logged-In Users - # Valid filter fields are `system_id` and `user`. - # @param content_type - # @param accept + # List System Insights Crashes + # Valid filter fields are `system_id` and `identifier`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_logged_in_users_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_crashes_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_logged_in_users ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_logged_in_users" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_logged_in_users" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_logged_in_users, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_logged_in_users, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_logged_in_users, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_crashes ...' end - # resource path - local_var_path = "/systeminsights/logged_in_users" + local_var_path = '/systeminsights/crashes' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_logged_in_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_crashes\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Logical Drives - # Valid filter fields are `system_id` and `device_id`. - # @param content_type - # @param accept + # List System Insights CUPS Destinations + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_logical_drives(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_logical_drives_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_cups_destinations(opts = {}) + data, _status_code, _headers = systeminsights_list_cups_destinations_with_http_info(opts) + data end - # List System Insights Logical Drives - # Valid filter fields are `system_id` and `device_id`. - # @param content_type - # @param accept + # List System Insights CUPS Destinations + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_logical_drives_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_cups_destinations_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_logical_drives ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_logical_drives" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_logical_drives" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_logical_drives, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_logical_drives, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_logical_drives, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_cups_destinations ...' end - # resource path - local_var_path = "/systeminsights/logical_drives" + local_var_path = '/systeminsights/cups_destinations' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_logical_drives\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_cups_destinations\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Mounts - # Valid filter fields are `system_id` and `path`. - # @param content_type - # @param accept + # List System Insights Disk Encryption + # Valid filter fields are `system_id` and `encryption_status`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_mounts(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_mounts_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_disk_encryption(opts = {}) + data, _status_code, _headers = systeminsights_list_disk_encryption_with_http_info(opts) + data end - # List System Insights Mounts - # Valid filter fields are `system_id` and `path`. - # @param content_type - # @param accept + # List System Insights Disk Encryption + # Valid filter fields are `system_id` and `encryption_status`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_mounts_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_disk_encryption_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_mounts ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_mounts" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_mounts" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_mounts, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_disk_encryption ...' end + # resource path + local_var_path = '/systeminsights/disk_encryption' - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_mounts, must be greater than or equal to 0.' - end + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_mounts, must be greater than or equal to 0.' + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_disk_encryption\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end + return data, status_code, headers + end + # List System Insights Disk Info + # Valid filter fields are `system_id` and `disk_index`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_disk_info(opts = {}) + data, _status_code, _headers = systeminsights_list_disk_info_with_http_info(opts) + data + end + # List System Insights Disk Info + # Valid filter fields are `system_id` and `disk_index`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_disk_info_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_disk_info ...' + end # resource path - local_var_path = "/systeminsights/mounts" + local_var_path = '/systeminsights/disk_info' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_disk_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List System Insights DNS Resolvers + # Valid filter fields are `system_id` and `type`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_dns_resolvers(opts = {}) + data, _status_code, _headers = systeminsights_list_dns_resolvers_with_http_info(opts) + data + end + + # List System Insights DNS Resolvers + # Valid filter fields are `system_id` and `type`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_dns_resolvers_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_dns_resolvers ...' + end + # resource path + local_var_path = '/systeminsights/dns_resolvers' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_dns_resolvers\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List System Insights Etc Hosts + # Valid filter fields are `system_id` and `address`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_etc_hosts(opts = {}) + data, _status_code, _headers = systeminsights_list_etc_hosts_with_http_info(opts) + data + end + + # List System Insights Etc Hosts + # Valid filter fields are `system_id` and `address`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_etc_hosts_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_etc_hosts ...' + end + # resource path + local_var_path = '/systeminsights/etc_hosts' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_etc_hosts\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List System Insights Firefox Addons + # Valid filter fields are `system_id` and `name`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_firefox_addons(opts = {}) + data, _status_code, _headers = systeminsights_list_firefox_addons_with_http_info(opts) + data + end + + # List System Insights Firefox Addons + # Valid filter fields are `system_id` and `name`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_firefox_addons_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_firefox_addons ...' + end + # resource path + local_var_path = '/systeminsights/firefox_addons' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_firefox_addons\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List System Insights Groups + # Valid filter fields are `system_id` and `groupname`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_groups(opts = {}) + data, _status_code, _headers = systeminsights_list_groups_with_http_info(opts) + data + end + + # List System Insights Groups + # Valid filter fields are `system_id` and `groupname`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_groups_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_groups ...' + end + # resource path + local_var_path = '/systeminsights/groups' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_groups\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List System Insights IE Extensions + # Valid filter fields are `system_id` and `name`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_ie_extensions(opts = {}) + data, _status_code, _headers = systeminsights_list_ie_extensions_with_http_info(opts) + data + end + + # List System Insights IE Extensions + # Valid filter fields are `system_id` and `name`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_ie_extensions_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_ie_extensions ...' + end + # resource path + local_var_path = '/systeminsights/ie_extensions' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_ie_extensions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List System Insights Interface Addresses + # Valid filter fields are `system_id` and `address`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_interface_addresses(opts = {}) + data, _status_code, _headers = systeminsights_list_interface_addresses_with_http_info(opts) + data + end + + # List System Insights Interface Addresses + # Valid filter fields are `system_id` and `address`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_interface_addresses_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_interface_addresses ...' + end + # resource path + local_var_path = '/systeminsights/interface_addresses' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_interface_addresses\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List System Insights Interface Details + # Valid filter fields are `system_id` and `interface`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_interface_details(opts = {}) + data, _status_code, _headers = systeminsights_list_interface_details_with_http_info(opts) + data + end + + # List System Insights Interface Details + # Valid filter fields are `system_id` and `interface`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_interface_details_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_interface_details ...' + end + # resource path + local_var_path = '/systeminsights/interface_details' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_interface_details\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List System Insights Kernel Info + # Valid filter fields are `system_id` and `version`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_kernel_info(opts = {}) + data, _status_code, _headers = systeminsights_list_kernel_info_with_http_info(opts) + data + end + + # List System Insights Kernel Info + # Valid filter fields are `system_id` and `version`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_kernel_info_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_kernel_info ...' + end + # resource path + local_var_path = '/systeminsights/kernel_info' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_kernel_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List System Insights Launchd + # Valid filter fields are `system_id` and `name`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_launchd(opts = {}) + data, _status_code, _headers = systeminsights_list_launchd_with_http_info(opts) + data + end + + # List System Insights Launchd + # Valid filter fields are `system_id` and `name`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_launchd_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_launchd ...' + end + # resource path + local_var_path = '/systeminsights/launchd' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_mounts\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_launchd\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights OS Version - # Valid filter fields are `system_id` and `version`. - # @param content_type - # @param accept + # List System Insights Linux Packages + # Lists all programs for Linux devices. For macOS devices, use [List System Insights System Apps](#operation/systeminsights_list_apps). For windows devices, use [List System Insights System Apps](#operation/systeminsights_list_programs). Valid filter fields are `name` and `package_format`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_os_version(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_os_version_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_linux_packages(opts = {}) + data, _status_code, _headers = systeminsights_list_linux_packages_with_http_info(opts) + data end - # List System Insights OS Version - # Valid filter fields are `system_id` and `version`. - # @param content_type - # @param accept + # List System Insights Linux Packages + # Lists all programs for Linux devices. For macOS devices, use [List System Insights System Apps](#operation/systeminsights_list_apps). For windows devices, use [List System Insights System Apps](#operation/systeminsights_list_programs). Valid filter fields are `name` and `package_format`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_os_version_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_linux_packages_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_os_version ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_os_version" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_linux_packages ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_os_version" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_os_version, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_os_version, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_os_version, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/os_version" + local_var_path = '/systeminsights/linux_packages' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_os_version\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_linux_packages\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Patches - # Valid filter fields are `system_id` and `hotfix_id`. - # @param content_type - # @param accept + # List System Insights Logged-In Users + # Valid filter fields are `system_id` and `user`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_patches(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_patches_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_logged_in_users(opts = {}) + data, _status_code, _headers = systeminsights_list_logged_in_users_with_http_info(opts) + data end - # List System Insights Patches - # Valid filter fields are `system_id` and `hotfix_id`. - # @param content_type - # @param accept + # List System Insights Logged-In Users + # Valid filter fields are `system_id` and `user`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_patches_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_logged_in_users_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_patches ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_patches" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_patches" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_patches, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_patches, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_patches, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_logged_in_users ...' end - # resource path - local_var_path = "/systeminsights/patches" + local_var_path = '/systeminsights/logged_in_users' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_patches\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_logged_in_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Programs - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Logical Drives + # Valid filter fields are `system_id` and `device_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_programs(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_programs_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_logical_drives(opts = {}) + data, _status_code, _headers = systeminsights_list_logical_drives_with_http_info(opts) + data end - # List System Insights Programs - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Logical Drives + # Valid filter fields are `system_id` and `device_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_programs_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_logical_drives_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_programs ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_programs" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_programs" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_programs, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_programs, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_programs, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_logical_drives ...' end - # resource path - local_var_path = "/systeminsights/programs" + local_var_path = '/systeminsights/logical_drives' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_programs\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_logical_drives\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Safari Extensions - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Managed Policies + # Valid filter fields are `system_id` and `domain`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_safari_extensions(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_safari_extensions_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_managed_policies(opts = {}) + data, _status_code, _headers = systeminsights_list_managed_policies_with_http_info(opts) + data end - # List System Insights Safari Extensions - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # List System Insights Managed Policies + # Valid filter fields are `system_id` and `domain`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_safari_extensions_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_managed_policies_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_safari_extensions ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_safari_extensions" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_safari_extensions" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_safari_extensions, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_safari_extensions, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_safari_extensions, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_managed_policies ...' end - # resource path - local_var_path = "/systeminsights/safari_extensions" + local_var_path = '/systeminsights/managed_policies' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_safari_extensions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_managed_policies\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Apps - # Valid filter fields are `bundle_name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Mounts + # Valid filter fields are `system_id` and `path`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_apps(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_apps_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_mounts(opts = {}) + data, _status_code, _headers = systeminsights_list_mounts_with_http_info(opts) + data end - # List System Insights System Apps - # Valid filter fields are `bundle_name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Mounts + # Valid filter fields are `system_id` and `path`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_apps_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_mounts_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_apps ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_apps" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_apps" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_apps" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_apps, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_apps, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_apps, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_mounts ...' end - # resource path - local_var_path = "/systeminsights/{system_id}/apps".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/mounts' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_apps\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_mounts\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Bitlocker Info - # Valid filter fields are `protection_status`. - # @param system_id - # @param content_type - # @param accept + # List System Insights OS Version + # Valid filter fields are `system_id` and `version`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_bitlocker_info(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_bitlocker_info_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_os_version(opts = {}) + data, _status_code, _headers = systeminsights_list_os_version_with_http_info(opts) + data end - # List System Insights System Bitlocker Info - # Valid filter fields are `protection_status`. - # @param system_id - # @param content_type - # @param accept + # List System Insights OS Version + # Valid filter fields are `system_id` and `version`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_bitlocker_info_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_os_version_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_bitlocker_info ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_bitlocker_info" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_bitlocker_info" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_bitlocker_info" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_os_version ...' end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_bitlocker_info, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_bitlocker_info, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_bitlocker_info, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/bitlocker_info".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/os_version' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_bitlocker_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_os_version\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Browser Plugins - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Patches + # Valid filter fields are `system_id` and `hotfix_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_browser_plugins(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_browser_plugins_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_patches(opts = {}) + data, _status_code, _headers = systeminsights_list_patches_with_http_info(opts) + data end - # List System Insights System Browser Plugins - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Patches + # Valid filter fields are `system_id` and `hotfix_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_browser_plugins_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_patches_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_browser_plugins ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_browser_plugins" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_patches ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_browser_plugins" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_browser_plugins" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_browser_plugins, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_browser_plugins, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_browser_plugins, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/browser_plugins".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/patches' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_browser_plugins\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_patches\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Chrome Extensions - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Programs + # Lists all programs for Windows devices. For macOS devices, use [List System Insights Apps](#operation/systeminsights_list_apps). Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_chrome_extensions(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_chrome_extensions_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_programs(opts = {}) + data, _status_code, _headers = systeminsights_list_programs_with_http_info(opts) + data end - # List System Insights System Chrome Extensions - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Programs + # Lists all programs for Windows devices. For macOS devices, use [List System Insights Apps](#operation/systeminsights_list_apps). Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_chrome_extensions_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_programs_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_chrome_extensions ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_chrome_extensions" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_programs ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_chrome_extensions" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_chrome_extensions" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_chrome_extensions, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_chrome_extensions, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_chrome_extensions, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/chrome_extensions".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/programs' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_chrome_extensions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_programs\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Control + # List System Insights Python Packages # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_controls(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_controls_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_python_packages(opts = {}) + data, _status_code, _headers = systeminsights_list_python_packages_with_http_info(opts) + data end - # List System Insights System Control + # List System Insights Python Packages # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_controls_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_python_packages_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_controls ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_controls" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_controls" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_python_packages ...' end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_controls, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_controls, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_controls, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/system_controls" + local_var_path = '/systeminsights/python_packages' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_controls\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_python_packages\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Disk Encryption - # Valid filter fields are `encryption_status`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Safari Extensions + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_disk_encryption(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_disk_encryption_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_safari_extensions(opts = {}) + data, _status_code, _headers = systeminsights_list_safari_extensions_with_http_info(opts) + data end - # List System Insights System Disk Encryption - # Valid filter fields are `encryption_status`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Safari Extensions + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_disk_encryption_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_safari_extensions_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_disk_encryption ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_disk_encryption" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_safari_extensions ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_disk_encryption" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_disk_encryption" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_disk_encryption, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_disk_encryption, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_disk_encryption, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/disk_encryption".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/safari_extensions' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_disk_encryption\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_safari_extensions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Disk Info - # Valid filter fields are `disk_index`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Scheduled Tasks + # Valid filter fields are `system_id` and `enabled`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_disk_info(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_disk_info_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_scheduled_tasks(opts = {}) + data, _status_code, _headers = systeminsights_list_scheduled_tasks_with_http_info(opts) + data end - # List System Insights System Disk Info - # Valid filter fields are `disk_index`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Scheduled Tasks + # Valid filter fields are `system_id` and `enabled`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_disk_info_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_scheduled_tasks_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_disk_info ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_disk_info" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_disk_info" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_disk_info" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_disk_info, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_scheduled_tasks ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_disk_info, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_disk_info, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/disk_info".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/scheduled_tasks' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_disk_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_scheduled_tasks\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Etc Hosts - # Valid filter fields are `address`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Secure Boot + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_etc_hosts(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_etc_hosts_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_secureboot(opts = {}) + data, _status_code, _headers = systeminsights_list_secureboot_with_http_info(opts) + data end - # List System Insights System Etc Hosts - # Valid filter fields are `address`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Secure Boot + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_etc_hosts_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_secureboot_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_etc_hosts ..." + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_secureboot ...' end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_etc_hosts" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_etc_hosts" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_etc_hosts" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_etc_hosts, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_etc_hosts, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_etc_hosts, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/etc_hosts".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/secureboot' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || [] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_etc_hosts\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_secureboot\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Firefox Addons - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Services + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_firefox_addons(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_firefox_addons_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_services(opts = {}) + data, _status_code, _headers = systeminsights_list_services_with_http_info(opts) + data end - # List System Insights System Firefox Addons - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Services + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_firefox_addons_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_services_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_firefox_addons ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_firefox_addons" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_firefox_addons" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_services ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_firefox_addons" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_firefox_addons, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_firefox_addons, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_firefox_addons, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/firefox_addons".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/services' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_firefox_addons\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_services\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Groups - # Valid filter fields are `groupname`. - # @param system_id - # @param content_type - # @param accept + # LIst System Insights Shadow + # Valid filter fields are `system_id` and `username`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_groups(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_groups_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_shadow(opts = {}) + data, _status_code, _headers = systeminsights_list_shadow_with_http_info(opts) + data end - # List System Insights System Groups - # Valid filter fields are `groupname`. - # @param system_id - # @param content_type - # @param accept + # LIst System Insights Shadow + # Valid filter fields are `system_id` and `username`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_groups_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_shadow_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_groups ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_groups" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_groups" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_groups" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_groups, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_shadow ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_groups, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_groups, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/groups".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/shadow' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_groups\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_shadow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Info - # Valid filter fields are `system_id` and `cpu_subtype`. - # @param content_type - # @param accept + # List System Insights Shared Folders + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_info(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_info_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_shared_folders(opts = {}) + data, _status_code, _headers = systeminsights_list_shared_folders_with_http_info(opts) + data end - # List System Insights System Info - # Valid filter fields are `system_id` and `cpu_subtype`. - # @param content_type - # @param accept + # List System Insights Shared Folders + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_info_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_shared_folders_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_info ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_info" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_info" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_shared_folders ...' end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_info, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_info, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_info, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/system_info" + local_var_path = '/systeminsights/shared_folders' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_shared_folders\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Interface Addresses - # Valid filter fields are `address`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Shared Resources + # Valid filter fields are `system_id` and `type`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_interface_addresses(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_interface_addresses_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_shared_resources(opts = {}) + data, _status_code, _headers = systeminsights_list_shared_resources_with_http_info(opts) + data end - # List System Insights System Interface Addresses - # Valid filter fields are `address`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Shared Resources + # Valid filter fields are `system_id` and `type`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_interface_addresses_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_shared_resources_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_interface_addresses ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_interface_addresses" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_interface_addresses" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_interface_addresses" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_interface_addresses, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_shared_resources ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_interface_addresses, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_interface_addresses, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/interface_addresses".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/shared_resources' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || [] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_interface_addresses\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_shared_resources\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Kernel Info - # Valid filter fields are `version`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Sharing Preferences + # Only valid filed field is `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_kernel_info(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_kernel_info_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_sharing_preferences(opts = {}) + data, _status_code, _headers = systeminsights_list_sharing_preferences_with_http_info(opts) + data end - # List System Insights System Kernel Info - # Valid filter fields are `version`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Sharing Preferences + # Only valid filed field is `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_kernel_info_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_sharing_preferences_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_kernel_info ..." + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_sharing_preferences ...' end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_kernel_info" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_kernel_info" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_kernel_info" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_kernel_info, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_kernel_info, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_kernel_info, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/kernel_info".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/sharing_preferences' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_kernel_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_sharing_preferences\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Logical Drives - # Valid filter fields are `device_id`. - # @param system_id - # @param content_type - # @param accept + # List System Insights SIP Config + # Valid filter fields are `system_id` and `enabled`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_logical_drives(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_logical_drives_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_sip_config(opts = {}) + data, _status_code, _headers = systeminsights_list_sip_config_with_http_info(opts) + data end - # List System Insights System Logical Drives - # Valid filter fields are `device_id`. - # @param system_id - # @param content_type - # @param accept + # List System Insights SIP Config + # Valid filter fields are `system_id` and `enabled`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_logical_drives_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_sip_config_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_logical_drives ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_logical_drives" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_logical_drives" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_logical_drives" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_logical_drives, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_logical_drives, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_logical_drives, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_sip_config ...' end - # resource path - local_var_path = "/systeminsights/{system_id}/logical_drives".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/sip_config' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_logical_drives\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_sip_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Mounts - # Valid filter fields are `path`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Startup Items + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_mounts(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_mounts_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_startup_items(opts = {}) + data, _status_code, _headers = systeminsights_list_startup_items_with_http_info(opts) + data end - # List System Insights System Mounts - # Valid filter fields are `path`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Startup Items + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_mounts_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_startup_items_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_mounts ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_mounts" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_mounts" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_mounts" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_mounts, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_mounts, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_mounts, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_startup_items ...' end - # resource path - local_var_path = "/systeminsights/{system_id}/mounts".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/startup_items' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_mounts\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_startup_items\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System OS Version - # Valid filter fields are `version`. - # @param system_id - # @param content_type - # @param accept + # List System Insights System Control + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_os_version(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_os_version_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `name` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_system_controls(opts = {}) + data, _status_code, _headers = systeminsights_list_system_controls_with_http_info(opts) + data end - # List System Insights System OS Version - # Valid filter fields are `version`. - # @param system_id - # @param content_type - # @param accept + # List System Insights System Control + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_os_version_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `name` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_system_controls_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_os_version ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_os_version" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_os_version" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_os_version" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_os_version, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_os_version, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_system_controls ...' end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_os_version, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/os_version".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/system_controls' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_os_version\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_controls\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Patches - # Valid filter fields are `hotfix_id `. - # @param system_id - # @param content_type - # @param accept + # List System Insights System Info + # Valid filter fields are `system_id` and `cpu_subtype`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_patches(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_patches_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_system_info(opts = {}) + data, _status_code, _headers = systeminsights_list_system_info_with_http_info(opts) + data end - # List System Insights System Patches - # Valid filter fields are `hotfix_id `. - # @param system_id - # @param content_type - # @param accept + # List System Insights System Info + # Valid filter fields are `system_id` and `cpu_subtype`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_patches_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_system_info_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_patches ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_patches" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_patches" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_patches" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_patches, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_system_info ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_patches, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_patches, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/patches".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/system_info' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_patches\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Programs - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights TPM Info + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_programs(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_programs_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_tpm_info(opts = {}) + data, _status_code, _headers = systeminsights_list_tpm_info_with_http_info(opts) + data end - # List System Insights System Programs - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights TPM Info + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_programs_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_tpm_info_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_programs ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_programs" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_programs" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_programs" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_programs, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_programs, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_programs, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_tpm_info ...' end - # resource path - local_var_path = "/systeminsights/{system_id}/programs".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/tpm_info' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept + header_params['Accept'] = @api_client.select_header_accept(['text/html']) header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || [] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_programs\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_tpm_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Safari Extensions - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Uptime + # Valid filter fields are `system_id` and `days`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_safari_extensions(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_safari_extensions_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, gte, in. e.g: Filter for single value: `filter=field:gte:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_uptime(opts = {}) + data, _status_code, _headers = systeminsights_list_uptime_with_http_info(opts) + data end - # List System Insights System Safari Extensions - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights Uptime + # Valid filter fields are `system_id` and `days`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_safari_extensions_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, gte, in. e.g: Filter for single value: `filter=field:gte:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_uptime_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_safari_extensions ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_safari_extensions" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_safari_extensions" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_safari_extensions" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_safari_extensions, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_safari_extensions, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_safari_extensions, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_uptime ...' end - # resource path - local_var_path = "/systeminsights/{system_id}/safari_extensions".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/uptime' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_safari_extensions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_uptime\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System System Controls - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights USB Devices + # Valid filter fields are `system_id` and `model`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_system_controls(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_system_controls_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_usb_devices(opts = {}) + data, _status_code, _headers = systeminsights_list_usb_devices_with_http_info(opts) + data end - # List System Insights System System Controls - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # List System Insights USB Devices + # Valid filter fields are `system_id` and `model`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_system_controls_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_usb_devices_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_system_controls ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_system_controls" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_system_controls" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_system_controls" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_usb_devices ...' end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_system_controls, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_system_controls, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_system_controls, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/system_controls".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/usb_devices' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_system_controls\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_usb_devices\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System System Info - # Valid filter fields are `cpu_subtype`. - # @param system_id - # @param content_type - # @param accept + # List System Insights User Groups + # Only valid filter field is `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_system_info(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_system_info_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_user_groups(opts = {}) + data, _status_code, _headers = systeminsights_list_user_groups_with_http_info(opts) + data end - # List System Insights System System Info - # Valid filter fields are `cpu_subtype`. - # @param system_id - # @param content_type - # @param accept + # List System Insights User Groups + # Only valid filter field is `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_system_info_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_user_groups_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_system_info ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_system_info" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_user_groups ...' end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_system_info" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_system_info" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_system_info, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_system_info, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_system_info, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/system_info".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/user_groups' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_system_info\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_user_groups\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Uptime - # Valid filter fields are `days`. - # @param system_id - # @param content_type - # @param accept + # List System Insights User SSH Keys + # Valid filter fields are `system_id` and `uid`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_uptime(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_uptime_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_user_ssh_keys(opts = {}) + data, _status_code, _headers = systeminsights_list_user_ssh_keys_with_http_info(opts) + data end - # List System Insights System Uptime - # Valid filter fields are `days`. - # @param system_id - # @param content_type - # @param accept + # List System Insights User SSH Keys + # Valid filter fields are `system_id` and `uid`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_uptime_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_user_ssh_keys_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_uptime ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_uptime" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_uptime" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_uptime" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_uptime, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_user_ssh_keys ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_uptime, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_uptime, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/{system_id}/uptime".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/user_ssh_keys' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_uptime\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_user_ssh_keys\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights System Users - # Valid filter fields are `username`. - # @param system_id - # @param content_type - # @param accept + # List System Insights User Assist + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_system_users(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_system_users_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_userassist(opts = {}) + data, _status_code, _headers = systeminsights_list_userassist_with_http_info(opts) + data end - # List System Insights System Users - # Valid filter fields are `username`. - # @param system_id - # @param content_type - # @param accept + # List System Insights User Assist + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_system_users_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_userassist_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_system_users ..." - end - # verify the required parameter 'system_id' is set - if @api_client.config.client_side_validation && system_id.nil? - fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemInsightsApi.systeminsights_list_system_users" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_system_users" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_system_users" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_users, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_system_users, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_system_users, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_userassist ...' end - # resource path - local_var_path = "/systeminsights/{system_id}/users".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systeminsights/userassist' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || [] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_system_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_userassist\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Uptime - # Valid filter fields are `system_id` and `days`. - # @param content_type - # @param accept + # List System Insights Users + # Valid filter fields are `system_id` and `username`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_uptime(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_uptime_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_users(opts = {}) + data, _status_code, _headers = systeminsights_list_users_with_http_info(opts) + data end - # List System Insights Uptime - # Valid filter fields are `system_id` and `days`. - # @param content_type - # @param accept + # List System Insights Users + # Valid filter fields are `system_id` and `username`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_uptime_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_users_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_uptime ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_uptime" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_uptime" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_uptime, must be smaller than or equal to 100.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_users ...' end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_uptime, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_uptime, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/uptime" + local_var_path = '/systeminsights/users' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_uptime\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights USB Devices - # Valid filter fields are `system_id` and `model`. - # @param content_type - # @param accept + # List System Insights WiFi Networks + # Valid filter fields are `system_id` and `security_type`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) - # @option opts [String] :x_org_id (default to ) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - def systeminsights_list_usb_devices(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_usb_devices_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_wifi_networks(opts = {}) + data, _status_code, _headers = systeminsights_list_wifi_networks_with_http_info(opts) + data end - # List System Insights USB Devices - # Valid filter fields are `system_id` and `model`. - # @param content_type - # @param accept + # List System Insights WiFi Networks + # Valid filter fields are `system_id` and `security_type`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_usb_devices_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_wifi_networks_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_usb_devices ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_usb_devices" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_usb_devices" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_wifi_networks ...' end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_usb_devices, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_usb_devices, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_usb_devices, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/usb_devices" + local_var_path = '/systeminsights/wifi_networks' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_usb_devices\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_wifi_networks\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights User Groups - # Only valid filter field is `system_id`. - # @param content_type - # @param accept + # List System Insights WiFi Status + # Valid filter fields are `system_id` and `security_type`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) - # @option opts [String] :x_org_id (default to ) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - def systeminsights_list_user_groups(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_user_groups_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_wifi_status(opts = {}) + data, _status_code, _headers = systeminsights_list_wifi_status_with_http_info(opts) + data end - # List System Insights User Groups - # Only valid filter field is `system_id`. - # @param content_type - # @param accept + # List System Insights WiFi Status + # Valid filter fields are `system_id` and `security_type`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_user_groups_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_wifi_status_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_user_groups ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_user_groups" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_user_groups" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_wifi_status ...' end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_user_groups, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_user_groups, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_user_groups, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/user_groups" + local_var_path = '/systeminsights/wifi_status' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_user_groups\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_wifi_status\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Users - # Valid filter fields are `system_id` and `username`. - # @param content_type - # @param accept + # List System Insights Windows Security Center + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def systeminsights_list_users(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_users_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_windows_security_center(opts = {}) + data, _status_code, _headers = systeminsights_list_windows_security_center_with_http_info(opts) + data end - # List System Insights Users - # Valid filter fields are `system_id` and `username`. - # @param content_type - # @param accept + # List System Insights Windows Security Center + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_users_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_windows_security_center_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_users ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_users" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_users" + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_windows_security_center ...' end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_users, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_users, must be greater than or equal to 0.' - end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_users, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/users" + local_var_path = '/systeminsights/windows_security_center' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || [] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_windows_security_center\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # List System Insights Windows Crashes - # Valid filter fields are `system_id` and `type`. - # @param content_type - # @param accept + # List System Insights Windows Security Products + # Valid filter fields are `system_id` and `state`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit (default to 10) - # @option opts [String] :x_org_id (default to ) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - def systeminsights_list_windows_crashes(content_type, accept, opts = {}) - data, _status_code, _headers = systeminsights_list_windows_crashes_with_http_info(content_type, accept, opts) - return data + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit (default to 10) + # @return [Array] + def systeminsights_list_windows_security_products(opts = {}) + data, _status_code, _headers = systeminsights_list_windows_security_products_with_http_info(opts) + data end - # List System Insights Windows Crashes - # Valid filter fields are `system_id` and `type`. - # @param content_type - # @param accept + # List System Insights Windows Security Products + # Valid filter fields are `system_id` and `state`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def systeminsights_list_windows_crashes_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systeminsights_list_windows_security_products_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemInsightsApi.systeminsights_list_windows_crashes ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemInsightsApi.systeminsights_list_windows_crashes" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemInsightsApi.systeminsights_list_windows_crashes" - end - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 100 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_windows_crashes, must be smaller than or equal to 100.' - end - - if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 0 - fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SystemInsightsApi.systeminsights_list_windows_crashes, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: SystemInsightsApi.systeminsights_list_windows_security_products ...' end - - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemInsightsApi.systeminsights_list_windows_crashes, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systeminsights/windows_crashes" + local_var_path = '/systeminsights/windows_security_products' # query parameters - query_params = {} - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params = opts[:query_params] || {} query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_windows_crashes\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemInsightsApi#systeminsights_list_windows_security_products\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv2/lib/jcapiv2/api/systems_api.rb b/jcapiv2/lib/jcapiv2/api/systems_api.rb index 5cc8daf..5d4adda 100644 --- a/jcapiv2/lib/jcapiv2/api/systems_api.rb +++ b/jcapiv2/lib/jcapiv2/api/systems_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class SystemsApi attr_accessor :api_client @@ -19,683 +16,721 @@ class SystemsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List the associations of a System # This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_associations_list(system_id, content_type, accept, targets, opts = {}) - data, _status_code, _headers = graph_system_associations_list_with_http_info(system_id, content_type, accept, targets, opts) - return data + def graph_system_associations_list(system_id, targets, opts = {}) + data, _status_code, _headers = graph_system_associations_list_with_http_info(system_id, targets, opts) + data end # List the associations of a System - # This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_associations_list_with_http_info(system_id, content_type, accept, targets, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_associations_list_with_http_info(system_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.graph_system_associations_list ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.graph_system_associations_list ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.graph_system_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.graph_system_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.graph_system_associations_list" - end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling SystemsApi.graph_system_associations_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemsApi.graph_system_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systems/{system_id}/associations".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/associations'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemsApi#graph_system_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage associations of a System - # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGraphManagementReq] :body + # @option opts [GraphOperationSystem] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_system_associations_post(system_id, content_type, accept, opts = {}) - graph_system_associations_post_with_http_info(system_id, content_type, accept, opts) - return nil + def graph_system_associations_post(system_id, opts = {}) + graph_system_associations_post_with_http_info(system_id, opts) + nil end # Manage associations of a System - # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGraphManagementReq] :body + # @option opts [GraphOperationSystem] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_system_associations_post_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_system_associations_post_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.graph_system_associations_post ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.graph_system_associations_post ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.graph_system_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.graph_system_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.graph_system_associations_post" - end # resource path - local_var_path = "/systems/{system_id}/associations".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/associations'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemsApi#graph_system_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the parent Groups of a System # This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_system_member_of(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_member_of_with_http_info(system_id, content_type, accept, opts) - return data + def graph_system_member_of(system_id, opts = {}) + data, _status_code, _headers = graph_system_member_of_with_http_info(system_id, opts) + data end # List the parent Groups of a System - # This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_member_of_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_member_of_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.graph_system_member_of ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.graph_system_member_of ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.graph_system_member_of" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.graph_system_member_of" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.graph_system_member_of" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemsApi.graph_system_member_of, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systems/{system_id}/memberof".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/memberof'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemsApi#graph_system_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Commands bound to a System # This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array] - def graph_system_traverse_command(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_traverse_command_with_http_info(system_id, content_type, accept, opts) - return data + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array] + def graph_system_traverse_command(system_id, opts = {}) + data, _status_code, _headers = graph_system_traverse_command_with_http_info(system_id, opts) + data end # List the Commands bound to a System - # This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_traverse_command_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_traverse_command_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.graph_system_traverse_command ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.graph_system_traverse_command ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.graph_system_traverse_command" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.graph_system_traverse_command" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.graph_system_traverse_command" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemsApi.graph_system_traverse_command, must be greater than or equal to 0.' + if @api_client.config.client_side_validation && opts[:'details'] && !['v1'].include?(opts[:'details']) + fail ArgumentError, 'invalid value for "details", must be one of v1' end - # resource path - local_var_path = "/systems/{system_id}/commands".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/commands'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'details'] = opts[:'details'] if !opts[:'details'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemsApi#graph_system_traverse_command\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Policies bound to a System # This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_traverse_policy(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_traverse_policy_with_http_info(system_id, content_type, accept, opts) - return data + def graph_system_traverse_policy(system_id, opts = {}) + data, _status_code, _headers = graph_system_traverse_policy_with_http_info(system_id, opts) + data end # List the Policies bound to a System - # This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_traverse_policy_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_traverse_policy_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.graph_system_traverse_policy ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.graph_system_traverse_policy ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.graph_system_traverse_policy" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.graph_system_traverse_policy" + # resource path + local_var_path = '/systems/{system_id}/policies'.sub('{' + 'system_id' + '}', system_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemsApi#graph_system_traverse_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.graph_system_traverse_policy" + return data, status_code, headers + end + # List the Policy Groups bound to a System + # This endpoint will return all Policy Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param system_id ObjectID of the System. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + def graph_system_traverse_policy_group(system_id, opts = {}) + data, _status_code, _headers = graph_system_traverse_policy_group_with_http_info(system_id, opts) + data + end + + # List the Policy Groups bound to a System + # This endpoint will return all Policy Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param system_id ObjectID of the System. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_traverse_policy_group_with_http_info(system_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemsApi.graph_system_traverse_policy_group ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemsApi.graph_system_traverse_policy, must be greater than or equal to 0.' + # verify the required parameter 'system_id' is set + if @api_client.config.client_side_validation && system_id.nil? + fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.graph_system_traverse_policy_group" end - # resource path - local_var_path = "/systems/{system_id}/policies".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/policygroups'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? + header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: SystemsApi#graph_system_traverse_policy\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: SystemsApi#graph_system_traverse_policy_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Users bound to a System # This endpoint will return all Users bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_traverse_user(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_traverse_user_with_http_info(system_id, content_type, accept, opts) - return data + def graph_system_traverse_user(system_id, opts = {}) + data, _status_code, _headers = graph_system_traverse_user_with_http_info(system_id, opts) + data end # List the Users bound to a System - # This endpoint will return all Users bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_traverse_user_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_traverse_user_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.graph_system_traverse_user ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.graph_system_traverse_user ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.graph_system_traverse_user" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.graph_system_traverse_user" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.graph_system_traverse_user" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemsApi.graph_system_traverse_user, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systems/{system_id}/users".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/users'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemsApi#graph_system_traverse_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Groups bound to a System # This endpoint will return all User Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_system_traverse_user_group(system_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_system_traverse_user_group_with_http_info(system_id, content_type, accept, opts) - return data + def graph_system_traverse_user_group(system_id, opts = {}) + data, _status_code, _headers = graph_system_traverse_user_group_with_http_info(system_id, opts) + data end # List the User Groups bound to a System - # This endpoint will return all User Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_system_traverse_user_group_with_http_info(system_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_system_traverse_user_group_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.graph_system_traverse_user_group ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.graph_system_traverse_user_group ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.graph_system_traverse_user_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling SystemsApi.graph_system_traverse_user_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling SystemsApi.graph_system_traverse_user_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling SystemsApi.graph_system_traverse_user_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/systems/{system_id}/usergroups".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/usergroups'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? header_params[:'Date'] = opts[:'date'] if !opts[:'date'].nil? header_params[:'Authorization'] = opts[:'authorization'] if !opts[:'authorization'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemsApi#graph_system_traverse_user_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get System FDE Key # This endpoint will return the current (latest) fde key saved for a system. # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Systemfdekey] def systems_get_fde_key(system_id, opts = {}) data, _status_code, _headers = systems_get_fde_key_with_http_info(system_id, opts) - return data + data end # Get System FDE Key # This endpoint will return the current (latest) fde key saved for a system. # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(Systemfdekey, Fixnum, Hash)>] Systemfdekey data, response status code and response headers + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Systemfdekey, Integer, Hash)>] Systemfdekey data, response status code and response headers def systems_get_fde_key_with_http_info(system_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: SystemsApi.systems_get_fde_key ..." + @api_client.config.logger.debug 'Calling API: SystemsApi.systems_get_fde_key ...' end # verify the required parameter 'system_id' is set if @api_client.config.client_side_validation && system_id.nil? fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.systems_get_fde_key" end # resource path - local_var_path = "/systems/{system_id}/fdekey".sub('{' + 'system_id' + '}', system_id.to_s) + local_var_path = '/systems/{system_id}/fdekey'.sub('{' + 'system_id' + '}', system_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Systemfdekey' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Systemfdekey') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: SystemsApi#systems_get_fde_key\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # List the associated Software Application Statuses of a System + # This endpoint returns all the statuses of the associated Software Applications from the provided JumpCloud system ID. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{system_id}/softwareappstatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param system_id ObjectID of the System. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + def systems_list_software_apps_with_statuses(system_id, opts = {}) + data, _status_code, _headers = systems_list_software_apps_with_statuses_with_http_info(system_id, opts) + data + end + + # List the associated Software Application Statuses of a System + # This endpoint returns all the statuses of the associated Software Applications from the provided JumpCloud system ID. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{system_id}/softwareappstatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param system_id ObjectID of the System. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def systems_list_software_apps_with_statuses_with_http_info(system_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemsApi.systems_list_software_apps_with_statuses ...' + end + # verify the required parameter 'system_id' is set + if @api_client.config.client_side_validation && system_id.nil? + fail ArgumentError, "Missing the required parameter 'system_id' when calling SystemsApi.systems_list_software_apps_with_statuses" + end + # resource path + local_var_path = '/systems/{system_id}/softwareappstatuses'.sub('{' + 'system_id' + '}', system_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemsApi#systems_list_software_apps_with_statuses\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end end end diff --git a/jcapiv2/lib/jcapiv2/api/systems_organization_settings_api.rb b/jcapiv2/lib/jcapiv2/api/systems_organization_settings_api.rb new file mode 100644 index 0000000..d867123 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/api/systems_organization_settings_api.rb @@ -0,0 +1,131 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +module JCAPIv2 + class SystemsOrganizationSettingsApi + attr_accessor :api_client + + def initialize(api_client = ApiClient.default) + @api_client = api_client + end + # Get the Sign In with JumpCloud Settings + # Gets the Sign In with JumpCloud Settings for an Organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/devices/settings/signinwithjumpcloud \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :organization_object_id + # @return [DevicesGetSignInWithJumpCloudSettingsResponse] + def systems_org_settings_get_sign_in_with_jump_cloud_settings(opts = {}) + data, _status_code, _headers = systems_org_settings_get_sign_in_with_jump_cloud_settings_with_http_info(opts) + data + end + + # Get the Sign In with JumpCloud Settings + # Gets the Sign In with JumpCloud Settings for an Organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/devices/settings/signinwithjumpcloud \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :organization_object_id + # @return [Array<(DevicesGetSignInWithJumpCloudSettingsResponse, Integer, Hash)>] DevicesGetSignInWithJumpCloudSettingsResponse data, response status code and response headers + def systems_org_settings_get_sign_in_with_jump_cloud_settings_with_http_info(opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemsOrganizationSettingsApi.systems_org_settings_get_sign_in_with_jump_cloud_settings ...' + end + # resource path + local_var_path = '/devices/settings/signinwithjumpcloud' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'organizationObjectId'] = opts[:'organization_object_id'] if !opts[:'organization_object_id'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'DevicesGetSignInWithJumpCloudSettingsResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemsOrganizationSettingsApi#systems_org_settings_get_sign_in_with_jump_cloud_settings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Set the Sign In with JumpCloud Settings + # Sets the Sign In with JumpCloud Settings for an Organization. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/devices/settings/signinwithjumpcloud \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' \\ -d '{\"settings\":[{\"osFamily\":\"WINDOWS\",\"enabled\":true,\"defaultPermission\":\"STANDARD\"}]}' ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [Object] + def systems_org_settings_set_sign_in_with_jump_cloud_settings(body, opts = {}) + data, _status_code, _headers = systems_org_settings_set_sign_in_with_jump_cloud_settings_with_http_info(body, opts) + data + end + + # Set the Sign In with JumpCloud Settings + # Sets the Sign In with JumpCloud Settings for an Organization. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/devices/settings/signinwithjumpcloud \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' \\ -d '{\"settings\":[{\"osFamily\":\"WINDOWS\",\"enabled\":true,\"defaultPermission\":\"STANDARD\"}]}' ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [Array<(Object, Integer, Hash)>] Object data, response status code and response headers + def systems_org_settings_set_sign_in_with_jump_cloud_settings_with_http_info(body, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SystemsOrganizationSettingsApi.systems_org_settings_set_sign_in_with_jump_cloud_settings ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SystemsOrganizationSettingsApi.systems_org_settings_set_sign_in_with_jump_cloud_settings" + end + # resource path + local_var_path = '/devices/settings/signinwithjumpcloud' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'Object' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SystemsOrganizationSettingsApi#systems_org_settings_set_sign_in_with_jump_cloud_settings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + end +end diff --git a/jcapiv2/lib/jcapiv2/api/user_group_associations_api.rb b/jcapiv2/lib/jcapiv2/api/user_group_associations_api.rb index 50ce227..a2f9fa3 100644 --- a/jcapiv2/lib/jcapiv2/api/user_group_associations_api.rb +++ b/jcapiv2/lib/jcapiv2/api/user_group_associations_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class UserGroupAssociationsApi attr_accessor :api_client @@ -19,928 +16,746 @@ class UserGroupAssociationsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List the associations of a User Group. # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_group_associations_list(group_id, content_type, accept, targets, opts = {}) - data, _status_code, _headers = graph_user_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts) - return data + def graph_user_group_associations_list(group_id, targets, opts = {}) + data, _status_code, _headers = graph_user_group_associations_list_with_http_info(group_id, targets, opts) + data end # List the associations of a User Group. - # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_associations_list_with_http_info(group_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_associations_list ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_associations_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_associations_list" - end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling UserGroupAssociationsApi.graph_user_group_associations_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupAssociationsApi.graph_user_group_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a User Group - # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupGraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationUserGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_user_group_associations_post(group_id, content_type, accept, opts = {}) - graph_user_group_associations_post_with_http_info(group_id, content_type, accept, opts) - return nil + def graph_user_group_associations_post(group_id, opts = {}) + graph_user_group_associations_post_with_http_info(group_id, opts) + nil end # Manage the associations of a User Group - # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupGraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_user_group_associations_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [GraphOperationUserGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_user_group_associations_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_associations_post ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_associations_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_associations_post" - end # resource path - local_var_path = "/usergroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Active Directories bound to a User Group # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_active_directory(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_active_directory_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_active_directory(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_active_directory_with_http_info(group_id, opts) + data end # List the Active Directories bound to a User Group - # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_active_directory_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_active_directory_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_traverse_active_directory ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_traverse_active_directory ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_traverse_active_directory" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_traverse_active_directory" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_traverse_active_directory" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupAssociationsApi.graph_user_group_traverse_active_directory, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/activedirectories".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/activedirectories'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_traverse_active_directory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Applications bound to a User Group # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_application(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_application_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_application(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_application_with_http_info(group_id, opts) + data end # List the Applications bound to a User Group - # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_application_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_application_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_traverse_application ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_traverse_application ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_traverse_application" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_traverse_application" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_traverse_application" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupAssociationsApi.graph_user_group_traverse_application, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/applications".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/applications'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_traverse_application\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Directories bound to a User Group # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_directory(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_directory_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_directory(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_directory_with_http_info(group_id, opts) + data end # List the Directories bound to a User Group - # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_directory_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_directory_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_traverse_directory ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_traverse_directory ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_traverse_directory" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_traverse_directory" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_traverse_directory" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupAssociationsApi.graph_user_group_traverse_directory, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/directories".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/directories'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_traverse_directory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the G Suite instances bound to a User Group # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_g_suite(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_g_suite_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_g_suite(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_g_suite_with_http_info(group_id, opts) + data end # List the G Suite instances bound to a User Group - # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_g_suite_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_g_suite_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_traverse_g_suite ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_traverse_g_suite ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_traverse_g_suite" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_traverse_g_suite" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_traverse_g_suite" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupAssociationsApi.graph_user_group_traverse_g_suite, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/gsuites".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/gsuites'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_traverse_g_suite\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the LDAP Servers bound to a User Group # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_ldap_server(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_ldap_server_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_ldap_server(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_ldap_server_with_http_info(group_id, opts) + data end # List the LDAP Servers bound to a User Group - # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_ldap_server_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_ldap_server_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_traverse_ldap_server ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_traverse_ldap_server ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_traverse_ldap_server" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_traverse_ldap_server" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_traverse_ldap_server" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupAssociationsApi.graph_user_group_traverse_ldap_server, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/ldapservers".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/ldapservers'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_traverse_ldap_server\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Office 365 instances bound to a User Group # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_office365(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_office365_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_office365(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_office365_with_http_info(group_id, opts) + data end # List the Office 365 instances bound to a User Group - # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_office365_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_office365_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_traverse_office365 ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_traverse_office365 ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_traverse_office365" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_traverse_office365" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_traverse_office365" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupAssociationsApi.graph_user_group_traverse_office365, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/office365s".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/office365s'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_traverse_office365\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the RADIUS Servers bound to a User Group # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_radius_server(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_radius_server_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_radius_server(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_radius_server_with_http_info(group_id, opts) + data end # List the RADIUS Servers bound to a User Group - # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_radius_server_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_radius_server_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_traverse_radius_server ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_traverse_radius_server ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_traverse_radius_server" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_traverse_radius_server" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_traverse_radius_server" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupAssociationsApi.graph_user_group_traverse_radius_server, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/radiusservers".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/radiusservers'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_traverse_radius_server\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Systems bound to a User Group # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_system(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_system_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_system(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_system_with_http_info(group_id, opts) + data end # List the Systems bound to a User Group - # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_system_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_system_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_traverse_system ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_traverse_system ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_traverse_system" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_traverse_system" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_traverse_system" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupAssociationsApi.graph_user_group_traverse_system, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/systems".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/systems'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the System Groups bound to User Groups # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_system_group(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_system_group_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_system_group(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_system_group_with_http_info(group_id, opts) + data end # List the System Groups bound to User Groups - # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_system_group_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_system_group_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupAssociationsApi.graph_user_group_traverse_system_group ..." + @api_client.config.logger.debug 'Calling API: UserGroupAssociationsApi.graph_user_group_traverse_system_group ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupAssociationsApi.graph_user_group_traverse_system_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupAssociationsApi.graph_user_group_traverse_system_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupAssociationsApi.graph_user_group_traverse_system_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupAssociationsApi.graph_user_group_traverse_system_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/systemgroups".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/systemgroups'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupAssociationsApi#graph_user_group_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/user_group_members_membership_api.rb b/jcapiv2/lib/jcapiv2/api/user_group_members_membership_api.rb index 9900c7f..d43a048 100644 --- a/jcapiv2/lib/jcapiv2/api/user_group_members_membership_api.rb +++ b/jcapiv2/lib/jcapiv2/api/user_group_members_membership_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class UserGroupMembersMembershipApi attr_accessor :api_client @@ -19,332 +16,198 @@ class UserGroupMembersMembershipApi def initialize(api_client = ApiClient.default) @api_client = api_client end - - # List the User Group's parents - # This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, - # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def graph_user_group_member_of(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_member_of_with_http_info(group_id, content_type, accept, opts) - return data - end - - # List the User Group's parents - # This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, - # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_member_of_with_http_info(group_id, content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupMembersMembershipApi.graph_user_group_member_of ..." - end - # verify the required parameter 'group_id' is set - if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupMembersMembershipApi.graph_user_group_member_of" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupMembersMembershipApi.graph_user_group_member_of" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupMembersMembershipApi.graph_user_group_member_of" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupMembersMembershipApi.graph_user_group_member_of, must be greater than or equal to 0.' - end - - # resource path - local_var_path = "/usergroups/{group_id}/memberof".sub('{' + 'group_id' + '}', group_id.to_s) - - # query parameters - query_params = {} - query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names, - :return_type => 'Array') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: UserGroupMembersMembershipApi#graph_user_group_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - # List the members of a User Group # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_group_members_list(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_members_list_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_members_list(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_members_list_with_http_info(group_id, opts) + data end # List the members of a User Group - # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_members_list_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_members_list_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupMembersMembershipApi.graph_user_group_members_list ..." + @api_client.config.logger.debug 'Calling API: UserGroupMembersMembershipApi.graph_user_group_members_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupMembersMembershipApi.graph_user_group_members_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupMembersMembershipApi.graph_user_group_members_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupMembersMembershipApi.graph_user_group_members_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupMembersMembershipApi.graph_user_group_members_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupMembersMembershipApi#graph_user_group_members_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the members of a User Group - # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupMembersReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationUserGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_user_group_members_post(group_id, content_type, accept, opts = {}) - graph_user_group_members_post_with_http_info(group_id, content_type, accept, opts) - return nil + def graph_user_group_members_post(group_id, opts = {}) + graph_user_group_members_post_with_http_info(group_id, opts) + nil end # Manage the members of a User Group - # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupMembersReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_user_group_members_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [GraphOperationUserGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_user_group_members_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupMembersMembershipApi.graph_user_group_members_post ..." + @api_client.config.logger.debug 'Calling API: UserGroupMembersMembershipApi.graph_user_group_members_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupMembersMembershipApi.graph_user_group_members_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupMembersMembershipApi.graph_user_group_members_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupMembersMembershipApi.graph_user_group_members_post" - end # resource path - local_var_path = "/usergroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupMembersMembershipApi#graph_user_group_members_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Group's membership # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_group_membership(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_membership_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_membership(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_membership_with_http_info(group_id, opts) + data end - # List the User Group's membership - # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the User Group's membership + # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_membership_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_membership_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupMembersMembershipApi.graph_user_group_membership ..." + @api_client.config.logger.debug 'Calling API: UserGroupMembersMembershipApi.graph_user_group_membership ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupMembersMembershipApi.graph_user_group_membership" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupMembersMembershipApi.graph_user_group_membership" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupMembersMembershipApi.graph_user_group_membership" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupMembersMembershipApi.graph_user_group_membership, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/membership".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/membership'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupMembersMembershipApi#graph_user_group_membership\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api/user_groups_api.rb b/jcapiv2/lib/jcapiv2/api/user_groups_api.rb index 5a26941..8a0614f 100644 --- a/jcapiv2/lib/jcapiv2/api/user_groups_api.rb +++ b/jcapiv2/lib/jcapiv2/api/user_groups_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class UserGroupsApi attr_accessor :api_client @@ -19,1458 +16,1100 @@ class UserGroupsApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List the associations of a User Group. # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_group_associations_list(group_id, content_type, accept, targets, opts = {}) - data, _status_code, _headers = graph_user_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts) - return data + def graph_user_group_associations_list(group_id, targets, opts = {}) + data, _status_code, _headers = graph_user_group_associations_list_with_http_info(group_id, targets, opts) + data end # List the associations of a User Group. - # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_associations_list_with_http_info(group_id, content_type, accept, targets, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_associations_list_with_http_info(group_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_associations_list ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_associations_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_associations_list" - end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling UserGroupsApi.graph_user_group_associations_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a User Group - # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupGraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationUserGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_user_group_associations_post(group_id, content_type, accept, opts = {}) - graph_user_group_associations_post_with_http_info(group_id, content_type, accept, opts) - return nil + def graph_user_group_associations_post(group_id, opts = {}) + graph_user_group_associations_post_with_http_info(group_id, opts) + nil end # Manage the associations of a User Group - # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupGraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_user_group_associations_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [GraphOperationUserGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_user_group_associations_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_associations_post ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_associations_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_associations_post" - end # resource path - local_var_path = "/usergroups/{group_id}/associations".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/associations'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:POST, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names) - if @api_client.config.debugging - @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) - # List the User Group's parents - # This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, - # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) - # @return [Array] - def graph_user_group_member_of(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_member_of_with_http_info(group_id, content_type, accept, opts) - return data - end + return_type = opts[:return_type] - # List the User Group's parents - # This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, - # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_member_of_with_http_info(group_id, content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_member_of ..." - end - # verify the required parameter 'group_id' is set - if @api_client.config.client_side_validation && group_id.nil? - fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_member_of" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_member_of" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_member_of" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_member_of, must be greater than or equal to 0.' - end - - # resource path - local_var_path = "/usergroups/{group_id}/memberof".sub('{' + 'group_id' + '}', group_id.to_s) - - # query parameters - query_params = {} - query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? - query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? - query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? - query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the members of a User Group # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_group_members_list(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_members_list_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_members_list(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_members_list_with_http_info(group_id, opts) + data end # List the members of a User Group - # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_members_list_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_members_list_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_members_list ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_members_list ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_members_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_members_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_members_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_members_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_members_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the members of a User Group - # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupMembersReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationUserGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_user_group_members_post(group_id, content_type, accept, opts = {}) - graph_user_group_members_post_with_http_info(group_id, content_type, accept, opts) - return nil + def graph_user_group_members_post(group_id, opts = {}) + graph_user_group_members_post_with_http_info(group_id, opts) + nil end # Manage the members of a User Group - # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupMembersReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_user_group_members_post_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [GraphOperationUserGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_user_group_members_post_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_members_post ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_members_post ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_members_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_members_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_members_post" - end # resource path - local_var_path = "/usergroups/{group_id}/members".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/members'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_members_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the User Group's membership # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_group_membership(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_membership_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_membership(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_membership_with_http_info(group_id, opts) + data end - # List the User Group's membership - # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the User Group's membership + # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_membership_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_membership_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_membership ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_membership ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_membership" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_membership" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_membership" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_membership, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/membership".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/membership'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_membership\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Active Directories bound to a User Group # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_active_directory(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_active_directory_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_active_directory(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_active_directory_with_http_info(group_id, opts) + data end # List the Active Directories bound to a User Group - # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_active_directory_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_active_directory_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_traverse_active_directory ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_traverse_active_directory ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_traverse_active_directory" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_traverse_active_directory" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_traverse_active_directory" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_traverse_active_directory, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/activedirectories".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/activedirectories'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_traverse_active_directory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Applications bound to a User Group # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_application(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_application_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_application(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_application_with_http_info(group_id, opts) + data end # List the Applications bound to a User Group - # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_application_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_application_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_traverse_application ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_traverse_application ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_traverse_application" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_traverse_application" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_traverse_application" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_traverse_application, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/applications".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/applications'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_traverse_application\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Directories bound to a User Group # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_directory(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_directory_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_directory(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_directory_with_http_info(group_id, opts) + data end # List the Directories bound to a User Group - # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_directory_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_directory_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_traverse_directory ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_traverse_directory ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_traverse_directory" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_traverse_directory" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_traverse_directory" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_traverse_directory, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/directories".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/directories'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_traverse_directory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the G Suite instances bound to a User Group # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_g_suite(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_g_suite_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_g_suite(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_g_suite_with_http_info(group_id, opts) + data end # List the G Suite instances bound to a User Group - # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_g_suite_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_g_suite_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_traverse_g_suite ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_traverse_g_suite ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_traverse_g_suite" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_traverse_g_suite" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_traverse_g_suite" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_traverse_g_suite, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/gsuites".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/gsuites'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_traverse_g_suite\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the LDAP Servers bound to a User Group # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_ldap_server(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_ldap_server_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_ldap_server(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_ldap_server_with_http_info(group_id, opts) + data end # List the LDAP Servers bound to a User Group - # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_ldap_server_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_ldap_server_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_traverse_ldap_server ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_traverse_ldap_server ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_traverse_ldap_server" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_traverse_ldap_server" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_traverse_ldap_server" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_traverse_ldap_server, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/ldapservers".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/ldapservers'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_traverse_ldap_server\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Office 365 instances bound to a User Group # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_office365(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_office365_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_office365(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_office365_with_http_info(group_id, opts) + data end # List the Office 365 instances bound to a User Group - # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_office365_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_office365_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_traverse_office365 ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_traverse_office365 ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_traverse_office365" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_traverse_office365" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_traverse_office365" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_traverse_office365, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/office365s".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/office365s'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_traverse_office365\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the RADIUS Servers bound to a User Group # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_radius_server(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_radius_server_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_radius_server(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_radius_server_with_http_info(group_id, opts) + data end # List the RADIUS Servers bound to a User Group - # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_radius_server_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_radius_server_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_traverse_radius_server ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_traverse_radius_server ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_traverse_radius_server" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_traverse_radius_server" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_traverse_radius_server" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_traverse_radius_server, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/radiusservers".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/radiusservers'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_traverse_radius_server\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Systems bound to a User Group # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_system(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_system_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_system(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_system_with_http_info(group_id, opts) + data end # List the Systems bound to a User Group - # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_system_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_system_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_traverse_system ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_traverse_system ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_traverse_system" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_traverse_system" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_traverse_system" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_traverse_system, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/systems".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/systems'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the System Groups bound to User Groups # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_group_traverse_system_group(group_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_group_traverse_system_group_with_http_info(group_id, content_type, accept, opts) - return data + def graph_user_group_traverse_system_group(group_id, opts = {}) + data, _status_code, _headers = graph_user_group_traverse_system_group_with_http_info(group_id, opts) + data end # List the System Groups bound to User Groups - # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_group_traverse_system_group_with_http_info(group_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_group_traverse_system_group_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.graph_user_group_traverse_system_group ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.graph_user_group_traverse_system_group ...' end # verify the required parameter 'group_id' is set if @api_client.config.client_side_validation && group_id.nil? fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.graph_user_group_traverse_system_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.graph_user_group_traverse_system_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.graph_user_group_traverse_system_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.graph_user_group_traverse_system_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups/{group_id}/systemgroups".sub('{' + 'group_id' + '}', group_id.to_s) + local_var_path = '/usergroups/{group_id}/systemgroups'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#graph_user_group_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Delete a User Group # This endpoint allows you to delete a User Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/usergroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def groups_user_delete(id, content_type, accept, opts = {}) - groups_user_delete_with_http_info(id, content_type, accept, opts) - return nil + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [UserGroup] + def groups_user_delete(id, opts = {}) + data, _status_code, _headers = groups_user_delete_with_http_info(id, opts) + data end # Delete a User Group - # This endpoint allows you to delete a User Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/usergroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a User Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/usergroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def groups_user_delete_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(UserGroup, Integer, Hash)>] UserGroup data, response status code and response headers + def groups_user_delete_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.groups_user_delete ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.groups_user_delete ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling UserGroupsApi.groups_user_delete" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.groups_user_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.groups_user_delete" - end # resource path - local_var_path = "/usergroups/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/usergroups/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'UserGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#groups_user_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # View an individual User Group details # This endpoint returns the details of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [UserGroup] - def groups_user_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = groups_user_get_with_http_info(id, content_type, accept, opts) - return data + def groups_user_get(id, opts = {}) + data, _status_code, _headers = groups_user_get_with_http_info(id, opts) + data end # View an individual User Group details - # This endpoint returns the details of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the details of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(UserGroup, Fixnum, Hash)>] UserGroup data, response status code and response headers - def groups_user_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(UserGroup, Integer, Hash)>] UserGroup data, response status code and response headers + def groups_user_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.groups_user_get ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.groups_user_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling UserGroupsApi.groups_user_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.groups_user_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.groups_user_get" - end # resource path - local_var_path = "/usergroups/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/usergroups/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'UserGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'UserGroup') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#groups_user_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List all User Groups - # This endpoint returns all User Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all User Groups. Available filter fields: - `name` - `disabled` - `type` - `suggestionCounts.add` - `suggestionCounts.remove` - `suggestionCounts.total` - `attributes.sudo.enabled` - `attributes.sudo.withoutPassword` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def groups_user_list(content_type, accept, opts = {}) - data, _status_code, _headers = groups_user_list_with_http_info(content_type, accept, opts) - return data + def groups_user_list(opts = {}) + data, _status_code, _headers = groups_user_list_with_http_info(opts) + data end # List all User Groups - # This endpoint returns all User Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all User Groups. Available filter fields: - `name` - `disabled` - `type` - `suggestionCounts.add` - `suggestionCounts.remove` - `suggestionCounts.total` - `attributes.sudo.enabled` - `attributes.sudo.withoutPassword` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def groups_user_list_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def groups_user_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.groups_user_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.groups_user_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.groups_user_list" + @api_client.config.logger.debug 'Calling API: UserGroupsApi.groups_user_list ...' end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UserGroupsApi.groups_user_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/usergroups" + local_var_path = '/usergroups' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? @@ -1478,246 +1117,282 @@ def groups_user_list_with_http_info(content_type, accept, opts = {}) query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UserGroupsApi#groups_user_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Partial update a User Group - # We have hidden PATCH on the systemgroups and usergroups for now; we don't have that implemented correctly yet, people should use PUT until we do a true PATCH operation. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{id} ``` - # @param id ObjectID of the User Group. - # @param content_type - # @param accept + # Create a new User Group + # This endpoint allows you to create a new User Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` # @param [Hash] opts the optional parameters # @option opts [UserGroupPost] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [UserGroup] - def groups_user_patch(id, content_type, accept, opts = {}) - data, _status_code, _headers = groups_user_patch_with_http_info(id, content_type, accept, opts) - return data + def groups_user_post(opts = {}) + data, _status_code, _headers = groups_user_post_with_http_info(opts) + data end - # Partial update a User Group - # We have hidden PATCH on the systemgroups and usergroups for now; we don't have that implemented correctly yet, people should use PUT until we do a true PATCH operation. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{id} ``` - # @param id ObjectID of the User Group. - # @param content_type - # @param accept + # Create a new User Group + # This endpoint allows you to create a new User Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` # @param [Hash] opts the optional parameters # @option opts [UserGroupPost] :body - # @option opts [String] :x_org_id - # @return [Array<(UserGroup, Fixnum, Hash)>] UserGroup data, response status code and response headers - def groups_user_patch_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(UserGroup, Integer, Hash)>] UserGroup data, response status code and response headers + def groups_user_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.groups_user_patch ..." - end - # verify the required parameter 'id' is set - if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling UserGroupsApi.groups_user_patch" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.groups_user_patch" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.groups_user_patch" + @api_client.config.logger.debug 'Calling API: UserGroupsApi.groups_user_post ...' end # resource path - local_var_path = "/usergroups/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/usergroups' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'UserGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'UserGroup') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: UserGroupsApi#groups_user_patch\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: UserGroupsApi#groups_user_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Create a new User Group - # This endpoint allows you to create a new User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` - # @param content_type - # @param accept + # Update a User Group + # This endpoint allows you to do a full update of the User Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"group_update\" }' ``` + # @param id ObjectID of the User Group. # @param [Hash] opts the optional parameters - # @option opts [UserGroupPost] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [UserGroupPut] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [UserGroup] - def groups_user_post(content_type, accept, opts = {}) - data, _status_code, _headers = groups_user_post_with_http_info(content_type, accept, opts) - return data + def groups_user_put(id, opts = {}) + data, _status_code, _headers = groups_user_put_with_http_info(id, opts) + data end - # Create a new User Group - # This endpoint allows you to create a new User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` - # @param content_type - # @param accept + # Update a User Group + # This endpoint allows you to do a full update of the User Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"group_update\" }' ``` + # @param id ObjectID of the User Group. # @param [Hash] opts the optional parameters - # @option opts [UserGroupPost] :body - # @option opts [String] :x_org_id - # @return [Array<(UserGroup, Fixnum, Hash)>] UserGroup data, response status code and response headers - def groups_user_post_with_http_info(content_type, accept, opts = {}) + # @option opts [UserGroupPut] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(UserGroup, Integer, Hash)>] UserGroup data, response status code and response headers + def groups_user_put_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.groups_user_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.groups_user_post" + @api_client.config.logger.debug 'Calling API: UserGroupsApi.groups_user_put ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.groups_user_post" + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling UserGroupsApi.groups_user_put" end # resource path - local_var_path = "/usergroups" + local_var_path = '/usergroups/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:POST, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'UserGroup' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'UserGroup') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: UserGroupsApi#groups_user_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: UserGroupsApi#groups_user_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - - # Update a User Group - # This endpoint allows you to do a full update of the User Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY' \\ -d '{ \"name\": \"group_update\" }' ``` - # @param id ObjectID of the User Group. - # @param content_type - # @param accept + # List Suggestions for a User Group + # This endpoint returns available suggestions for a given group #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ID of the group # @param [Hash] opts the optional parameters - # @option opts [UserGroupPut] :body - # @option opts [String] :x_org_id (default to ) - # @return [UserGroup] - def groups_user_put(id, content_type, accept, opts = {}) - data, _status_code, _headers = groups_user_put_with_http_info(id, content_type, accept, opts) - return data + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def groups_user_suggestions_get(group_id, opts = {}) + data, _status_code, _headers = groups_user_suggestions_get_with_http_info(group_id, opts) + data end - # Update a User Group - # This endpoint allows you to do a full update of the User Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY' \\ -d '{ \"name\": \"group_update\" }' ``` - # @param id ObjectID of the User Group. - # @param content_type - # @param accept + # List Suggestions for a User Group + # This endpoint returns available suggestions for a given group #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ID of the group # @param [Hash] opts the optional parameters - # @option opts [UserGroupPut] :body - # @option opts [String] :x_org_id - # @return [Array<(UserGroup, Fixnum, Hash)>] UserGroup data, response status code and response headers - def groups_user_put_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def groups_user_suggestions_get_with_http_info(group_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UserGroupsApi.groups_user_put ..." + @api_client.config.logger.debug 'Calling API: UserGroupsApi.groups_user_suggestions_get ...' end - # verify the required parameter 'id' is set - if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling UserGroupsApi.groups_user_put" + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.groups_user_suggestions_get" + end + # resource path + local_var_path = '/usergroups/{group_id}/suggestions'.sub('{' + 'group_id' + '}', group_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: UserGroupsApi#groups_user_suggestions_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UserGroupsApi.groups_user_put" + return data, status_code, headers + end + # Apply Suggestions for a User Group + # This endpoint applies the suggestions for the specified user group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"user_ids\": [\"212345678901234567890123\", \"123456789012345678901234\"] }' ``` + # @param body + # @param group_id ID of the group + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def groups_user_suggestions_post(body, group_id, opts = {}) + data, _status_code, _headers = groups_user_suggestions_post_with_http_info(body, group_id, opts) + data + end + + # Apply Suggestions for a User Group + # This endpoint applies the suggestions for the specified user group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"user_ids\": [\"212345678901234567890123\", \"123456789012345678901234\"] }' ``` + # @param body + # @param group_id ID of the group + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def groups_user_suggestions_post_with_http_info(body, group_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: UserGroupsApi.groups_user_suggestions_post ...' end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UserGroupsApi.groups_user_put" + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling UserGroupsApi.groups_user_suggestions_post" + end + # verify the required parameter 'group_id' is set + if @api_client.config.client_side_validation && group_id.nil? + fail ArgumentError, "Missing the required parameter 'group_id' when calling UserGroupsApi.groups_user_suggestions_post" end # resource path - local_var_path = "/usergroups/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/usergroups/{group_id}/suggestions'.sub('{' + 'group_id' + '}', group_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:PUT, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(body) + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'UserGroup') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: UserGroupsApi#groups_user_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: UserGroupsApi#groups_user_suggestions_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv2/lib/jcapiv2/api/users_api.rb b/jcapiv2/lib/jcapiv2/api/users_api.rb index a9c5a3b..e6ae31c 100644 --- a/jcapiv2/lib/jcapiv2/api/users_api.rb +++ b/jcapiv2/lib/jcapiv2/api/users_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class UsersApi attr_accessor :api_client @@ -19,1006 +16,1077 @@ class UsersApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # List the associations of a User # This endpoint returns the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_associations_list(user_id, content_type, accept, targets, opts = {}) - data, _status_code, _headers = graph_user_associations_list_with_http_info(user_id, content_type, accept, targets, opts) - return data + def graph_user_associations_list(user_id, targets, opts = {}) + data, _status_code, _headers = graph_user_associations_list_with_http_info(user_id, targets, opts) + data end # List the associations of a User - # This endpoint returns the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_associations_list_with_http_info(user_id, content_type, accept, targets, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_associations_list_with_http_info(user_id, targets, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_associations_list ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_associations_list ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_associations_list" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_associations_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_associations_list" - end # verify the required parameter 'targets' is set if @api_client.config.client_side_validation && targets.nil? fail ArgumentError, "Missing the required parameter 'targets' when calling UsersApi.graph_user_associations_list" end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UsersApi.graph_user_associations_list, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/associations".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/associations'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'targets'] = @api_client.build_collection_param(targets, :csv) query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_associations_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Manage the associations of a User - # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' + # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGraphManagementReq] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [GraphOperationUser] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def graph_user_associations_post(user_id, content_type, accept, opts = {}) - graph_user_associations_post_with_http_info(user_id, content_type, accept, opts) - return nil + def graph_user_associations_post(user_id, opts = {}) + graph_user_associations_post_with_http_info(user_id, opts) + nil end # Manage the associations of a User - # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' + # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGraphManagementReq] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def graph_user_associations_post_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [GraphOperationUser] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def graph_user_associations_post_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_associations_post ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_associations_post ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_associations_post" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_associations_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_associations_post" - end # resource path - local_var_path = "/users/{user_id}/associations".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/associations'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_associations_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the parent Groups of a User # This endpoint returns all the User Groups a User is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def graph_user_member_of(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_member_of_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_member_of(user_id, opts = {}) + data, _status_code, _headers = graph_user_member_of_with_http_info(user_id, opts) + data end # List the parent Groups of a User - # This endpoint returns all the User Groups a User is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all the User Groups a User is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_member_of_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_member_of_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_member_of ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_member_of ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_member_of" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_member_of" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_member_of" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UsersApi.graph_user_member_of, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/memberof".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/memberof'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_member_of\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # List the Active Directory instances bound to a User + # This endpoint will return all Active Directory Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Active Directory instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param user_id ObjectID of the User. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. (default to 0) + # @return [Array] + def graph_user_traverse_active_directory(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_active_directory_with_http_info(user_id, opts) + data + end + + # List the Active Directory instances bound to a User + # This endpoint will return all Active Directory Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Active Directory instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param user_id ObjectID of the User. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_active_directory_with_http_info(user_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_traverse_active_directory ...' + end + # verify the required parameter 'user_id' is set + if @api_client.config.client_side_validation && user_id.nil? + fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_traverse_active_directory" + end + # resource path + local_var_path = '/users/{user_id}/activedirectories'.sub('{' + 'user_id' + '}', user_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? + query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? + query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: UsersApi#graph_user_traverse_active_directory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end # List the Applications bound to a User # This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_application(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_application_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_application(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_application_with_http_info(user_id, opts) + data end # List the Applications bound to a User - # This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_application_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_application_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_traverse_application ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_traverse_application ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_traverse_application" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_traverse_application" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_traverse_application" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UsersApi.graph_user_traverse_application, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/applications".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/applications'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_traverse_application\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Directories bound to a User # This endpoint will return all Directories bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directory from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_directory(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_directory_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_directory(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_directory_with_http_info(user_id, opts) + data end # List the Directories bound to a User - # This endpoint will return all Directories bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directory from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Directories bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directory from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_directory_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_directory_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_traverse_directory ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_traverse_directory ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_traverse_directory" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_traverse_directory" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_traverse_directory" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UsersApi.graph_user_traverse_directory, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/directories".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/directories'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_traverse_directory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the G Suite instances bound to a User # This endpoint will return all G-Suite Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_g_suite(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_g_suite_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_g_suite(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_g_suite_with_http_info(user_id, opts) + data end # List the G Suite instances bound to a User - # This endpoint will return all G-Suite Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all G-Suite Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_g_suite_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_g_suite_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_traverse_g_suite ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_traverse_g_suite ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_traverse_g_suite" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_traverse_g_suite" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_traverse_g_suite" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UsersApi.graph_user_traverse_g_suite, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/gsuites".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/gsuites'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_traverse_g_suite\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the LDAP servers bound to a User # This endpoint will return all LDAP Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_ldap_server(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_ldap_server_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_ldap_server(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_ldap_server_with_http_info(user_id, opts) + data end # List the LDAP servers bound to a User - # This endpoint will return all LDAP Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all LDAP Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_ldap_server_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_ldap_server_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_traverse_ldap_server ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_traverse_ldap_server ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_traverse_ldap_server" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_traverse_ldap_server" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_traverse_ldap_server" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UsersApi.graph_user_traverse_ldap_server, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/ldapservers".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/ldapservers'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_traverse_ldap_server\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Office 365 instances bound to a User # This endpoint will return all Office 365 Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_office365(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_office365_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_office365(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_office365_with_http_info(user_id, opts) + data end # List the Office 365 instances bound to a User - # This endpoint will return all Office 365 Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Office 365 Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_office365_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_office365_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_traverse_office365 ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_traverse_office365 ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_traverse_office365" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_traverse_office365" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_traverse_office365" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UsersApi.graph_user_traverse_office365, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/office365s".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/office365s'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_traverse_office365\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the RADIUS Servers bound to a User # This endpoint will return all RADIUS Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_radius_server(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_radius_server_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_radius_server(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_radius_server_with_http_info(user_id, opts) + data end # List the RADIUS Servers bound to a User - # This endpoint will return all RADIUS Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all RADIUS Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_radius_server_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_radius_server_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_traverse_radius_server ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_traverse_radius_server ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_traverse_radius_server" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_traverse_radius_server" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_traverse_radius_server" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UsersApi.graph_user_traverse_radius_server, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/radiusservers".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/radiusservers'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_traverse_radius_server\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the Systems bound to a User # This endpoint will return all Systems bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systems\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_system(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_system_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_system(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_system_with_http_info(user_id, opts) + data end # List the Systems bound to a User - # This endpoint will return all Systems bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systems\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systems\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_system_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_system_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_traverse_system ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_traverse_system ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_traverse_system" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_traverse_system" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_traverse_system" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UsersApi.graph_user_traverse_system, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/systems".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/systems'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_traverse_system\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List the System Groups bound to a User # This endpoint will return all System Groups bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systemgroups\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - def graph_user_traverse_system_group(user_id, content_type, accept, opts = {}) - data, _status_code, _headers = graph_user_traverse_system_group_with_http_info(user_id, content_type, accept, opts) - return data + def graph_user_traverse_system_group(user_id, opts = {}) + data, _status_code, _headers = graph_user_traverse_system_group_with_http_info(user_id, opts) + data end # List the System Groups bound to a User - # This endpoint will return all System Groups bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systemgroups\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systemgroups\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def graph_user_traverse_system_group_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def graph_user_traverse_system_group_with_http_info(user_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.graph_user_traverse_system_group ..." + @api_client.config.logger.debug 'Calling API: UsersApi.graph_user_traverse_system_group ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.graph_user_traverse_system_group" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.graph_user_traverse_system_group" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.graph_user_traverse_system_group" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling UsersApi.graph_user_traverse_system_group, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/users/{user_id}/systemgroups".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/systemgroups'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: UsersApi#graph_user_traverse_system_group\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end + # Delete a Push Endpoint associated with a User + # This endpoint will delete a push endpoint associated with a user. + # @param user_id + # @param push_endpoint_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PushEndpointResponse] + def push_endpoints_delete(user_id, push_endpoint_id, opts = {}) + data, _status_code, _headers = push_endpoints_delete_with_http_info(user_id, push_endpoint_id, opts) + data + end - # Send User Emails - # This endpoint allows you to send a specific email to a user without waiting for or triggering a workflow. - # @param user_id ObjectID of the User. - # @param content_type - # @param accept + # Delete a Push Endpoint associated with a User + # This endpoint will delete a push endpoint associated with a user. + # @param user_id + # @param push_endpoint_id # @param [Hash] opts the optional parameters - # @option opts [Emailrequest] :body - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def users_send_emails(user_id, content_type, accept, opts = {}) - users_send_emails_with_http_info(user_id, content_type, accept, opts) - return nil + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PushEndpointResponse, Integer, Hash)>] PushEndpointResponse data, response status code and response headers + def push_endpoints_delete_with_http_info(user_id, push_endpoint_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: UsersApi.push_endpoints_delete ...' + end + # verify the required parameter 'user_id' is set + if @api_client.config.client_side_validation && user_id.nil? + fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.push_endpoints_delete" + end + # verify the required parameter 'push_endpoint_id' is set + if @api_client.config.client_side_validation && push_endpoint_id.nil? + fail ArgumentError, "Missing the required parameter 'push_endpoint_id' when calling UsersApi.push_endpoints_delete" + end + # resource path + local_var_path = '/users/{user_id}/pushendpoints/{push_endpoint_id}'.sub('{' + 'user_id' + '}', user_id.to_s).sub('{' + 'push_endpoint_id' + '}', push_endpoint_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PushEndpointResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: UsersApi#push_endpoints_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get a push endpoint associated with a User + # This endpoint will retrieve a push endpoint associated with a user. + # @param user_id + # @param push_endpoint_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PushEndpointResponse] + def push_endpoints_get(user_id, push_endpoint_id, opts = {}) + data, _status_code, _headers = push_endpoints_get_with_http_info(user_id, push_endpoint_id, opts) + data end - # Send User Emails - # This endpoint allows you to send a specific email to a user without waiting for or triggering a workflow. - # @param user_id ObjectID of the User. - # @param content_type - # @param accept + # Get a push endpoint associated with a User + # This endpoint will retrieve a push endpoint associated with a user. + # @param user_id + # @param push_endpoint_id # @param [Hash] opts the optional parameters - # @option opts [Emailrequest] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def users_send_emails_with_http_info(user_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PushEndpointResponse, Integer, Hash)>] PushEndpointResponse data, response status code and response headers + def push_endpoints_get_with_http_info(user_id, push_endpoint_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: UsersApi.users_send_emails ..." + @api_client.config.logger.debug 'Calling API: UsersApi.push_endpoints_get ...' end # verify the required parameter 'user_id' is set if @api_client.config.client_side_validation && user_id.nil? - fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.users_send_emails" + fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.push_endpoints_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling UsersApi.users_send_emails" + # verify the required parameter 'push_endpoint_id' is set + if @api_client.config.client_side_validation && push_endpoint_id.nil? + fail ArgumentError, "Missing the required parameter 'push_endpoint_id' when calling UsersApi.push_endpoints_get" end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling UsersApi.users_send_emails" + # resource path + local_var_path = '/users/{user_id}/pushendpoints/{push_endpoint_id}'.sub('{' + 'user_id' + '}', user_id.to_s).sub('{' + 'push_endpoint_id' + '}', push_endpoint_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'PushEndpointResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: UsersApi#push_endpoints_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List Push Endpoints associated with a User + # This endpoint returns the list of push endpoints associated with a user. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/pushendpoints \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: ${API_KEY}' ``` + # @param user_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + def push_endpoints_list(user_id, opts = {}) + data, _status_code, _headers = push_endpoints_list_with_http_info(user_id, opts) + data + end + + # List Push Endpoints associated with a User + # This endpoint returns the list of push endpoints associated with a user. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/pushendpoints \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: ${API_KEY}' ``` + # @param user_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def push_endpoints_list_with_http_info(user_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: UsersApi.push_endpoints_list ...' + end + # verify the required parameter 'user_id' is set + if @api_client.config.client_side_validation && user_id.nil? + fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.push_endpoints_list" end # resource path - local_var_path = "/users/{user_id}/emails".sub('{' + 'user_id' + '}', user_id.to_s) + local_var_path = '/users/{user_id}/pushendpoints'.sub('{' + 'user_id' + '}', user_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:GET, local_var_path, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type) + + if @api_client.config.debugging + @api_client.config.logger.debug "API called: UsersApi#push_endpoints_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update a push endpoint associated with a User + # This endpoint will update a push endpoint associated with a user. + # @param user_id + # @param push_endpoint_id + # @param [Hash] opts the optional parameters + # @option opts [PushendpointsPushEndpointIdBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PushEndpointResponse] + def push_endpoints_patch(user_id, push_endpoint_id, opts = {}) + data, _status_code, _headers = push_endpoints_patch_with_http_info(user_id, push_endpoint_id, opts) + data + end + + # Update a push endpoint associated with a User + # This endpoint will update a push endpoint associated with a user. + # @param user_id + # @param push_endpoint_id + # @param [Hash] opts the optional parameters + # @option opts [PushendpointsPushEndpointIdBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(PushEndpointResponse, Integer, Hash)>] PushEndpointResponse data, response status code and response headers + def push_endpoints_patch_with_http_info(user_id, push_endpoint_id, opts = {}) + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: UsersApi.push_endpoints_patch ...' + end + # verify the required parameter 'user_id' is set + if @api_client.config.client_side_validation && user_id.nil? + fail ArgumentError, "Missing the required parameter 'user_id' when calling UsersApi.push_endpoints_patch" + end + # verify the required parameter 'push_endpoint_id' is set + if @api_client.config.client_side_validation && push_endpoint_id.nil? + fail ArgumentError, "Missing the required parameter 'push_endpoint_id' when calling UsersApi.push_endpoints_patch" + end + # resource path + local_var_path = '/users/{user_id}/pushendpoints/{push_endpoint_id}'.sub('{' + 'user_id' + '}', user_id.to_s).sub('{' + 'push_endpoint_id' + '}', push_endpoint_id.to_s) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:POST, local_var_path, + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'PushEndpointResponse' + + auth_names = opts[:auth_names] || ['x-api-key'] + data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: UsersApi#users_send_emails\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: UsersApi#push_endpoints_patch\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end diff --git a/jcapiv2/lib/jcapiv2/api/workday_import_api.rb b/jcapiv2/lib/jcapiv2/api/workday_import_api.rb index 7e78260..4d97abc 100644 --- a/jcapiv2/lib/jcapiv2/api/workday_import_api.rb +++ b/jcapiv2/lib/jcapiv2/api/workday_import_api.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require "uri" - module JCAPIv2 class WorkdayImportApi attr_accessor :api_client @@ -19,399 +16,272 @@ class WorkdayImportApi def initialize(api_client = ApiClient.default) @api_client = api_client end - # Authorize Workday # This endpoint adds an authorization method to a workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/auth \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"auth\":{ \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [AuthInputObject] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def workdays_authorize(workday_id, content_type, accept, opts = {}) - workdays_authorize_with_http_info(workday_id, content_type, accept, opts) - return nil + def workdays_authorize(workday_id, opts = {}) + workdays_authorize_with_http_info(workday_id, opts) + nil end # Authorize Workday - # This endpoint adds an authorization method to a workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/auth \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"auth\":{ \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` + # This endpoint adds an authorization method to a workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/auth \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"auth\":{ \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [AuthInputObject] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def workdays_authorize_with_http_info(workday_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def workdays_authorize_with_http_info(workday_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_authorize ..." + @api_client.config.logger.debug 'Calling API: WorkdayImportApi.workdays_authorize ...' end # verify the required parameter 'workday_id' is set if @api_client.config.client_side_validation && workday_id.nil? fail ArgumentError, "Missing the required parameter 'workday_id' when calling WorkdayImportApi.workdays_authorize" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_authorize" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_authorize" - end # resource path - local_var_path = "/workdays/{workday_id}/auth".sub('{' + 'workday_id' + '}', workday_id.to_s) + local_var_path = '/workdays/{workday_id}/auth'.sub('{' + 'workday_id' + '}', workday_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) + header_params = opts[:header_params] || {} # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_authorize\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Deauthorize Workday # Removes any and all authorization methods from the workday instance ##### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/auth \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] - def workdays_deauthorize(workday_id, content_type, accept, opts = {}) - workdays_deauthorize_with_http_info(workday_id, content_type, accept, opts) - return nil + def workdays_deauthorize(workday_id, opts = {}) + workdays_deauthorize_with_http_info(workday_id, opts) + nil end # Deauthorize Workday - # Removes any and all authorization methods from the workday instance ##### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/auth \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Removes any and all authorization methods from the workday instance ##### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/auth \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def workdays_deauthorize_with_http_info(workday_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def workdays_deauthorize_with_http_info(workday_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_deauthorize ..." + @api_client.config.logger.debug 'Calling API: WorkdayImportApi.workdays_deauthorize ...' end # verify the required parameter 'workday_id' is set if @api_client.config.client_side_validation && workday_id.nil? fail ArgumentError, "Missing the required parameter 'workday_id' when calling WorkdayImportApi.workdays_deauthorize" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_deauthorize" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_deauthorize" - end # resource path - local_var_path = "/workdays/{workday_id}/auth".sub('{' + 'workday_id' + '}', workday_id.to_s) + local_var_path = '/workdays/{workday_id}/auth'.sub('{' + 'workday_id' + '}', workday_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept + header_params = opts[:header_params] || {} header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names) - if @api_client.config.debugging - @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_deauthorize\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end + post_body = opts[:body] - # Delete Workday - # This endpoint allows you to delete an instance of Workday. **This functionality is currently not enable for users.** - # @param id - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) - # @return [Object] - def workdays_delete(id, content_type, accept, opts = {}) - data, _status_code, _headers = workdays_delete_with_http_info(id, content_type, accept, opts) - return data - end + return_type = opts[:return_type] - # Delete Workday - # This endpoint allows you to delete an instance of Workday. **This functionality is currently not enable for users.** - # @param id - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(Object, Fixnum, Hash)>] Object data, response status code and response headers - def workdays_delete_with_http_info(id, content_type, accept, opts = {}) - if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_delete ..." - end - # verify the required parameter 'id' is set - if @api_client.config.client_side_validation && id.nil? - fail ArgumentError, "Missing the required parameter 'id' when calling WorkdayImportApi.workdays_delete" - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_delete" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_delete" - end - # resource path - local_var_path = "/workdays/{id}".sub('{' + 'id' + '}', id.to_s) - - # query parameters - query_params = {} - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Object') + :return_type => return_type) + if @api_client.config.debugging - @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_deauthorize\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Get Workday # This endpoint will return all the available information about an instance of Workday. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [WorkdayOutput] - def workdays_get(id, content_type, accept, opts = {}) - data, _status_code, _headers = workdays_get_with_http_info(id, content_type, accept, opts) - return data + def workdays_get(id, opts = {}) + data, _status_code, _headers = workdays_get_with_http_info(id, opts) + data end # Get Workday - # This endpoint will return all the available information about an instance of Workday. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all the available information about an instance of Workday. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array<(WorkdayOutput, Fixnum, Hash)>] WorkdayOutput data, response status code and response headers - def workdays_get_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(WorkdayOutput, Integer, Hash)>] WorkdayOutput data, response status code and response headers + def workdays_get_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_get ..." + @api_client.config.logger.debug 'Calling API: WorkdayImportApi.workdays_get ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling WorkdayImportApi.workdays_get" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_get" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_get" - end # resource path - local_var_path = "/workdays/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/workdays/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'WorkdayOutput' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'WorkdayOutput') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Workday Import # The endpoint allows you to create a Workday Import request. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/{WorkdayID}/import \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ {\"name\":\"EmployeeID\",\"value\":\"0000\"}, {\"name\":\"WorkdayID\",\"value\":\"name.name\"} ] } ] ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [JobId] - def workdays_import(workday_id, content_type, accept, opts = {}) - data, _status_code, _headers = workdays_import_with_http_info(workday_id, content_type, accept, opts) - return data + def workdays_import(workday_id, opts = {}) + data, _status_code, _headers = workdays_import_with_http_info(workday_id, opts) + data end # Workday Import - # The endpoint allows you to create a Workday Import request. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/{WorkdayID}/import \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ {\"name\":\"EmployeeID\",\"value\":\"0000\"}, {\"name\":\"WorkdayID\",\"value\":\"name.name\"} ] } ] ``` + # The endpoint allows you to create a Workday Import request. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/{WorkdayID}/import \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ {\"name\":\"EmployeeID\",\"value\":\"0000\"}, {\"name\":\"WorkdayID\",\"value\":\"name.name\"} ] } ] ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :body - # @option opts [String] :x_org_id - # @return [Array<(JobId, Fixnum, Hash)>] JobId data, response status code and response headers - def workdays_import_with_http_info(workday_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(JobId, Integer, Hash)>] JobId data, response status code and response headers + def workdays_import_with_http_info(workday_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_import ..." + @api_client.config.logger.debug 'Calling API: WorkdayImportApi.workdays_import ...' end # verify the required parameter 'workday_id' is set if @api_client.config.client_side_validation && workday_id.nil? fail ArgumentError, "Missing the required parameter 'workday_id' when calling WorkdayImportApi.workdays_import" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_import" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_import" - end # resource path - local_var_path = "/workdays/{workday_id}/import".sub('{' + 'workday_id' + '}', workday_id.to_s) + local_var_path = '/workdays/{workday_id}/import'.sub('{' + 'workday_id' + '}', workday_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'JobId' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'JobId') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_import\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List Import Results # This endpoint provides a list of job results from the workday import and will contain all imported data from Workday. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/{WorkdayID}/import/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id # @param job_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def workdays_importresults(id, job_id, content_type, accept, opts = {}) - data, _status_code, _headers = workdays_importresults_with_http_info(id, job_id, content_type, accept, opts) - return data + def workdays_importresults(id, job_id, opts = {}) + data, _status_code, _headers = workdays_importresults_with_http_info(id, job_id, opts) + data end # List Import Results - # This endpoint provides a list of job results from the workday import and will contain all imported data from Workday. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/{WorkdayID}/import/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint provides a list of job results from the workday import and will contain all imported data from Workday. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/{WorkdayID}/import/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id # @param job_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def workdays_importresults_with_http_info(id, job_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def workdays_importresults_with_http_info(id, job_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_importresults ..." + @api_client.config.logger.debug 'Calling API: WorkdayImportApi.workdays_importresults ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? @@ -421,105 +291,76 @@ def workdays_importresults_with_http_info(id, job_id, content_type, accept, opts if @api_client.config.client_side_validation && job_id.nil? fail ArgumentError, "Missing the required parameter 'job_id' when calling WorkdayImportApi.workdays_importresults" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_importresults" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_importresults" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling WorkdayImportApi.workdays_importresults, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/workdays/{id}/import/{job_id}/results".sub('{' + 'id' + '}', id.to_s).sub('{' + 'job_id' + '}', job_id.to_s) + local_var_path = '/workdays/{id}/import/{job_id}/results'.sub('{' + 'id' + '}', id.to_s).sub('{' + 'job_id' + '}', job_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_importresults\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List Workdays # This endpoint will return all the available information about all your instances of Workday. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id (default to ) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def workdays_list(content_type, accept, opts = {}) - data, _status_code, _headers = workdays_list_with_http_info(content_type, accept, opts) - return data + def workdays_list(opts = {}) + data, _status_code, _headers = workdays_list_with_http_info(opts) + data end # List Workdays - # This endpoint will return all the available information about all your instances of Workday. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint will return all the available information about all your instances of Workday. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def workdays_list_with_http_info(content_type, accept, opts = {}) + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def workdays_list_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_list ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_list" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_list" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling WorkdayImportApi.workdays_list, must be greater than or equal to 0.' + @api_client.config.logger.debug 'Calling API: WorkdayImportApi.workdays_list ...' end - # resource path - local_var_path = "/workdays" + local_var_path = '/workdays' # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'fields'] = @api_client.build_collection_param(opts[:'fields'], :csv) if !opts[:'fields'].nil? query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? @@ -527,322 +368,216 @@ def workdays_list_with_http_info(content_type, accept, opts = {}) query_params[:'filter'] = @api_client.build_collection_param(opts[:'filter'], :csv) if !opts[:'filter'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_list\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Create new Workday - # This endpoint allows you to create a new workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. Currently, only one instance is allowed and it must be `Workday Import`. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Workday2\", \"reportUrl\":\"https://workday.com/ccx/service/customreport2/gms/user/reportname?format=json\", \"auth\": { \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. Currently, only one instance is allowed and it must be `Workday Import`. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Workday2\", \"reportUrl\":\"https://workday.com/ccx/service/customreport2/gms/user/reportname?format=json\", \"auth\": { \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` # @param [Hash] opts the optional parameters # @option opts [WorkdayInput] :body - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def workdays_post(content_type, accept, opts = {}) - workdays_post_with_http_info(content_type, accept, opts) - return nil + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [WorkdayOutput] + def workdays_post(opts = {}) + data, _status_code, _headers = workdays_post_with_http_info(opts) + data end # Create new Workday - # This endpoint allows you to create a new workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. Currently, only one instance is allowed and it must be `Workday Import`. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Workday2\", \"reportUrl\":\"https://workday.com/ccx/service/customreport2/gms/user/reportname?format=json\", \"auth\": { \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. Currently, only one instance is allowed and it must be `Workday Import`. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Workday2\", \"reportUrl\":\"https://workday.com/ccx/service/customreport2/gms/user/reportname?format=json\", \"auth\": { \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` # @param [Hash] opts the optional parameters # @option opts [WorkdayInput] :body - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def workdays_post_with_http_info(content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(WorkdayOutput, Integer, Hash)>] WorkdayOutput data, response status code and response headers + def workdays_post_with_http_info(opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_post ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_post" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_post" + @api_client.config.logger.debug 'Calling API: WorkdayImportApi.workdays_post ...' end # resource path - local_var_path = "/workdays" + local_var_path = '/workdays' # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'WorkdayOutput' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:POST, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, - :auth_names => auth_names) + :auth_names => auth_names, + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # Update Workday # This endpoint allows you to update the name and Custom Report URL for a Workday Instance. Currently, the name can not be changed from the default of `Workday Import`. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/workdays/{WorkdayID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"reportUrl\":\"{Report_URL}\", \"name\":\"{Name}\" } ' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [WorkdayFields] :body - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [WorkdayOutput] - def workdays_put(id, content_type, accept, opts = {}) - data, _status_code, _headers = workdays_put_with_http_info(id, content_type, accept, opts) - return data + def workdays_put(id, opts = {}) + data, _status_code, _headers = workdays_put_with_http_info(id, opts) + data end # Update Workday - # This endpoint allows you to update the name and Custom Report URL for a Workday Instance. Currently, the name can not be changed from the default of `Workday Import`. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/workdays/{WorkdayID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"reportUrl\":\"{Report_URL}\", \"name\":\"{Name}\" } ' ``` + # This endpoint allows you to update the name and Custom Report URL for a Workday Instance. Currently, the name can not be changed from the default of `Workday Import`. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/workdays/{WorkdayID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"reportUrl\":\"{Report_URL}\", \"name\":\"{Name}\" } ' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [WorkdayFields] :body - # @option opts [String] :x_org_id - # @return [Array<(WorkdayOutput, Fixnum, Hash)>] WorkdayOutput data, response status code and response headers - def workdays_put_with_http_info(id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(WorkdayOutput, Integer, Hash)>] WorkdayOutput data, response status code and response headers + def workdays_put_with_http_info(id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_put ..." + @api_client.config.logger.debug 'Calling API: WorkdayImportApi.workdays_put ...' end # verify the required parameter 'id' is set if @api_client.config.client_side_validation && id.nil? fail ArgumentError, "Missing the required parameter 'id' when calling WorkdayImportApi.workdays_put" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_put" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_put" - end # resource path - local_var_path = "/workdays/{id}".sub('{' + 'id' + '}', id.to_s) + local_var_path = '/workdays/{id}'.sub('{' + 'id' + '}', id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = @api_client.object_to_http_body(opts[:'body']) - auth_names = ['x-api-key'] + post_body = opts[:body] || @api_client.object_to_http_body(opts[:'body']) + + return_type = opts[:return_type] || 'WorkdayOutput' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:PUT, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'WorkdayOutput') - if @api_client.config.debugging - @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" - end - return data, status_code, headers - end - - # Get Workday Settings (incomplete) - # This endpoint allows you to obtain all settings needed for creating a workday instance, specifically the URL to initiate Basic Authentication with WorkDay. **This functionality is currently not enable for users.** - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :state - # @option opts [String] :x_org_id (default to ) - # @return [nil] - def workdays_settings(content_type, accept, opts = {}) - workdays_settings_with_http_info(content_type, accept, opts) - return nil - end + :return_type => return_type) - # Get Workday Settings (incomplete) - # This endpoint allows you to obtain all settings needed for creating a workday instance, specifically the URL to initiate Basic Authentication with WorkDay. **This functionality is currently not enable for users.** - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :state - # @option opts [String] :x_org_id - # @return [Array<(nil, Fixnum, Hash)>] nil, response status code and response headers - def workdays_settings_with_http_info(content_type, accept, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_settings ..." - end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_settings" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_settings" - end - # resource path - local_var_path = "/workdays/settings" - - # query parameters - query_params = {} - query_params[:'state'] = opts[:'state'] if !opts[:'state'].nil? - - # header parameters - header_params = {} - # HTTP header 'Accept' (if needed) - header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept - header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? - - # form parameters - form_params = {} - - # http body (model) - post_body = nil - auth_names = ['x-api-key'] - data, status_code, headers = @api_client.call_api(:GET, local_var_path, - :header_params => header_params, - :query_params => query_params, - :form_params => form_params, - :body => post_body, - :auth_names => auth_names) - if @api_client.config.debugging - @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_settings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_put\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end - # List Workday Workers # This endpoint will return all of the data in your WorkDay Custom Report that has been associated with your WorkDay Instance in JumpCloud. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/workers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. (default to 10) # @option opts [Integer] :skip The offset into the records to return. (default to 0) # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id (default to ) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - def workdays_workers(workday_id, content_type, accept, opts = {}) - data, _status_code, _headers = workdays_workers_with_http_info(workday_id, content_type, accept, opts) - return data + def workdays_workers(workday_id, opts = {}) + data, _status_code, _headers = workdays_workers_with_http_info(workday_id, opts) + data end # List Workday Workers - # This endpoint will return all of the data in your WorkDay Custom Report that has been associated with your WorkDay Instance in JumpCloud. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/workers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all of the data in your WorkDay Custom Report that has been associated with your WorkDay Instance in JumpCloud. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/workers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array<(Array, Fixnum, Hash)>] Array data, response status code and response headers - def workdays_workers_with_http_info(workday_id, content_type, accept, opts = {}) + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array<(Array, Integer, Hash)>] Array data, response status code and response headers + def workdays_workers_with_http_info(workday_id, opts = {}) if @api_client.config.debugging - @api_client.config.logger.debug "Calling API: WorkdayImportApi.workdays_workers ..." + @api_client.config.logger.debug 'Calling API: WorkdayImportApi.workdays_workers ...' end # verify the required parameter 'workday_id' is set if @api_client.config.client_side_validation && workday_id.nil? fail ArgumentError, "Missing the required parameter 'workday_id' when calling WorkdayImportApi.workdays_workers" end - # verify the required parameter 'content_type' is set - if @api_client.config.client_side_validation && content_type.nil? - fail ArgumentError, "Missing the required parameter 'content_type' when calling WorkdayImportApi.workdays_workers" - end - # verify the required parameter 'accept' is set - if @api_client.config.client_side_validation && accept.nil? - fail ArgumentError, "Missing the required parameter 'accept' when calling WorkdayImportApi.workdays_workers" - end - if @api_client.config.client_side_validation && !opts[:'skip'].nil? && opts[:'skip'] < 0 - fail ArgumentError, 'invalid value for "opts[:"skip"]" when calling WorkdayImportApi.workdays_workers, must be greater than or equal to 0.' - end - # resource path - local_var_path = "/workdays/{workday_id}/workers".sub('{' + 'workday_id' + '}', workday_id.to_s) + local_var_path = '/workdays/{workday_id}/workers'.sub('{' + 'workday_id' + '}', workday_id.to_s) # query parameters - query_params = {} + query_params = opts[:query_params] || {} query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil? query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil? query_params[:'sort'] = @api_client.build_collection_param(opts[:'sort'], :csv) if !opts[:'sort'].nil? # header parameters - header_params = {} + header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) - # HTTP header 'Content-Type' - header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) - header_params[:'Content-Type'] = content_type - header_params[:'Accept'] = accept header_params[:'x-org-id'] = opts[:'x_org_id'] if !opts[:'x_org_id'].nil? # form parameters - form_params = {} + form_params = opts[:form_params] || {} # http body (model) - post_body = nil - auth_names = ['x-api-key'] + post_body = opts[:body] + + return_type = opts[:return_type] || 'Array' + + auth_names = opts[:auth_names] || ['x-api-key'] data, status_code, headers = @api_client.call_api(:GET, local_var_path, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, - :return_type => 'Array') + :return_type => return_type) + if @api_client.config.debugging @api_client.config.logger.debug "API called: WorkdayImportApi#workdays_workers\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end diff --git a/jcapiv2/lib/jcapiv2/api_client.rb b/jcapiv2/lib/jcapiv2/api_client.rb index 25cc3aa..14d037a 100644 --- a/jcapiv2/lib/jcapiv2/api_client.rb +++ b/jcapiv2/lib/jcapiv2/api_client.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' @@ -33,7 +32,7 @@ def initialize(config = Configuration.default) @config = config @user_agent = "Swagger-Codegen/#{VERSION}/ruby" @default_headers = { - 'Content-Type' => "application/json", + 'Content-Type' => 'application/json', 'User-Agent' => @user_agent } end @@ -44,7 +43,7 @@ def self.default # Call an API with given options. # - # @return [Array<(Object, Fixnum, Hash)>] an array of 3 elements: + # @return [Array<(Object, Integer, Hash)>] an array of 3 elements: # the data deserialized from response body (could be nil), response status code and response headers. def call_api(http_method, path, opts = {}) request = build_request(http_method, path, opts) @@ -128,6 +127,34 @@ def build_request(http_method, path, opts = {}) request end + # Builds the HTTP request body + # + # @param [Hash] header_params Header parameters + # @param [Hash] form_params Query parameters + # @param [Object] body HTTP body (JSON/XML) + # @return [String] HTTP body data in the form of string + def build_request_body(header_params, form_params, body) + # http form + if header_params['Content-Type'] == 'application/x-www-form-urlencoded' || + header_params['Content-Type'] == 'multipart/form-data' + data = {} + form_params.each do |key, value| + case value + when ::File, ::Array, nil + # let typhoeus handle File, Array and nil parameters + data[key] = value + else + data[key] = value.to_s + end + end + elsif body + data = body.is_a?(String) ? body : body.to_json + else + data = nil + end + data + end + # Check if the given MIME is a JSON MIME. # JSON MIME examples: # application/json @@ -137,13 +164,13 @@ def build_request(http_method, path, opts = {}) # @param [String] mime MIME # @return [Boolean] True if the MIME is application/json def json_mime?(mime) - (mime == "*/*") || !(mime =~ /Application\/.*json(?!p)(;.*)?/i).nil? + (mime == '*/*') || !(mime =~ /Application\/.*json(?!p)(;.*)?/i).nil? end # Deserialize the response to the given return type. # # @param [Response] response HTTP response - # @param [String] return_type some examples: "User", "Array[User]", "Hash[String,Integer]" + # @param [String] return_type some examples: "User", "Array", "Hash" def deserialize(response, return_type) body = response.body @@ -187,7 +214,7 @@ def convert_to_type(data, return_type) data.to_i when 'Float' data.to_f - when 'BOOLEAN' + when 'Boolean' data == true when 'DateTime' # parse date time (expecting ISO 8601 format) @@ -201,18 +228,16 @@ def convert_to_type(data, return_type) when /\AArray<(.+)>\z/ # e.g. Array sub_type = $1 - data.map {|item| convert_to_type(item, sub_type) } + data.map { |item| convert_to_type(item, sub_type) } when /\AHash\\z/ # e.g. Hash sub_type = $1 {}.tap do |hash| - data.each {|k, v| hash[k] = convert_to_type(v, sub_type) } + data.each { |k, v| hash[k] = convert_to_type(v, sub_type) } end else # models, e.g. Pet - JCAPIv2.const_get(return_type).new.tap do |model| - model.build_from_hash data - end + JCAPIv2.const_get(return_type).build_from_hash(data) end end @@ -228,7 +253,7 @@ def download_file(request) encoding = nil request.on_headers do |response| content_disposition = response.headers['Content-Disposition'] - if content_disposition and content_disposition =~ /filename=/i + if content_disposition && content_disposition =~ /filename=/i filename = content_disposition[/filename=['"]?([^'"\s]+)['"]?/, 1] prefix = sanitize_filename(filename) else @@ -244,11 +269,13 @@ def download_file(request) tempfile.write(chunk) end request.on_complete do |response| - tempfile.close - @config.logger.info "Temp file written to #{tempfile.path}, please copy the file to a proper folder "\ - "with e.g. `FileUtils.cp(tempfile.path, '/new/file/path')` otherwise the temp file "\ - "will be deleted automatically with GC. It's also recommended to delete the temp file "\ - "explicitly with `tempfile.delete`" + if tempfile + tempfile.close + @config.logger.info "Temp file written to #{tempfile.path}, please copy the file to a proper folder "\ + "with e.g. `FileUtils.cp(tempfile.path, '/new/file/path')` otherwise the temp file "\ + "will be deleted automatically with GC. It's also recommended to delete the temp file "\ + "explicitly with `tempfile.delete`" + end end end @@ -264,35 +291,7 @@ def sanitize_filename(filename) def build_request_url(path) # Add leading and trailing slashes to path path = "/#{path}".gsub(/\/+/, '/') - URI.encode(@config.base_url + path) - end - - # Builds the HTTP request body - # - # @param [Hash] header_params Header parameters - # @param [Hash] form_params Query parameters - # @param [Object] body HTTP body (JSON/XML) - # @return [String] HTTP body data in the form of string - def build_request_body(header_params, form_params, body) - # http form - if header_params['Content-Type'] == 'application/x-www-form-urlencoded' || - header_params['Content-Type'] == 'multipart/form-data' - data = {} - form_params.each do |key, value| - case value - when ::File, ::Array, nil - # let typhoeus handle File, Array and nil parameters - data[key] = value - else - data[key] = value.to_s - end - end - elsif body - data = body.is_a?(String) ? body : body.to_json - else - data = nil - end - data + @config.base_url + path end # Update hearder and query params based on authentication settings. @@ -327,7 +326,7 @@ def select_header_accept(accepts) return nil if accepts.nil? || accepts.empty? # use JSON when present, otherwise use all of the provided json_accept = accepts.find { |s| json_mime?(s) } - return json_accept || accepts.join(',') + json_accept || accepts.join(',') end # Return Content-Type header based on an array of content types provided. @@ -338,7 +337,7 @@ def select_header_content_type(content_types) return 'application/json' if content_types.nil? || content_types.empty? # use JSON when present, otherwise use the first one json_content_type = content_types.find { |s| json_mime?(s) } - return json_content_type || content_types.first + json_content_type || content_types.first end # Convert object (array, hash, object, etc) to JSON string. @@ -348,7 +347,7 @@ def object_to_http_body(model) return model if model.nil? || model.is_a?(String) local_body = nil if model.is_a?(Array) - local_body = model.map{|m| object_to_hash(m) } + local_body = model.map { |m| object_to_hash(m) } else local_body = object_to_hash(model) end diff --git a/jcapiv2/lib/jcapiv2/api_error.rb b/jcapiv2/lib/jcapiv2/api_error.rb index 81f54fc..92e4ef0 100644 --- a/jcapiv2/lib/jcapiv2/api_error.rb +++ b/jcapiv2/lib/jcapiv2/api_error.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end module JCAPIv2 @@ -34,5 +33,25 @@ def initialize(arg = nil) super arg end end + + # Override to_s to display a friendly error message + def to_s + message + end + + def message + if @message.nil? + msg = "Error message: the server returns an error" + else + msg = @message + end + + msg += "\nHTTP status code: #{code}" if code + msg += "\nResponse headers: #{response_headers}" if response_headers + msg += "\nResponse body: #{response_body}" if response_body + + msg + end + end end diff --git a/jcapiv2/lib/jcapiv2/configuration.rb b/jcapiv2/lib/jcapiv2/configuration.rb index d7fff86..88663f7 100644 --- a/jcapiv2/lib/jcapiv2/configuration.rb +++ b/jcapiv2/lib/jcapiv2/configuration.rb @@ -1,17 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end -require 'uri' - module JCAPIv2 class Configuration # Defines url scheme @@ -130,7 +127,7 @@ class Configuration def initialize @scheme = 'https' @host = 'console.jumpcloud.com' - @base_path = '/api/v2' + @base_path = 'https://console.jumpcloud.com/api/v2' @api_key = {} @api_key_prefix = {} @timeout = 0 @@ -170,12 +167,11 @@ def host=(host) def base_path=(base_path) # Add leading and trailing slashes to base_path @base_path = "/#{base_path}".gsub(/\/+/, '/') - @base_path = "" if @base_path == "/" + @base_path = '' if @base_path == '/' end def base_url - url = "#{scheme}://#{[host, base_path].join('/').gsub(/\/+/, '/')}".sub(/\/+\z/, '') - URI.encode(url) + "#{scheme}://#{[host, base_path].join('/').gsub(/\/+/, '/')}".sub(/\/+\z/, '') end # Gets API key (with prefix if set). diff --git a/jcapiv2/lib/jcapiv2/models/active_directory.rb b/jcapiv2/lib/jcapiv2/models/active_directory.rb new file mode 100644 index 0000000..aa1c405 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/active_directory.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ActiveDirectory + # Domain name for this Active Directory instance. + attr_accessor :domain + + # ObjectID of this Active Directory instance. + attr_accessor :id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'domain' => :'domain', + :'id' => :'id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'domain' => :'Object', + :'id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ActiveDirectory` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ActiveDirectory`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'domain') + self.domain = attributes[:'domain'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + domain == o.domain && + id == o.id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [domain, id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/active_directory_agent.rb b/jcapiv2/lib/jcapiv2/models/active_directory_agent.rb new file mode 100644 index 0000000..3ad0230 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/active_directory_agent.rb @@ -0,0 +1,197 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ActiveDirectoryAgent + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ActiveDirectoryAgent` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ActiveDirectoryAgent`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/active_directory_agent_get.rb b/jcapiv2/lib/jcapiv2/models/active_directory_agent_get.rb new file mode 100644 index 0000000..48a36b8 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/active_directory_agent_get.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ActiveDirectoryAgentGet + # The connect key to use when installing the Agent on a Domain Controller. + attr_accessor :connect_key + + attr_accessor :contact_at + + attr_accessor :hostname + + # ObjectID of this Active Directory Agent. + attr_accessor :id + + attr_accessor :source_ip + + attr_accessor :state + + attr_accessor :version + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'connect_key' => :'connectKey', + :'contact_at' => :'contactAt', + :'hostname' => :'hostname', + :'id' => :'id', + :'source_ip' => :'source_ip', + :'state' => :'state', + :'version' => :'version' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'connect_key' => :'Object', + :'contact_at' => :'Object', + :'hostname' => :'Object', + :'id' => :'Object', + :'source_ip' => :'Object', + :'state' => :'Object', + :'version' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ActiveDirectoryAgentGet` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ActiveDirectoryAgentGet`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'connect_key') + self.connect_key = attributes[:'connect_key'] + end + + if attributes.key?(:'contact_at') + self.contact_at = attributes[:'contact_at'] + end + + if attributes.key?(:'hostname') + self.hostname = attributes[:'hostname'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'source_ip') + self.source_ip = attributes[:'source_ip'] + end + + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + state_validator = EnumAttributeValidator.new('Object', ['unsealed', 'active', 'inactive']) + return false unless state_validator.valid?(@state) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] state Object to be assigned + def state=(state) + validator = EnumAttributeValidator.new('Object', ['unsealed', 'active', 'inactive']) + unless validator.valid?(state) + fail ArgumentError, "invalid value for \"state\", must be one of #{validator.allowable_values}." + end + @state = state + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + connect_key == o.connect_key && + contact_at == o.contact_at && + hostname == o.hostname && + id == o.id && + source_ip == o.source_ip && + state == o.state && + version == o.version + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [connect_key, contact_at, hostname, id, source_ip, state, version].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/active_directory_agent_get_output.rb b/jcapiv2/lib/jcapiv2/models/active_directory_agent_get_output.rb deleted file mode 100644 index ddb761f..0000000 --- a/jcapiv2/lib/jcapiv2/models/active_directory_agent_get_output.rb +++ /dev/null @@ -1,204 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class ActiveDirectoryAgentGetOutput - # The connect key to use when installing the Agent on a Domain Controller. - attr_accessor :connect_key - - # ObjectID of this Active Directory Agent. - attr_accessor :id - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'connect_key' => :'connectKey', - :'id' => :'id' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'connect_key' => :'String', - :'id' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'connectKey') - self.connect_key = attributes[:'connectKey'] - end - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @id.nil? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - connect_key == o.connect_key && - id == o.id - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [connect_key, id].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/active_directory_agent_input.rb b/jcapiv2/lib/jcapiv2/models/active_directory_agent_input.rb deleted file mode 100644 index d3d8d1e..0000000 --- a/jcapiv2/lib/jcapiv2/models/active_directory_agent_input.rb +++ /dev/null @@ -1,179 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class ActiveDirectoryAgentInput - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - } - end - - # Attribute type mapping. - def self.swagger_types - { - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/active_directory_agent_list.rb b/jcapiv2/lib/jcapiv2/models/active_directory_agent_list.rb new file mode 100644 index 0000000..10e98b7 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/active_directory_agent_list.rb @@ -0,0 +1,286 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ActiveDirectoryAgentList + attr_accessor :contact_at + + attr_accessor :hostname + + # ObjectID of this Active Directory Agent. + attr_accessor :id + + attr_accessor :source_ip + + attr_accessor :state + + attr_accessor :version + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'contact_at' => :'contactAt', + :'hostname' => :'hostname', + :'id' => :'id', + :'source_ip' => :'source_ip', + :'state' => :'state', + :'version' => :'version' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'contact_at' => :'Object', + :'hostname' => :'Object', + :'id' => :'Object', + :'source_ip' => :'Object', + :'state' => :'Object', + :'version' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ActiveDirectoryAgentList` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ActiveDirectoryAgentList`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'contact_at') + self.contact_at = attributes[:'contact_at'] + end + + if attributes.key?(:'hostname') + self.hostname = attributes[:'hostname'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'source_ip') + self.source_ip = attributes[:'source_ip'] + end + + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + state_validator = EnumAttributeValidator.new('Object', ['unsealed', 'active', 'inactive']) + return false unless state_validator.valid?(@state) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] state Object to be assigned + def state=(state) + validator = EnumAttributeValidator.new('Object', ['unsealed', 'active', 'inactive']) + unless validator.valid?(state) + fail ArgumentError, "invalid value for \"state\", must be one of #{validator.allowable_values}." + end + @state = state + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + contact_at == o.contact_at && + hostname == o.hostname && + id == o.id && + source_ip == o.source_ip && + state == o.state && + version == o.version + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [contact_at, hostname, id, source_ip, state, version].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/active_directory_agent_list_output.rb b/jcapiv2/lib/jcapiv2/models/active_directory_agent_list_output.rb deleted file mode 100644 index 848f842..0000000 --- a/jcapiv2/lib/jcapiv2/models/active_directory_agent_list_output.rb +++ /dev/null @@ -1,231 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class ActiveDirectoryAgentListOutput - # ObjectID of this Active Directory Agent. - attr_accessor :id - - attr_accessor :state - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'id' => :'id', - :'state' => :'state' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'id' => :'String', - :'state' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'state') - self.state = attributes[:'state'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - state_validator = EnumAttributeValidator.new('String', ["unsealed", "active", "inactive"]) - return false unless state_validator.valid?(@state) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] state Object to be assigned - def state=(state) - validator = EnumAttributeValidator.new('String', ["unsealed", "active", "inactive"]) - unless validator.valid?(state) - fail ArgumentError, "invalid value for 'state', must be one of #{validator.allowable_values}." - end - @state = state - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - id == o.id && - state == o.state - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [id, state].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/active_directory_input.rb b/jcapiv2/lib/jcapiv2/models/active_directory_input.rb deleted file mode 100644 index c3209ea..0000000 --- a/jcapiv2/lib/jcapiv2/models/active_directory_input.rb +++ /dev/null @@ -1,189 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class ActiveDirectoryInput - # Domain name for this Active Directory instance. - attr_accessor :domain - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'domain' => :'domain' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'domain' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'domain') - self.domain = attributes[:'domain'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - domain == o.domain - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [domain].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/active_directory_output.rb b/jcapiv2/lib/jcapiv2/models/active_directory_output.rb deleted file mode 100644 index 80ab07e..0000000 --- a/jcapiv2/lib/jcapiv2/models/active_directory_output.rb +++ /dev/null @@ -1,204 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class ActiveDirectoryOutput - # Domain name for this Active Directory instance. - attr_accessor :domain - - # ObjectID of this Active Directory instance. - attr_accessor :id - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'domain' => :'domain', - :'id' => :'id' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'domain' => :'String', - :'id' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'domain') - self.domain = attributes[:'domain'] - end - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @id.nil? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - domain == o.domain && - id == o.id - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [domain, id].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/address.rb b/jcapiv2/lib/jcapiv2/models/address.rb new file mode 100644 index 0000000..24ba7be --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/address.rb @@ -0,0 +1,278 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class Address + attr_accessor :country + + attr_accessor :extended_address + + attr_accessor :id + + attr_accessor :locality + + attr_accessor :po_box + + attr_accessor :postal_code + + attr_accessor :region + + attr_accessor :street_address + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'country' => :'country', + :'extended_address' => :'extendedAddress', + :'id' => :'id', + :'locality' => :'locality', + :'po_box' => :'poBox', + :'postal_code' => :'postalCode', + :'region' => :'region', + :'street_address' => :'streetAddress', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'country' => :'Object', + :'extended_address' => :'Object', + :'id' => :'Object', + :'locality' => :'Object', + :'po_box' => :'Object', + :'postal_code' => :'Object', + :'region' => :'Object', + :'street_address' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Address` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Address`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'country') + self.country = attributes[:'country'] + end + + if attributes.key?(:'extended_address') + self.extended_address = attributes[:'extended_address'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'locality') + self.locality = attributes[:'locality'] + end + + if attributes.key?(:'po_box') + self.po_box = attributes[:'po_box'] + end + + if attributes.key?(:'postal_code') + self.postal_code = attributes[:'postal_code'] + end + + if attributes.key?(:'region') + self.region = attributes[:'region'] + end + + if attributes.key?(:'street_address') + self.street_address = attributes[:'street_address'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + country == o.country && + extended_address == o.extended_address && + id == o.id && + locality == o.locality && + po_box == o.po_box && + postal_code == o.postal_code && + region == o.region && + street_address == o.street_address && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [country, extended_address, id, locality, po_box, postal_code, region, street_address, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/ade.rb b/jcapiv2/lib/jcapiv2/models/ade.rb new file mode 100644 index 0000000..a307378 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/ade.rb @@ -0,0 +1,253 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ADE + # An array of ObjectIDs identifying the default device groups for this specific type (based on the OS family) of automated device enrollment. Currently, only a single DeviceGroupID is supported. + attr_accessor :default_device_group_object_ids + + # A toggle to determine if ADE registered devices should go through JumpCloud Zero Touch Enrollment. + attr_accessor :enable_zero_touch_enrollment + + # A Setup Option wrapped as an object + attr_accessor :setup_assistant_options + + # A list of configured setup options for this enrollment. + attr_accessor :setup_options + + attr_accessor :welcome_screen + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'default_device_group_object_ids' => :'defaultDeviceGroupObjectIds', + :'enable_zero_touch_enrollment' => :'enableZeroTouchEnrollment', + :'setup_assistant_options' => :'setupAssistantOptions', + :'setup_options' => :'setupOptions', + :'welcome_screen' => :'welcomeScreen' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'default_device_group_object_ids' => :'Object', + :'enable_zero_touch_enrollment' => :'Object', + :'setup_assistant_options' => :'Object', + :'setup_options' => :'Object', + :'welcome_screen' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + :'default_device_group_object_ids', + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ADE` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ADE`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'default_device_group_object_ids') + if (value = attributes[:'default_device_group_object_ids']).is_a?(Array) + self.default_device_group_object_ids = value + end + end + + if attributes.key?(:'enable_zero_touch_enrollment') + self.enable_zero_touch_enrollment = attributes[:'enable_zero_touch_enrollment'] + end + + if attributes.key?(:'setup_assistant_options') + if (value = attributes[:'setup_assistant_options']).is_a?(Array) + self.setup_assistant_options = value + end + end + + if attributes.key?(:'setup_options') + if (value = attributes[:'setup_options']).is_a?(Array) + self.setup_options = value + end + end + + if attributes.key?(:'welcome_screen') + self.welcome_screen = attributes[:'welcome_screen'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + default_device_group_object_ids == o.default_device_group_object_ids && + enable_zero_touch_enrollment == o.enable_zero_touch_enrollment && + setup_assistant_options == o.setup_assistant_options && + setup_options == o.setup_options && + welcome_screen == o.welcome_screen + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [default_device_group_object_ids, enable_zero_touch_enrollment, setup_assistant_options, setup_options, welcome_screen].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/ades.rb b/jcapiv2/lib/jcapiv2/models/ades.rb new file mode 100644 index 0000000..7dc286b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/ades.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ADES + attr_accessor :ios + + attr_accessor :macos + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'ios' => :'ios', + :'macos' => :'macos' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'ios' => :'Object', + :'macos' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ADES` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ADES`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'ios') + self.ios = attributes[:'ios'] + end + + if attributes.key?(:'macos') + self.macos = attributes[:'macos'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + ios == o.ios && + macos == o.macos + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [ios, macos].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/administrator.rb b/jcapiv2/lib/jcapiv2/models/administrator.rb index 37ef8b8..4a39543 100644 --- a/jcapiv2/lib/jcapiv2/models/administrator.rb +++ b/jcapiv2/lib/jcapiv2/models/administrator.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class Administrator attr_accessor :email @@ -25,8 +23,15 @@ class Administrator attr_accessor :lastname + attr_accessor :organization_access_total + attr_accessor :registered + attr_accessor :role + + attr_accessor :role_name + + attr_accessor :suspended # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map @@ -36,67 +41,103 @@ def self.attribute_map :'firstname' => :'firstname', :'id' => :'id', :'lastname' => :'lastname', - :'registered' => :'registered' + :'organization_access_total' => :'organizationAccessTotal', + :'registered' => :'registered', + :'role' => :'role', + :'role_name' => :'roleName', + :'suspended' => :'suspended' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'email' => :'String', - :'enable_multi_factor' => :'BOOLEAN', - :'firstname' => :'String', - :'id' => :'String', - :'lastname' => :'String', - :'registered' => :'BOOLEAN' + :'email' => :'Object', + :'enable_multi_factor' => :'Object', + :'firstname' => :'Object', + :'id' => :'Object', + :'lastname' => :'Object', + :'organization_access_total' => :'Object', + :'registered' => :'Object', + :'role' => :'Object', + :'role_name' => :'Object', + :'suspended' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Administrator` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Administrator`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'email') + if attributes.key?(:'email') self.email = attributes[:'email'] end - if attributes.has_key?(:'enableMultiFactor') - self.enable_multi_factor = attributes[:'enableMultiFactor'] + if attributes.key?(:'enable_multi_factor') + self.enable_multi_factor = attributes[:'enable_multi_factor'] end - if attributes.has_key?(:'firstname') + if attributes.key?(:'firstname') self.firstname = attributes[:'firstname'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'lastname') + if attributes.key?(:'lastname') self.lastname = attributes[:'lastname'] end - if attributes.has_key?(:'registered') + if attributes.key?(:'organization_access_total') + self.organization_access_total = attributes[:'organization_access_total'] + end + + if attributes.key?(:'registered') self.registered = attributes[:'registered'] end + if attributes.key?(:'role') + self.role = attributes[:'role'] + end + + if attributes.key?(:'role_name') + self.role_name = attributes[:'role_name'] + end + + if attributes.key?(:'suspended') + self.suspended = attributes[:'suspended'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -109,7 +150,11 @@ def ==(o) firstname == o.firstname && id == o.id && lastname == o.lastname && - registered == o.registered + organization_access_total == o.organization_access_total && + registered == o.registered && + role == o.role && + role_name == o.role_name && + suspended == o.suspended end # @see the `==` method @@ -119,9 +164,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [email, enable_multi_factor, firstname, id, lastname, registered].hash + [email, enable_multi_factor, firstname, id, lastname, organization_access_total, registered, role, role_name, suspended].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -129,16 +181,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -160,7 +214,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -181,8 +235,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -204,7 +257,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -216,7 +273,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -226,8 +283,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/administrator_organization_link.rb b/jcapiv2/lib/jcapiv2/models/administrator_organization_link.rb new file mode 100644 index 0000000..8463c91 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/administrator_organization_link.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AdministratorOrganizationLink + # The identifier for an administrator + attr_accessor :administrator + + # The identifier for an organization + attr_accessor :organization + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'administrator' => :'administrator', + :'organization' => :'organization' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'administrator' => :'Object', + :'organization' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AdministratorOrganizationLink` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AdministratorOrganizationLink`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'administrator') + self.administrator = attributes[:'administrator'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + administrator == o.administrator && + organization == o.organization + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [administrator, organization].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/administrator_organization_link_req.rb b/jcapiv2/lib/jcapiv2/models/administrator_organization_link_req.rb new file mode 100644 index 0000000..ee616d9 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/administrator_organization_link_req.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AdministratorOrganizationLinkReq + # The identifier for an organization to link this administrator to. + attr_accessor :organization + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'organization' => :'organization' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'organization' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AdministratorOrganizationLinkReq` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AdministratorOrganizationLinkReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + organization == o.organization + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [organization].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/all_of_autotask_ticketing_alert_configuration_list_records_items.rb b/jcapiv2/lib/jcapiv2/models/all_of_autotask_ticketing_alert_configuration_list_records_items.rb new file mode 100644 index 0000000..5d2491d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/all_of_autotask_ticketing_alert_configuration_list_records_items.rb @@ -0,0 +1,339 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AllOfAutotaskTicketingAlertConfigurationListRecordsItems + attr_accessor :category + + attr_accessor :description + + attr_accessor :destination + + attr_accessor :display_name + + attr_accessor :due_days + + attr_accessor :id + + attr_accessor :priority + + attr_accessor :queue + + attr_accessor :resource + + attr_accessor :should_create_tickets + + attr_accessor :source + + attr_accessor :status + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'category' => :'category', + :'description' => :'description', + :'destination' => :'destination', + :'display_name' => :'displayName', + :'due_days' => :'dueDays', + :'id' => :'id', + :'priority' => :'priority', + :'queue' => :'queue', + :'resource' => :'resource', + :'should_create_tickets' => :'shouldCreateTickets', + :'source' => :'source', + :'status' => :'status' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'category' => :'', + :'description' => :'', + :'destination' => :'', + :'display_name' => :'', + :'due_days' => :'', + :'id' => :'', + :'priority' => :'', + :'queue' => :'', + :'resource' => :'', + :'should_create_tickets' => :'', + :'source' => :'', + :'status' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AllOfAutotaskTicketingAlertConfigurationListRecordsItems` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AllOfAutotaskTicketingAlertConfigurationListRecordsItems`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'category') + self.category = attributes[:'category'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'destination') + self.destination = attributes[:'destination'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'due_days') + self.due_days = attributes[:'due_days'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'priority') + self.priority = attributes[:'priority'] + end + + if attributes.key?(:'queue') + self.queue = attributes[:'queue'] + end + + if attributes.key?(:'resource') + self.resource = attributes[:'resource'] + end + + if attributes.key?(:'should_create_tickets') + self.should_create_tickets = attributes[:'should_create_tickets'] + end + + if attributes.key?(:'source') + self.source = attributes[:'source'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + destination_validator = EnumAttributeValidator.new('', ['queue', 'resource']) + return false unless destination_validator.valid?(@destination) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] destination Object to be assigned + def destination=(destination) + validator = EnumAttributeValidator.new('', ['queue', 'resource']) + unless validator.valid?(destination) + fail ArgumentError, "invalid value for \"destination\", must be one of #{validator.allowable_values}." + end + @destination = destination + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + category == o.category && + description == o.description && + destination == o.destination && + display_name == o.display_name && + due_days == o.due_days && + id == o.id && + priority == o.priority && + queue == o.queue && + resource == o.resource && + should_create_tickets == o.should_create_tickets && + source == o.source && + status == o.status + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [category, description, destination, display_name, due_days, id, priority, queue, resource, should_create_tickets, source, status].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/all_of_connect_wise_ticketing_alert_configuration_list_records_items.rb b/jcapiv2/lib/jcapiv2/models/all_of_connect_wise_ticketing_alert_configuration_list_records_items.rb new file mode 100644 index 0000000..275695b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/all_of_connect_wise_ticketing_alert_configuration_list_records_items.rb @@ -0,0 +1,274 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AllOfConnectWiseTicketingAlertConfigurationListRecordsItems + attr_accessor :category + + attr_accessor :description + + attr_accessor :display_name + + attr_accessor :due_days + + attr_accessor :id + + attr_accessor :priority + + attr_accessor :should_create_tickets + + attr_accessor :source + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'category' => :'category', + :'description' => :'description', + :'display_name' => :'displayName', + :'due_days' => :'dueDays', + :'id' => :'id', + :'priority' => :'priority', + :'should_create_tickets' => :'shouldCreateTickets', + :'source' => :'source' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'category' => :'', + :'description' => :'', + :'display_name' => :'', + :'due_days' => :'', + :'id' => :'', + :'priority' => :'', + :'should_create_tickets' => :'', + :'source' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AllOfConnectWiseTicketingAlertConfigurationListRecordsItems` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AllOfConnectWiseTicketingAlertConfigurationListRecordsItems`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'category') + self.category = attributes[:'category'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'due_days') + self.due_days = attributes[:'due_days'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'priority') + self.priority = attributes[:'priority'] + end + + if attributes.key?(:'should_create_tickets') + self.should_create_tickets = attributes[:'should_create_tickets'] + end + + if attributes.key?(:'source') + self.source = attributes[:'source'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @should_create_tickets.nil? + invalid_properties.push('invalid value for "should_create_tickets", should_create_tickets cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @should_create_tickets.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + category == o.category && + description == o.description && + display_name == o.display_name && + due_days == o.due_days && + id == o.id && + priority == o.priority && + should_create_tickets == o.should_create_tickets && + source == o.source + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [category, description, display_name, due_days, id, priority, should_create_tickets, source].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/all_of_pwm_all_users_results_items.rb b/jcapiv2/lib/jcapiv2/models/all_of_pwm_all_users_results_items.rb new file mode 100644 index 0000000..781b3fc --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/all_of_pwm_all_users_results_items.rb @@ -0,0 +1,383 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AllOfPwmAllUsersResultsItems + attr_accessor :compromised_passwords + + attr_accessor :old_passwords + + attr_accessor :reused_passwords + + attr_accessor :weak_passwords + + attr_accessor :apps + + attr_accessor :cloud_backup_restores + + attr_accessor :email + + attr_accessor :employee_uuid + + attr_accessor :external_id + + attr_accessor :groups + + attr_accessor :id + + attr_accessor :items_count + + attr_accessor :name + + attr_accessor :passwords_count + + attr_accessor :passwords_score + + attr_accessor :score_updated_at + + attr_accessor :status + + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'compromised_passwords' => :'compromisedPasswords', + :'old_passwords' => :'oldPasswords', + :'reused_passwords' => :'reusedPasswords', + :'weak_passwords' => :'weakPasswords', + :'apps' => :'apps', + :'cloud_backup_restores' => :'cloudBackupRestores', + :'email' => :'email', + :'employee_uuid' => :'employeeUuid', + :'external_id' => :'externalId', + :'groups' => :'groups', + :'id' => :'id', + :'items_count' => :'itemsCount', + :'name' => :'name', + :'passwords_count' => :'passwordsCount', + :'passwords_score' => :'passwordsScore', + :'score_updated_at' => :'scoreUpdatedAt', + :'status' => :'status', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'compromised_passwords' => :'', + :'old_passwords' => :'', + :'reused_passwords' => :'', + :'weak_passwords' => :'', + :'apps' => :'', + :'cloud_backup_restores' => :'', + :'email' => :'', + :'employee_uuid' => :'', + :'external_id' => :'', + :'groups' => :'', + :'id' => :'', + :'items_count' => :'', + :'name' => :'', + :'passwords_count' => :'', + :'passwords_score' => :'', + :'score_updated_at' => :'', + :'status' => :'', + :'username' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AllOfPwmAllUsersResultsItems` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AllOfPwmAllUsersResultsItems`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'compromised_passwords') + self.compromised_passwords = attributes[:'compromised_passwords'] + end + + if attributes.key?(:'old_passwords') + self.old_passwords = attributes[:'old_passwords'] + end + + if attributes.key?(:'reused_passwords') + self.reused_passwords = attributes[:'reused_passwords'] + end + + if attributes.key?(:'weak_passwords') + self.weak_passwords = attributes[:'weak_passwords'] + end + + if attributes.key?(:'apps') + self.apps = attributes[:'apps'] + end + + if attributes.key?(:'cloud_backup_restores') + self.cloud_backup_restores = attributes[:'cloud_backup_restores'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'employee_uuid') + self.employee_uuid = attributes[:'employee_uuid'] + end + + if attributes.key?(:'external_id') + self.external_id = attributes[:'external_id'] + end + + if attributes.key?(:'groups') + self.groups = attributes[:'groups'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'items_count') + self.items_count = attributes[:'items_count'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'passwords_count') + self.passwords_count = attributes[:'passwords_count'] + end + + if attributes.key?(:'passwords_score') + self.passwords_score = attributes[:'passwords_score'] + end + + if attributes.key?(:'score_updated_at') + self.score_updated_at = attributes[:'score_updated_at'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @email.nil? + invalid_properties.push('invalid value for "email", email cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @status.nil? + invalid_properties.push('invalid value for "status", status cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @email.nil? + return false if @id.nil? + return false if @name.nil? + return false if @status.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + compromised_passwords == o.compromised_passwords && + old_passwords == o.old_passwords && + reused_passwords == o.reused_passwords && + weak_passwords == o.weak_passwords && + apps == o.apps && + cloud_backup_restores == o.cloud_backup_restores && + email == o.email && + employee_uuid == o.employee_uuid && + external_id == o.external_id && + groups == o.groups && + id == o.id && + items_count == o.items_count && + name == o.name && + passwords_count == o.passwords_count && + passwords_score == o.passwords_score && + score_updated_at == o.score_updated_at && + status == o.status && + username == o.username && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [compromised_passwords, old_passwords, reused_passwords, weak_passwords, apps, cloud_backup_restores, email, employee_uuid, external_id, groups, id, items_count, name, passwords_count, passwords_score, score_updated_at, status, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/all_of_pwm_items_metadata_results_items.rb b/jcapiv2/lib/jcapiv2/models/all_of_pwm_items_metadata_results_items.rb new file mode 100644 index 0000000..48dc9e7 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/all_of_pwm_items_metadata_results_items.rb @@ -0,0 +1,339 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AllOfPwmItemsMetadataResultsItems + attr_accessor :created_by + + attr_accessor :date_created + + attr_accessor :date_updated + + attr_accessor :updated_by + + attr_accessor :field1 + + attr_accessor :field2 + + attr_accessor :folder_name + + attr_accessor :folder_uuid + + attr_accessor :id + + attr_accessor :item_uuid + + attr_accessor :nickname + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'created_by' => :'createdBy', + :'date_created' => :'dateCreated', + :'date_updated' => :'dateUpdated', + :'updated_by' => :'updatedBy', + :'field1' => :'field1', + :'field2' => :'field2', + :'folder_name' => :'folderName', + :'folder_uuid' => :'folderUuid', + :'id' => :'id', + :'item_uuid' => :'itemUuid', + :'nickname' => :'nickname', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'created_by' => :'', + :'date_created' => :'', + :'date_updated' => :'', + :'updated_by' => :'', + :'field1' => :'', + :'field2' => :'', + :'folder_name' => :'', + :'folder_uuid' => :'', + :'id' => :'', + :'item_uuid' => :'', + :'nickname' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AllOfPwmItemsMetadataResultsItems` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AllOfPwmItemsMetadataResultsItems`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'created_by') + self.created_by = attributes[:'created_by'] + end + + if attributes.key?(:'date_created') + self.date_created = attributes[:'date_created'] + end + + if attributes.key?(:'date_updated') + self.date_updated = attributes[:'date_updated'] + end + + if attributes.key?(:'updated_by') + self.updated_by = attributes[:'updated_by'] + end + + if attributes.key?(:'field1') + self.field1 = attributes[:'field1'] + end + + if attributes.key?(:'field2') + self.field2 = attributes[:'field2'] + end + + if attributes.key?(:'folder_name') + self.folder_name = attributes[:'folder_name'] + end + + if attributes.key?(:'folder_uuid') + self.folder_uuid = attributes[:'folder_uuid'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'item_uuid') + self.item_uuid = attributes[:'item_uuid'] + end + + if attributes.key?(:'nickname') + self.nickname = attributes[:'nickname'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @field1.nil? + invalid_properties.push('invalid value for "field1", field1 cannot be nil.') + end + + if @field2.nil? + invalid_properties.push('invalid value for "field2", field2 cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @item_uuid.nil? + invalid_properties.push('invalid value for "item_uuid", item_uuid cannot be nil.') + end + + if @nickname.nil? + invalid_properties.push('invalid value for "nickname", nickname cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @field1.nil? + return false if @field2.nil? + return false if @id.nil? + return false if @item_uuid.nil? + return false if @nickname.nil? + return false if @type.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + created_by == o.created_by && + date_created == o.date_created && + date_updated == o.date_updated && + updated_by == o.updated_by && + field1 == o.field1 && + field2 == o.field2 && + folder_name == o.folder_name && + folder_uuid == o.folder_uuid && + id == o.id && + item_uuid == o.item_uuid && + nickname == o.nickname && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [created_by, date_created, date_updated, updated_by, field1, field2, folder_name, folder_uuid, id, item_uuid, nickname, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/all_of_syncro_ticketing_alert_configuration_list_records_items.rb b/jcapiv2/lib/jcapiv2/models/all_of_syncro_ticketing_alert_configuration_list_records_items.rb new file mode 100644 index 0000000..495b7fd --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/all_of_syncro_ticketing_alert_configuration_list_records_items.rb @@ -0,0 +1,296 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AllOfSyncroTicketingAlertConfigurationListRecordsItems + attr_accessor :category + + attr_accessor :description + + attr_accessor :display_name + + attr_accessor :due_days + + attr_accessor :id + + attr_accessor :priority + + attr_accessor :problem_type + + attr_accessor :should_create_tickets + + attr_accessor :status + + attr_accessor :user_id + + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'category' => :'category', + :'description' => :'description', + :'display_name' => :'displayName', + :'due_days' => :'dueDays', + :'id' => :'id', + :'priority' => :'priority', + :'problem_type' => :'problemType', + :'should_create_tickets' => :'shouldCreateTickets', + :'status' => :'status', + :'user_id' => :'userId', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'category' => :'', + :'description' => :'', + :'display_name' => :'', + :'due_days' => :'', + :'id' => :'', + :'priority' => :'', + :'problem_type' => :'', + :'should_create_tickets' => :'', + :'status' => :'', + :'user_id' => :'', + :'username' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AllOfSyncroTicketingAlertConfigurationListRecordsItems` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AllOfSyncroTicketingAlertConfigurationListRecordsItems`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'category') + self.category = attributes[:'category'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'due_days') + self.due_days = attributes[:'due_days'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'priority') + self.priority = attributes[:'priority'] + end + + if attributes.key?(:'problem_type') + self.problem_type = attributes[:'problem_type'] + end + + if attributes.key?(:'should_create_tickets') + self.should_create_tickets = attributes[:'should_create_tickets'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'user_id') + self.user_id = attributes[:'user_id'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + category == o.category && + description == o.description && + display_name == o.display_name && + due_days == o.due_days && + id == o.id && + priority == o.priority && + problem_type == o.problem_type && + should_create_tickets == o.should_create_tickets && + status == o.status && + user_id == o.user_id && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [category, description, display_name, due_days, id, priority, problem_type, should_create_tickets, status, user_id, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/any_value.rb b/jcapiv2/lib/jcapiv2/models/any_value.rb new file mode 100644 index 0000000..95c5ed6 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/any_value.rb @@ -0,0 +1,198 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Can be any value - string, number, boolean, array or object. + class AnyValue + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AnyValue` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AnyValue`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/apple_mdm.rb b/jcapiv2/lib/jcapiv2/models/apple_mdm.rb index aa6b378..5ff44ad 100644 --- a/jcapiv2/lib/jcapiv2/models/apple_mdm.rb +++ b/jcapiv2/lib/jcapiv2/models/apple_mdm.rb @@ -1,68 +1,196 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class AppleMDM + attr_accessor :ades + + # A toggle to allow mobile device enrollment for an organization. + attr_accessor :allow_mobile_user_enrollment + + # The expiration date and time for the APNS Certificate. + attr_accessor :apns_cert_expiry + # The push topic assigned to this enrollment by Apple after uploading the Signed CSR plist. attr_accessor :apns_push_topic + # The Apple ID of the admin who created the Apple signed certificate associated to the Device Manager. + attr_accessor :apple_cert_creator_apple_id + + # The serial number of the Apple signed certificate associated to the Device Manager. + attr_accessor :apple_cert_serial_number + + # ObjectId uniquely identifying the MDM default iOS user enrollment device group. + attr_accessor :default_ios_user_enrollment_device_group_id + + # ObjectId uniquely identifying the MDM default System Group. + attr_accessor :default_system_group_id + + attr_accessor :dep + + # The expiration date and time for the DEP Access Token. This aligns with the DEP Server Token State. + attr_accessor :dep_access_token_expiry + + # The state of the dep server token, presence and expiry. + attr_accessor :dep_server_token_state + # ObjectId uniquely identifying an MDM Enrollment, attr_accessor :id # A friendly name to identify this enrollment. Not required to be unique. attr_accessor :name + # The identifier for an organization + attr_accessor :organization + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'ades' => :'ades', + :'allow_mobile_user_enrollment' => :'allowMobileUserEnrollment', + :'apns_cert_expiry' => :'apnsCertExpiry', :'apns_push_topic' => :'apnsPushTopic', + :'apple_cert_creator_apple_id' => :'appleCertCreatorAppleID', + :'apple_cert_serial_number' => :'appleCertSerialNumber', + :'default_ios_user_enrollment_device_group_id' => :'defaultIosUserEnrollmentDeviceGroupID', + :'default_system_group_id' => :'defaultSystemGroupID', + :'dep' => :'dep', + :'dep_access_token_expiry' => :'depAccessTokenExpiry', + :'dep_server_token_state' => :'depServerTokenState', :'id' => :'id', - :'name' => :'name' + :'name' => :'name', + :'organization' => :'organization' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'apns_push_topic' => :'String', - :'id' => :'String', - :'name' => :'String' + :'ades' => :'Object', + :'allow_mobile_user_enrollment' => :'Object', + :'apns_cert_expiry' => :'Object', + :'apns_push_topic' => :'Object', + :'apple_cert_creator_apple_id' => :'Object', + :'apple_cert_serial_number' => :'Object', + :'default_ios_user_enrollment_device_group_id' => :'Object', + :'default_system_group_id' => :'Object', + :'dep' => :'Object', + :'dep_access_token_expiry' => :'Object', + :'dep_server_token_state' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'organization' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AppleMDM` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AppleMDM`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'apnsPushTopic') - self.apns_push_topic = attributes[:'apnsPushTopic'] + if attributes.key?(:'ades') + self.ades = attributes[:'ades'] end - if attributes.has_key?(:'id') + if attributes.key?(:'allow_mobile_user_enrollment') + self.allow_mobile_user_enrollment = attributes[:'allow_mobile_user_enrollment'] + end + + if attributes.key?(:'apns_cert_expiry') + self.apns_cert_expiry = attributes[:'apns_cert_expiry'] + end + + if attributes.key?(:'apns_push_topic') + self.apns_push_topic = attributes[:'apns_push_topic'] + end + + if attributes.key?(:'apple_cert_creator_apple_id') + self.apple_cert_creator_apple_id = attributes[:'apple_cert_creator_apple_id'] + end + + if attributes.key?(:'apple_cert_serial_number') + self.apple_cert_serial_number = attributes[:'apple_cert_serial_number'] + end + + if attributes.key?(:'default_ios_user_enrollment_device_group_id') + self.default_ios_user_enrollment_device_group_id = attributes[:'default_ios_user_enrollment_device_group_id'] + end + + if attributes.key?(:'default_system_group_id') + self.default_system_group_id = attributes[:'default_system_group_id'] + end + + if attributes.key?(:'dep') + self.dep = attributes[:'dep'] + end + + if attributes.key?(:'dep_access_token_expiry') + self.dep_access_token_expiry = attributes[:'dep_access_token_expiry'] + end + + if attributes.key?(:'dep_server_token_state') + self.dep_server_token_state = attributes[:'dep_server_token_state'] + end + + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end end # Show invalid properties with the reasons. Usually used together with valid? @@ -70,33 +198,29 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") + invalid_properties.push('invalid value for "id", id cannot be nil.') end - if !@name.nil? && @name.to_s.length > 255 - invalid_properties.push("invalid value for 'name', the character length must be smaller than or equal to 255.") - end - - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? + dep_server_token_state_validator = EnumAttributeValidator.new('Object', ['unknown', 'missing', 'valid', 'expired']) + return false unless dep_server_token_state_validator.valid?(@dep_server_token_state) return false if @id.nil? - return false if !@name.nil? && @name.to_s.length > 255 - return true + true end - # Custom attribute writer method with validation - # @param [Object] name Value to be assigned - def name=(name) - - if !name.nil? && name.to_s.length > 255 - fail ArgumentError, "invalid value for 'name', the character length must be smaller than or equal to 255." + # Custom attribute writer method checking allowed values (enum). + # @param [Object] dep_server_token_state Object to be assigned + def dep_server_token_state=(dep_server_token_state) + validator = EnumAttributeValidator.new('Object', ['unknown', 'missing', 'valid', 'expired']) + unless validator.valid?(dep_server_token_state) + fail ArgumentError, "invalid value for \"dep_server_token_state\", must be one of #{validator.allowable_values}." end - - @name = name + @dep_server_token_state = dep_server_token_state end # Checks equality by comparing each attribute. @@ -104,9 +228,20 @@ def name=(name) def ==(o) return true if self.equal?(o) self.class == o.class && + ades == o.ades && + allow_mobile_user_enrollment == o.allow_mobile_user_enrollment && + apns_cert_expiry == o.apns_cert_expiry && apns_push_topic == o.apns_push_topic && + apple_cert_creator_apple_id == o.apple_cert_creator_apple_id && + apple_cert_serial_number == o.apple_cert_serial_number && + default_ios_user_enrollment_device_group_id == o.default_ios_user_enrollment_device_group_id && + default_system_group_id == o.default_system_group_id && + dep == o.dep && + dep_access_token_expiry == o.dep_access_token_expiry && + dep_server_token_state == o.dep_server_token_state && id == o.id && - name == o.name + name == o.name && + organization == o.organization end # @see the `==` method @@ -116,9 +251,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [apns_push_topic, id, name].hash + [ades, allow_mobile_user_enrollment, apns_cert_expiry, apns_push_topic, apple_cert_creator_apple_id, apple_cert_serial_number, default_ios_user_enrollment_device_group_id, default_system_group_id, dep, dep_access_token_expiry, dep_server_token_state, id, name, organization].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -126,16 +268,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -157,7 +301,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -178,8 +322,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -201,7 +344,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -213,7 +360,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -223,8 +370,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/apple_mdm_device.rb b/jcapiv2/lib/jcapiv2/models/apple_mdm_device.rb new file mode 100644 index 0000000..42a25bf --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/apple_mdm_device.rb @@ -0,0 +1,287 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AppleMdmDevice + attr_accessor :created_at + + attr_accessor :dep_registered + + attr_accessor :device_information + + attr_accessor :enrolled + + attr_accessor :has_activation_lock_bypass_codes + + attr_accessor :id + + attr_accessor :os_version + + attr_accessor :security_info + + attr_accessor :serial_number + + attr_accessor :udid + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'created_at' => :'createdAt', + :'dep_registered' => :'depRegistered', + :'device_information' => :'deviceInformation', + :'enrolled' => :'enrolled', + :'has_activation_lock_bypass_codes' => :'hasActivationLockBypassCodes', + :'id' => :'id', + :'os_version' => :'osVersion', + :'security_info' => :'securityInfo', + :'serial_number' => :'serialNumber', + :'udid' => :'udid' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'created_at' => :'Object', + :'dep_registered' => :'Object', + :'device_information' => :'Object', + :'enrolled' => :'Object', + :'has_activation_lock_bypass_codes' => :'Object', + :'id' => :'Object', + :'os_version' => :'Object', + :'security_info' => :'Object', + :'serial_number' => :'Object', + :'udid' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AppleMdmDevice` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AppleMdmDevice`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'created_at') + self.created_at = attributes[:'created_at'] + end + + if attributes.key?(:'dep_registered') + self.dep_registered = attributes[:'dep_registered'] + end + + if attributes.key?(:'device_information') + self.device_information = attributes[:'device_information'] + end + + if attributes.key?(:'enrolled') + self.enrolled = attributes[:'enrolled'] + end + + if attributes.key?(:'has_activation_lock_bypass_codes') + self.has_activation_lock_bypass_codes = attributes[:'has_activation_lock_bypass_codes'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'os_version') + self.os_version = attributes[:'os_version'] + end + + if attributes.key?(:'security_info') + self.security_info = attributes[:'security_info'] + end + + if attributes.key?(:'serial_number') + self.serial_number = attributes[:'serial_number'] + end + + if attributes.key?(:'udid') + self.udid = attributes[:'udid'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + created_at == o.created_at && + dep_registered == o.dep_registered && + device_information == o.device_information && + enrolled == o.enrolled && + has_activation_lock_bypass_codes == o.has_activation_lock_bypass_codes && + id == o.id && + os_version == o.os_version && + security_info == o.security_info && + serial_number == o.serial_number && + udid == o.udid + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [created_at, dep_registered, device_information, enrolled, has_activation_lock_bypass_codes, id, os_version, security_info, serial_number, udid].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/apple_mdm_device_info.rb b/jcapiv2/lib/jcapiv2/models/apple_mdm_device_info.rb new file mode 100644 index 0000000..3f8563b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/apple_mdm_device_info.rb @@ -0,0 +1,315 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Apple MDM device information + class AppleMdmDeviceInfo + attr_accessor :activation_lock_allowed_while_supervised + + attr_accessor :available_device_capacity + + attr_accessor :device_capacity + + attr_accessor :device_name + + attr_accessor :iccid + + attr_accessor :imei + + attr_accessor :is_supervised + + attr_accessor :model_name + + attr_accessor :second_iccid + + attr_accessor :second_imei + + attr_accessor :second_subscriber_carrier_network + + attr_accessor :subscriber_carrier_network + + attr_accessor :wifi_mac + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'activation_lock_allowed_while_supervised' => :'activationLockAllowedWhileSupervised', + :'available_device_capacity' => :'availableDeviceCapacity', + :'device_capacity' => :'deviceCapacity', + :'device_name' => :'deviceName', + :'iccid' => :'iccid', + :'imei' => :'imei', + :'is_supervised' => :'isSupervised', + :'model_name' => :'modelName', + :'second_iccid' => :'secondIccid', + :'second_imei' => :'secondImei', + :'second_subscriber_carrier_network' => :'secondSubscriberCarrierNetwork', + :'subscriber_carrier_network' => :'subscriberCarrierNetwork', + :'wifi_mac' => :'wifiMac' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'activation_lock_allowed_while_supervised' => :'Object', + :'available_device_capacity' => :'Object', + :'device_capacity' => :'Object', + :'device_name' => :'Object', + :'iccid' => :'Object', + :'imei' => :'Object', + :'is_supervised' => :'Object', + :'model_name' => :'Object', + :'second_iccid' => :'Object', + :'second_imei' => :'Object', + :'second_subscriber_carrier_network' => :'Object', + :'subscriber_carrier_network' => :'Object', + :'wifi_mac' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AppleMdmDeviceInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AppleMdmDeviceInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'activation_lock_allowed_while_supervised') + self.activation_lock_allowed_while_supervised = attributes[:'activation_lock_allowed_while_supervised'] + end + + if attributes.key?(:'available_device_capacity') + self.available_device_capacity = attributes[:'available_device_capacity'] + end + + if attributes.key?(:'device_capacity') + self.device_capacity = attributes[:'device_capacity'] + end + + if attributes.key?(:'device_name') + self.device_name = attributes[:'device_name'] + end + + if attributes.key?(:'iccid') + self.iccid = attributes[:'iccid'] + end + + if attributes.key?(:'imei') + self.imei = attributes[:'imei'] + end + + if attributes.key?(:'is_supervised') + self.is_supervised = attributes[:'is_supervised'] + end + + if attributes.key?(:'model_name') + self.model_name = attributes[:'model_name'] + end + + if attributes.key?(:'second_iccid') + self.second_iccid = attributes[:'second_iccid'] + end + + if attributes.key?(:'second_imei') + self.second_imei = attributes[:'second_imei'] + end + + if attributes.key?(:'second_subscriber_carrier_network') + self.second_subscriber_carrier_network = attributes[:'second_subscriber_carrier_network'] + end + + if attributes.key?(:'subscriber_carrier_network') + self.subscriber_carrier_network = attributes[:'subscriber_carrier_network'] + end + + if attributes.key?(:'wifi_mac') + self.wifi_mac = attributes[:'wifi_mac'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + activation_lock_allowed_while_supervised == o.activation_lock_allowed_while_supervised && + available_device_capacity == o.available_device_capacity && + device_capacity == o.device_capacity && + device_name == o.device_name && + iccid == o.iccid && + imei == o.imei && + is_supervised == o.is_supervised && + model_name == o.model_name && + second_iccid == o.second_iccid && + second_imei == o.second_imei && + second_subscriber_carrier_network == o.second_subscriber_carrier_network && + subscriber_carrier_network == o.subscriber_carrier_network && + wifi_mac == o.wifi_mac + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [activation_lock_allowed_while_supervised, available_device_capacity, device_capacity, device_name, iccid, imei, is_supervised, model_name, second_iccid, second_imei, second_subscriber_carrier_network, subscriber_carrier_network, wifi_mac].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/apple_mdm_device_security_info.rb b/jcapiv2/lib/jcapiv2/models/apple_mdm_device_security_info.rb new file mode 100644 index 0000000..9de5cfd --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/apple_mdm_device_security_info.rb @@ -0,0 +1,243 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Apple MDM device security information + class AppleMdmDeviceSecurityInfo + attr_accessor :enrolled_via_dep + + attr_accessor :is_activation_lock_manageable + + attr_accessor :is_user_enrollment + + attr_accessor :passcode_present + + attr_accessor :user_approved_enrollment + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'enrolled_via_dep' => :'enrolledViaDep', + :'is_activation_lock_manageable' => :'isActivationLockManageable', + :'is_user_enrollment' => :'isUserEnrollment', + :'passcode_present' => :'passcodePresent', + :'user_approved_enrollment' => :'userApprovedEnrollment' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'enrolled_via_dep' => :'Object', + :'is_activation_lock_manageable' => :'Object', + :'is_user_enrollment' => :'Object', + :'passcode_present' => :'Object', + :'user_approved_enrollment' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AppleMdmDeviceSecurityInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AppleMdmDeviceSecurityInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'enrolled_via_dep') + self.enrolled_via_dep = attributes[:'enrolled_via_dep'] + end + + if attributes.key?(:'is_activation_lock_manageable') + self.is_activation_lock_manageable = attributes[:'is_activation_lock_manageable'] + end + + if attributes.key?(:'is_user_enrollment') + self.is_user_enrollment = attributes[:'is_user_enrollment'] + end + + if attributes.key?(:'passcode_present') + self.passcode_present = attributes[:'passcode_present'] + end + + if attributes.key?(:'user_approved_enrollment') + self.user_approved_enrollment = attributes[:'user_approved_enrollment'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enrolled_via_dep == o.enrolled_via_dep && + is_activation_lock_manageable == o.is_activation_lock_manageable && + is_user_enrollment == o.is_user_enrollment && + passcode_present == o.passcode_present && + user_approved_enrollment == o.user_approved_enrollment + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [enrolled_via_dep, is_activation_lock_manageable, is_user_enrollment, passcode_present, user_approved_enrollment].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/apple_mdm_patch.rb b/jcapiv2/lib/jcapiv2/models/apple_mdm_patch.rb new file mode 100644 index 0000000..eb1cd33 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/apple_mdm_patch.rb @@ -0,0 +1,285 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AppleMdmPatch + attr_accessor :ades + + # A toggle to allow mobile device enrollment for an organization. + attr_accessor :allow_mobile_user_enrollment + + # The Apple ID of the admin who created the Apple signed certificate. + attr_accessor :apple_cert_creator_apple_id + + # A signed certificate obtained from Apple after providing Apple with the plist file provided on POST. + attr_accessor :apple_signed_cert + + # ObjectId uniquely identifying the MDM default iOS user enrollment device group. + attr_accessor :default_ios_user_enrollment_device_group_id + + # ObjectId uniquely identifying the MDM default System Group. + attr_accessor :default_system_group_id + + attr_accessor :dep + + # The S/MIME encoded DEP Server Token returned by Apple Business Manager when creating an MDM instance. + attr_accessor :encrypted_dep_server_token + + # A new name for the Apple MDM configuration. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'ades' => :'ades', + :'allow_mobile_user_enrollment' => :'allowMobileUserEnrollment', + :'apple_cert_creator_apple_id' => :'appleCertCreatorAppleID', + :'apple_signed_cert' => :'appleSignedCert', + :'default_ios_user_enrollment_device_group_id' => :'defaultIosUserEnrollmentDeviceGroupID', + :'default_system_group_id' => :'defaultSystemGroupID', + :'dep' => :'dep', + :'encrypted_dep_server_token' => :'encryptedDepServerToken', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'ades' => :'Object', + :'allow_mobile_user_enrollment' => :'Object', + :'apple_cert_creator_apple_id' => :'Object', + :'apple_signed_cert' => :'Object', + :'default_ios_user_enrollment_device_group_id' => :'Object', + :'default_system_group_id' => :'Object', + :'dep' => :'Object', + :'encrypted_dep_server_token' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AppleMdmPatch` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AppleMdmPatch`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'ades') + self.ades = attributes[:'ades'] + end + + if attributes.key?(:'allow_mobile_user_enrollment') + self.allow_mobile_user_enrollment = attributes[:'allow_mobile_user_enrollment'] + end + + if attributes.key?(:'apple_cert_creator_apple_id') + self.apple_cert_creator_apple_id = attributes[:'apple_cert_creator_apple_id'] + end + + if attributes.key?(:'apple_signed_cert') + self.apple_signed_cert = attributes[:'apple_signed_cert'] + end + + if attributes.key?(:'default_ios_user_enrollment_device_group_id') + self.default_ios_user_enrollment_device_group_id = attributes[:'default_ios_user_enrollment_device_group_id'] + end + + if attributes.key?(:'default_system_group_id') + self.default_system_group_id = attributes[:'default_system_group_id'] + end + + if attributes.key?(:'dep') + self.dep = attributes[:'dep'] + end + + if attributes.key?(:'encrypted_dep_server_token') + self.encrypted_dep_server_token = attributes[:'encrypted_dep_server_token'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + ades == o.ades && + allow_mobile_user_enrollment == o.allow_mobile_user_enrollment && + apple_cert_creator_apple_id == o.apple_cert_creator_apple_id && + apple_signed_cert == o.apple_signed_cert && + default_ios_user_enrollment_device_group_id == o.default_ios_user_enrollment_device_group_id && + default_system_group_id == o.default_system_group_id && + dep == o.dep && + encrypted_dep_server_token == o.encrypted_dep_server_token && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [ades, allow_mobile_user_enrollment, apple_cert_creator_apple_id, apple_signed_cert, default_ios_user_enrollment_device_group_id, default_system_group_id, dep, encrypted_dep_server_token, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/apple_mdm_patch_input.rb b/jcapiv2/lib/jcapiv2/models/apple_mdm_patch_input.rb deleted file mode 100644 index bf7f670..0000000 --- a/jcapiv2/lib/jcapiv2/models/apple_mdm_patch_input.rb +++ /dev/null @@ -1,215 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class AppleMdmPatchInput - # A signed certificate obtained from Apple after providing Apple with the plist file provided on POST. - attr_accessor :apple_signed_cert - - # A new name for the Apple MDM configuration. - attr_accessor :name - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'apple_signed_cert' => :'appleSignedCert', - :'name' => :'name' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'apple_signed_cert' => :'String', - :'name' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'appleSignedCert') - self.apple_signed_cert = attributes[:'appleSignedCert'] - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if !@name.nil? && @name.to_s.length > 255 - invalid_properties.push("invalid value for 'name', the character length must be smaller than or equal to 255.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if !@name.nil? && @name.to_s.length > 255 - return true - end - - # Custom attribute writer method with validation - # @param [Object] name Value to be assigned - def name=(name) - - if !name.nil? && name.to_s.length > 255 - fail ArgumentError, "invalid value for 'name', the character length must be smaller than or equal to 255." - end - - @name = name - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - apple_signed_cert == o.apple_signed_cert && - name == o.name - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [apple_signed_cert, name].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/apple_mdm_public_key_cert.rb b/jcapiv2/lib/jcapiv2/models/apple_mdm_public_key_cert.rb new file mode 100644 index 0000000..44cf81e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/apple_mdm_public_key_cert.rb @@ -0,0 +1,197 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AppleMdmPublicKeyCert + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AppleMdmPublicKeyCert` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AppleMdmPublicKeyCert`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/apple_mdm_signed_csr_plist.rb b/jcapiv2/lib/jcapiv2/models/apple_mdm_signed_csr_plist.rb new file mode 100644 index 0000000..8126193 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/apple_mdm_signed_csr_plist.rb @@ -0,0 +1,197 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AppleMdmSignedCsrPlist + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AppleMdmSignedCsrPlist` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AppleMdmSignedCsrPlist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/application_id_logo_body.rb b/jcapiv2/lib/jcapiv2/models/application_id_logo_body.rb new file mode 100644 index 0000000..c23382d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/application_id_logo_body.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ApplicationIdLogoBody + # The file to upload. + attr_accessor :image + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'image' => :'image' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'image' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ApplicationIdLogoBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ApplicationIdLogoBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'image') + self.image = attributes[:'image'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + image == o.image + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [image].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/apps.rb b/jcapiv2/lib/jcapiv2/models/apps.rb new file mode 100644 index 0000000..e01bfd1 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/apps.rb @@ -0,0 +1,201 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class Apps + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Apps` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Apps`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/apps_inner.rb b/jcapiv2/lib/jcapiv2/models/apps_inner.rb new file mode 100644 index 0000000..2b89c33 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/apps_inner.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AppsInner + attr_accessor :app_version + + attr_accessor :os_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'app_version' => :'appVersion', + :'os_id' => :'osId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'app_version' => :'Object', + :'os_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AppsInner` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AppsInner`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'app_version') + self.app_version = attributes[:'app_version'] + end + + if attributes.key?(:'os_id') + self.os_id = attributes[:'os_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + app_version == o.app_version && + os_id == o.os_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [app_version, os_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/auth_info.rb b/jcapiv2/lib/jcapiv2/models/auth_info.rb index 4c35d65..6639b7e 100644 --- a/jcapiv2/lib/jcapiv2/models/auth_info.rb +++ b/jcapiv2/lib/jcapiv2/models/auth_info.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class AuthInfo attr_accessor :expiry @@ -21,7 +19,6 @@ class AuthInfo attr_accessor :message - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -32,47 +29,59 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'expiry' => :'String', - :'is_valid' => :'BOOLEAN', - :'message' => :'String' + :'expiry' => :'Object', + :'is_valid' => :'Object', + :'message' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthInfo` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'expiry') + if attributes.key?(:'expiry') self.expiry = attributes[:'expiry'] end - if attributes.has_key?(:'isValid') - self.is_valid = attributes[:'isValid'] + if attributes.key?(:'is_valid') + self.is_valid = attributes[:'is_valid'] end - if attributes.has_key?(:'message') + if attributes.key?(:'message') self.message = attributes[:'message'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -92,26 +101,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [expiry, is_valid, message].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -133,7 +151,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -154,8 +172,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -177,7 +194,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -189,7 +210,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -199,8 +220,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/auth_input.rb b/jcapiv2/lib/jcapiv2/models/auth_input.rb index e87a718..2f24f96 100644 --- a/jcapiv2/lib/jcapiv2/models/auth_input.rb +++ b/jcapiv2/lib/jcapiv2/models/auth_input.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class AuthInput attr_accessor :basic attr_accessor :oauth - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'basic' => :'AuthinputBasic', - :'oauth' => :'AuthinputOauth' + :'basic' => :'Object', + :'oauth' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthInput` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthInput`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'basic') + if attributes.key?(:'basic') self.basic = attributes[:'basic'] end - if attributes.has_key?(:'oauth') + if attributes.key?(:'oauth') self.oauth = attributes[:'oauth'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [basic, oauth].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/auth_input_object.rb b/jcapiv2/lib/jcapiv2/models/auth_input_object.rb index 6653762..c670539 100644 --- a/jcapiv2/lib/jcapiv2/models/auth_input_object.rb +++ b/jcapiv2/lib/jcapiv2/models/auth_input_object.rb @@ -1,23 +1,20 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class AuthInputObject attr_accessor :auth - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -26,37 +23,49 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'auth' => :'AuthInput' + :'auth' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthInputObject` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthInputObject`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'auth') + if attributes.key?(:'auth') self.auth = attributes[:'auth'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -74,26 +83,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [auth].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -115,7 +133,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -136,8 +154,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -159,7 +176,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -171,7 +192,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -181,8 +202,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/authinput_basic.rb b/jcapiv2/lib/jcapiv2/models/authinput_basic.rb index 86d2936..e2d735a 100644 --- a/jcapiv2/lib/jcapiv2/models/authinput_basic.rb +++ b/jcapiv2/lib/jcapiv2/models/authinput_basic.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class AuthinputBasic attr_accessor :password attr_accessor :username - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'password' => :'String', - :'username' => :'String' + :'password' => :'Object', + :'username' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthinputBasic` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthinputBasic`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'password') + if attributes.key?(:'password') self.password = attributes[:'password'] end - if attributes.has_key?(:'username') + if attributes.key?(:'username') self.username = attributes[:'username'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [password, username].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/authinput_oauth.rb b/jcapiv2/lib/jcapiv2/models/authinput_oauth.rb index 5c2a4e6..c198d75 100644 --- a/jcapiv2/lib/jcapiv2/models/authinput_oauth.rb +++ b/jcapiv2/lib/jcapiv2/models/authinput_oauth.rb @@ -1,23 +1,20 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class AuthinputOauth attr_accessor :code - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -26,37 +23,49 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'code' => :'String' + :'code' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthinputOauth` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthinputOauth`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'code') + if attributes.key?(:'code') self.code = attributes[:'code'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -74,26 +83,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [code].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -115,7 +133,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -136,8 +154,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -159,7 +176,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -171,7 +192,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -181,8 +202,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy.rb b/jcapiv2/lib/jcapiv2/models/authn_policy.rb new file mode 100644 index 0000000..78cf400 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy.rb @@ -0,0 +1,271 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # This represents an authentication policy. See the details of each field for valid values and restrictions. + class AuthnPolicy + # Conditions may be added to an authentication policy using the following conditional language: ``` ::= ::= | | | | | | ::= { \"deviceEncrypted\": } ::= { \"deviceManaged\": } ::= { \"ipAddressIn\": [ , ... ] } ::= { \"locationIn\": { \"countries\": [ , ... ] } } ::= { \"not\": } ::= { \"all\": [ , ... ] } ::= { \"any\": [ , ... ] } ``` For example, to add a condition that applies to IP addresses in a given list, the following condition can be added: ``` {\"ipAddressIn\": [ ]} ``` If you would rather exclude IP addresses in the given lists, the following condition could be added: ``` { \"not\": { \"ipAddressIn\": [ , ] } } ``` You may also include more than one condition and choose whether \"all\" or \"any\" of them must be met for the policy to apply: ``` { \"all\": [ { \"ipAddressIn\": [ , ... ] }, { \"deviceManaged\": true }, { \"locationIn\": { countries: [ , ... ] } } ] } ``` + attr_accessor :conditions + + attr_accessor :description + + attr_accessor :disabled + + attr_accessor :effect + + attr_accessor :id + + attr_accessor :name + + attr_accessor :targets + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'conditions' => :'conditions', + :'description' => :'description', + :'disabled' => :'disabled', + :'effect' => :'effect', + :'id' => :'id', + :'name' => :'name', + :'targets' => :'targets', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'conditions' => :'Object', + :'description' => :'Object', + :'disabled' => :'Object', + :'effect' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'targets' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicy` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicy`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'conditions') + self.conditions = attributes[:'conditions'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'disabled') + self.disabled = attributes[:'disabled'] + end + + if attributes.key?(:'effect') + self.effect = attributes[:'effect'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'targets') + self.targets = attributes[:'targets'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + conditions == o.conditions && + description == o.description && + disabled == o.disabled && + effect == o.effect && + id == o.id && + name == o.name && + targets == o.targets && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [conditions, description, disabled, effect, id, name, targets, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_effect.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_effect.rb new file mode 100644 index 0000000..3f68b6b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_effect.rb @@ -0,0 +1,254 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyEffect + attr_accessor :action + + attr_accessor :obligations + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'action' => :'action', + :'obligations' => :'obligations' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'action' => :'Object', + :'obligations' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyEffect` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyEffect`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'action') + self.action = attributes[:'action'] + end + + if attributes.key?(:'obligations') + self.obligations = attributes[:'obligations'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @action.nil? + invalid_properties.push('invalid value for "action", action cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @action.nil? + action_validator = EnumAttributeValidator.new('Object', ['allow', 'deny', 'unknown']) + return false unless action_validator.valid?(@action) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] action Object to be assigned + def action=(action) + validator = EnumAttributeValidator.new('Object', ['allow', 'deny', 'unknown']) + unless validator.valid?(action) + fail ArgumentError, "invalid value for \"action\", must be one of #{validator.allowable_values}." + end + @action = action + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + action == o.action && + obligations == o.obligations + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [action, obligations].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_obligations.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_obligations.rb new file mode 100644 index 0000000..b17f242 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_obligations.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyObligations + attr_accessor :external_identity_provider + + attr_accessor :mfa + + attr_accessor :user_verification + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'external_identity_provider' => :'externalIdentityProvider', + :'mfa' => :'mfa', + :'user_verification' => :'userVerification' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'external_identity_provider' => :'Object', + :'mfa' => :'Object', + :'user_verification' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyObligations` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyObligations`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'external_identity_provider') + self.external_identity_provider = attributes[:'external_identity_provider'] + end + + if attributes.key?(:'mfa') + self.mfa = attributes[:'mfa'] + end + + if attributes.key?(:'user_verification') + self.user_verification = attributes[:'user_verification'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + external_identity_provider == o.external_identity_provider && + mfa == o.mfa && + user_verification == o.user_verification + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [external_identity_provider, mfa, user_verification].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_obligations_external_identity_provider.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_obligations_external_identity_provider.rb new file mode 100644 index 0000000..89e7b43 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_obligations_external_identity_provider.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyObligationsExternalIdentityProvider + attr_accessor :object_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'object_id' => :'objectId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'object_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyObligationsExternalIdentityProvider` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyObligationsExternalIdentityProvider`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'object_id') + self.object_id = attributes[:'object_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + object_id == o.object_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [object_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_obligations_mfa.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_obligations_mfa.rb new file mode 100644 index 0000000..625000d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_obligations_mfa.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyObligationsMfa + attr_accessor :required + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'required' => :'required' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'required' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyObligationsMfa` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyObligationsMfa`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'required') + self.required = attributes[:'required'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + required == o.required + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [required].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_obligations_user_verification.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_obligations_user_verification.rb new file mode 100644 index 0000000..2a3b78d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_obligations_user_verification.rb @@ -0,0 +1,240 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyObligationsUserVerification + attr_accessor :requirement + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'requirement' => :'requirement' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'requirement' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyObligationsUserVerification` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyObligationsUserVerification`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'requirement') + self.requirement = attributes[:'requirement'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + requirement_validator = EnumAttributeValidator.new('Object', ['none', 'optional', 'required']) + return false unless requirement_validator.valid?(@requirement) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] requirement Object to be assigned + def requirement=(requirement) + validator = EnumAttributeValidator.new('Object', ['none', 'optional', 'required']) + unless validator.valid?(requirement) + fail ArgumentError, "invalid value for \"requirement\", must be one of #{validator.allowable_values}." + end + @requirement = requirement + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + requirement == o.requirement + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [requirement].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_resource_target.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_resource_target.rb new file mode 100644 index 0000000..55bbcff --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_resource_target.rb @@ -0,0 +1,255 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyResourceTarget + # Object ID of the resource target. If undefined, then all resources of the given type are targeted. + attr_accessor :id + + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyResourceTarget` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyResourceTarget`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @type.nil? + type_validator = EnumAttributeValidator.new('Object', ['user_portal', 'application', 'ldap']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('Object', ['user_portal', 'application', 'ldap']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_targets.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_targets.rb new file mode 100644 index 0000000..a869bc2 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_targets.rb @@ -0,0 +1,235 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyTargets + attr_accessor :resources + + attr_accessor :user_attributes + + attr_accessor :user_groups + + attr_accessor :users + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'resources' => :'resources', + :'user_attributes' => :'userAttributes', + :'user_groups' => :'userGroups', + :'users' => :'users' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'resources' => :'Object', + :'user_attributes' => :'Object', + :'user_groups' => :'Object', + :'users' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyTargets` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyTargets`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'resources') + if (value = attributes[:'resources']).is_a?(Array) + self.resources = value + end + end + + if attributes.key?(:'user_attributes') + self.user_attributes = attributes[:'user_attributes'] + end + + if attributes.key?(:'user_groups') + self.user_groups = attributes[:'user_groups'] + end + + if attributes.key?(:'users') + self.users = attributes[:'users'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + resources == o.resources && + user_attributes == o.user_attributes && + user_groups == o.user_groups && + users == o.users + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [resources, user_attributes, user_groups, users].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_type.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_type.rb new file mode 100644 index 0000000..32d8674 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_type.rb @@ -0,0 +1,29 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyType + USER_PORTAL = 'user_portal'.freeze + APPLICATION = 'application'.freeze + LDAP = 'ldap'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = AuthnPolicyType.constants.select { |c| AuthnPolicyType::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #AuthnPolicyType" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_user_attribute_filter.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_user_attribute_filter.rb new file mode 100644 index 0000000..dcc186b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_user_attribute_filter.rb @@ -0,0 +1,259 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyUserAttributeFilter + # The only field that is currently supported is ldap_binding_user + attr_accessor :field + + attr_accessor :operator + + attr_accessor :value + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'field' => :'field', + :'operator' => :'operator', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'field' => :'Object', + :'operator' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyUserAttributeFilter` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyUserAttributeFilter`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'field') + self.field = attributes[:'field'] + end + + if attributes.key?(:'operator') + self.operator = attributes[:'operator'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + operator_validator = EnumAttributeValidator.new('Object', ['EQ']) + return false unless operator_validator.valid?(@operator) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] operator Object to be assigned + def operator=(operator) + validator = EnumAttributeValidator.new('Object', ['EQ']) + unless validator.valid?(operator) + fail ArgumentError, "invalid value for \"operator\", must be one of #{validator.allowable_values}." + end + @operator = operator + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + field == o.field && + operator == o.operator && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [field, operator, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_user_attribute_target.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_user_attribute_target.rb new file mode 100644 index 0000000..1126c6b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_user_attribute_target.rb @@ -0,0 +1,220 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # User attribute targets are currently only supported for LDAP policies. + class AuthnPolicyUserAttributeTarget + attr_accessor :exclusions + + attr_accessor :inclusions + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'exclusions' => :'exclusions', + :'inclusions' => :'inclusions' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'exclusions' => :'Object', + :'inclusions' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyUserAttributeTarget` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyUserAttributeTarget`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'exclusions') + if (value = attributes[:'exclusions']).is_a?(Array) + self.exclusions = value + end + end + + if attributes.key?(:'inclusions') + if (value = attributes[:'inclusions']).is_a?(Array) + self.inclusions = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + exclusions == o.exclusions && + inclusions == o.inclusions + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [exclusions, inclusions].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_user_group_target.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_user_group_target.rb new file mode 100644 index 0000000..9aaf03f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_user_group_target.rb @@ -0,0 +1,219 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyUserGroupTarget + attr_accessor :exclusions + + attr_accessor :inclusions + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'exclusions' => :'exclusions', + :'inclusions' => :'inclusions' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'exclusions' => :'Object', + :'inclusions' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyUserGroupTarget` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyUserGroupTarget`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'exclusions') + if (value = attributes[:'exclusions']).is_a?(Array) + self.exclusions = value + end + end + + if attributes.key?(:'inclusions') + if (value = attributes[:'inclusions']).is_a?(Array) + self.inclusions = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + exclusions == o.exclusions && + inclusions == o.inclusions + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [exclusions, inclusions].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/authn_policy_user_target.rb b/jcapiv2/lib/jcapiv2/models/authn_policy_user_target.rb new file mode 100644 index 0000000..67c9920 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/authn_policy_user_target.rb @@ -0,0 +1,208 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AuthnPolicyUserTarget + attr_accessor :inclusions + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'inclusions' => :'inclusions' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'inclusions' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AuthnPolicyUserTarget` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AuthnPolicyUserTarget`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'inclusions') + if (value = attributes[:'inclusions']).is_a?(Array) + self.inclusions = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + inclusions == o.inclusions + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [inclusions].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_company.rb b/jcapiv2/lib/jcapiv2/models/autotask_company.rb new file mode 100644 index 0000000..a78a4c0 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_company.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Autotask company details + class AutotaskCompany + # The autotask company identifier. + attr_accessor :id + + # The autotask company name. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskCompany` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskCompany`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_company_resp.rb b/jcapiv2/lib/jcapiv2/models/autotask_company_resp.rb new file mode 100644 index 0000000..b4264ad --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_company_resp.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Response for retrieving Autotask companies + class AutotaskCompanyResp + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskCompanyResp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskCompanyResp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_company_type_resp.rb b/jcapiv2/lib/jcapiv2/models/autotask_company_type_resp.rb new file mode 100644 index 0000000..49e78cf --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_company_type_resp.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Response for retrieving Autotask company types + class AutotaskCompanyTypeResp + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskCompanyTypeResp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskCompanyTypeResp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_contract.rb b/jcapiv2/lib/jcapiv2/models/autotask_contract.rb new file mode 100644 index 0000000..4df7c95 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_contract.rb @@ -0,0 +1,243 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Autotask contract details + class AutotaskContract + # The Autotask company identifier linked to contract. + attr_accessor :company_id + + # The contract identifier. + attr_accessor :id + + # The contract name. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'company_id' => :'companyId', + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'company_id' => :'Object', + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskContract` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskContract`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'company_id') + self.company_id = attributes[:'company_id'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @company_id.nil? + invalid_properties.push('invalid value for "company_id", company_id cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @company_id.nil? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + company_id == o.company_id && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [company_id, id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_contract_field.rb b/jcapiv2/lib/jcapiv2/models/autotask_contract_field.rb new file mode 100644 index 0000000..11f1bf5 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_contract_field.rb @@ -0,0 +1,229 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Autotask contract field details + class AutotaskContractField + # The contract field name. + attr_accessor :name + + attr_accessor :values + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'values' => :'values' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'values' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskContractField` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskContractField`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'values') + if (value = attributes[:'values']).is_a?(Array) + self.values = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @values.nil? + invalid_properties.push('invalid value for "values", values cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @name.nil? + return false if @values.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + values == o.values + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, values].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_contract_field_values.rb b/jcapiv2/lib/jcapiv2/models/autotask_contract_field_values.rb new file mode 100644 index 0000000..336557c --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_contract_field_values.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskContractFieldValues + attr_accessor :label + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'label' => :'label', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'label' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskContractFieldValues` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskContractFieldValues`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'label') + self.label = attributes[:'label'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + label == o.label && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [label, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_integration.rb b/jcapiv2/lib/jcapiv2/models/autotask_integration.rb new file mode 100644 index 0000000..097b974 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_integration.rb @@ -0,0 +1,238 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Autotask integration configuration details + class AutotaskIntegration + # The identifier for this Autotask integration. + attr_accessor :id + + # Has the msp-api been configured with auth data yet + attr_accessor :is_msp_auth_configured + + # The username for connecting to Autotask. + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'is_msp_auth_configured' => :'isMspAuthConfigured', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'is_msp_auth_configured' => :'Object', + :'username' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskIntegration` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskIntegration`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'is_msp_auth_configured') + self.is_msp_auth_configured = attributes[:'is_msp_auth_configured'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @username.nil? + invalid_properties.push('invalid value for "username", username cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @username.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + is_msp_auth_configured == o.is_msp_auth_configured && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, is_msp_auth_configured, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_integration_patch_req.rb b/jcapiv2/lib/jcapiv2/models/autotask_integration_patch_req.rb new file mode 100644 index 0000000..6de127a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_integration_patch_req.rb @@ -0,0 +1,218 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request for updating a Autotask integration + class AutotaskIntegrationPatchReq + # The secret for connecting to Autotask. + attr_accessor :secret + + # The username for connecting to Autotask. + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'secret' => :'secret', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'secret' => :'Object', + :'username' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskIntegrationPatchReq` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskIntegrationPatchReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'secret') + self.secret = attributes[:'secret'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + secret == o.secret && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [secret, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_integration_req.rb b/jcapiv2/lib/jcapiv2/models/autotask_integration_req.rb new file mode 100644 index 0000000..6f68b37 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_integration_req.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request for creating a Autotask integration + class AutotaskIntegrationReq + # The secret for connecting to Autotask. + attr_accessor :secret + + # The username for connecting to Autotask. + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'secret' => :'secret', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'secret' => :'Object', + :'username' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskIntegrationReq` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskIntegrationReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'secret') + self.secret = attributes[:'secret'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @secret.nil? + invalid_properties.push('invalid value for "secret", secret cannot be nil.') + end + + if @username.nil? + invalid_properties.push('invalid value for "username", username cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @secret.nil? + return false if @username.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + secret == o.secret && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [secret, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_request.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request.rb new file mode 100644 index 0000000..8cabbad --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request.rb @@ -0,0 +1,209 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request object for creating Autotask mappings + class AutotaskMappingRequest + attr_accessor :data + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'data' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'data') + if (value = attributes[:'data']).is_a?(Array) + self.data = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [data].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_company.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_company.rb new file mode 100644 index 0000000..7049be1 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_company.rb @@ -0,0 +1,225 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskMappingRequestCompany + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingRequestCompany` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingRequestCompany`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_contract.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_contract.rb new file mode 100644 index 0000000..a54b108 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_contract.rb @@ -0,0 +1,197 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskMappingRequestContract + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingRequestContract` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingRequestContract`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_data.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_data.rb new file mode 100644 index 0000000..39d0293 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_data.rb @@ -0,0 +1,252 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskMappingRequestData + attr_accessor :company + + attr_accessor :contract + + attr_accessor :delete + + attr_accessor :organization + + attr_accessor :service + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'company' => :'company', + :'contract' => :'contract', + :'delete' => :'delete', + :'organization' => :'organization', + :'service' => :'service' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'company' => :'Object', + :'contract' => :'Object', + :'delete' => :'Object', + :'organization' => :'Object', + :'service' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingRequestData` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingRequestData`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'company') + self.company = attributes[:'company'] + end + + if attributes.key?(:'contract') + self.contract = attributes[:'contract'] + end + + if attributes.key?(:'delete') + self.delete = attributes[:'delete'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + + if attributes.key?(:'service') + self.service = attributes[:'service'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @company.nil? + invalid_properties.push('invalid value for "company", company cannot be nil.') + end + + if @organization.nil? + invalid_properties.push('invalid value for "organization", organization cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @company.nil? + return false if @organization.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + company == o.company && + contract == o.contract && + delete == o.delete && + organization == o.organization && + service == o.service + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [company, contract, delete, organization, service].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_organization.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_organization.rb new file mode 100644 index 0000000..685a6ae --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_organization.rb @@ -0,0 +1,225 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskMappingRequestOrganization + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingRequestOrganization` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingRequestOrganization`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_service.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_service.rb new file mode 100644 index 0000000..ebf7f4d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_request_service.rb @@ -0,0 +1,197 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskMappingRequestService + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingRequestService` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingRequestService`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_response.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_response.rb new file mode 100644 index 0000000..7a30591 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_response.rb @@ -0,0 +1,252 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Autotask mapping GET response + class AutotaskMappingResponse + attr_accessor :company + + attr_accessor :contract + + attr_accessor :last_sync_date_time + + attr_accessor :last_sync_status + + attr_accessor :organization + + attr_accessor :service + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'company' => :'company', + :'contract' => :'contract', + :'last_sync_date_time' => :'lastSyncDateTime', + :'last_sync_status' => :'lastSyncStatus', + :'organization' => :'organization', + :'service' => :'service' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'company' => :'Object', + :'contract' => :'Object', + :'last_sync_date_time' => :'Object', + :'last_sync_status' => :'Object', + :'organization' => :'Object', + :'service' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'company') + self.company = attributes[:'company'] + end + + if attributes.key?(:'contract') + self.contract = attributes[:'contract'] + end + + if attributes.key?(:'last_sync_date_time') + self.last_sync_date_time = attributes[:'last_sync_date_time'] + end + + if attributes.key?(:'last_sync_status') + self.last_sync_status = attributes[:'last_sync_status'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + + if attributes.key?(:'service') + self.service = attributes[:'service'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + company == o.company && + contract == o.contract && + last_sync_date_time == o.last_sync_date_time && + last_sync_status == o.last_sync_status && + organization == o.organization && + service == o.service + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [company, contract, last_sync_date_time, last_sync_status, organization, service].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_company.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_company.rb new file mode 100644 index 0000000..96d44ad --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_company.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskMappingResponseCompany + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingResponseCompany` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingResponseCompany`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_contract.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_contract.rb new file mode 100644 index 0000000..00cf74b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_contract.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskMappingResponseContract + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingResponseContract` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingResponseContract`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_organization.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_organization.rb new file mode 100644 index 0000000..4d2097b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_organization.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskMappingResponseOrganization + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingResponseOrganization` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingResponseOrganization`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_service.rb b/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_service.rb new file mode 100644 index 0000000..acf6814 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_mapping_response_service.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskMappingResponseService + attr_accessor :id + + attr_accessor :name + + attr_accessor :non_billable_users + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name', + :'non_billable_users' => :'nonBillableUsers' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object', + :'non_billable_users' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskMappingResponseService` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskMappingResponseService`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'non_billable_users') + self.non_billable_users = attributes[:'non_billable_users'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name && + non_billable_users == o.non_billable_users + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name, non_billable_users].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_service.rb b/jcapiv2/lib/jcapiv2/models/autotask_service.rb new file mode 100644 index 0000000..fbaf4d5 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_service.rb @@ -0,0 +1,243 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Autotask contract service details + class AutotaskService + # The autotask contract identifier linked to this contract service. + attr_accessor :contract_id + + # The contract service identifier. + attr_accessor :id + + # The autotask service name linked to this contract service. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'contract_id' => :'contractId', + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'contract_id' => :'Object', + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskService` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskService`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'contract_id') + self.contract_id = attributes[:'contract_id'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @contract_id.nil? + invalid_properties.push('invalid value for "contract_id", contract_id cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @contract_id.nil? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + contract_id == o.contract_id && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [contract_id, id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_settings.rb b/jcapiv2/lib/jcapiv2/models/autotask_settings.rb new file mode 100644 index 0000000..f17daf9 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_settings.rb @@ -0,0 +1,220 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Autotask integration settings + class AutotaskSettings + # Determine whether Autotask uses automatic ticketing + attr_accessor :automatic_ticketing + + # The array of Autotask companyType IDs applicable to the Provider. + attr_accessor :company_type_ids + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'automatic_ticketing' => :'automaticTicketing', + :'company_type_ids' => :'companyTypeIds' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'automatic_ticketing' => :'Object', + :'company_type_ids' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskSettings` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskSettings`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'automatic_ticketing') + self.automatic_ticketing = attributes[:'automatic_ticketing'] + end + + if attributes.key?(:'company_type_ids') + if (value = attributes[:'company_type_ids']).is_a?(Array) + self.company_type_ids = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + automatic_ticketing == o.automatic_ticketing && + company_type_ids == o.company_type_ids + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [automatic_ticketing, company_type_ids].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_settings_patch_req.rb b/jcapiv2/lib/jcapiv2/models/autotask_settings_patch_req.rb new file mode 100644 index 0000000..f3080e5 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_settings_patch_req.rb @@ -0,0 +1,220 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request for updating a Autotask integration's settings + class AutotaskSettingsPatchReq + # Determine whether Autotask uses automatic ticketing + attr_accessor :automatic_ticketing + + # The array of Autotask companyType IDs applicable to the Provider. + attr_accessor :company_type_ids + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'automatic_ticketing' => :'automaticTicketing', + :'company_type_ids' => :'companyTypeIds' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'automatic_ticketing' => :'Object', + :'company_type_ids' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskSettingsPatchReq` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskSettingsPatchReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'automatic_ticketing') + self.automatic_ticketing = attributes[:'automatic_ticketing'] + end + + if attributes.key?(:'company_type_ids') + if (value = attributes[:'company_type_ids']).is_a?(Array) + self.company_type_ids = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + automatic_ticketing == o.automatic_ticketing && + company_type_ids == o.company_type_ids + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [automatic_ticketing, company_type_ids].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration.rb b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration.rb new file mode 100644 index 0000000..c581de1 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration.rb @@ -0,0 +1,340 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # An AutotaskTicketingAlertConfiguration object requires a queueId if the destination is queue. If the destination is resource, resource.id and resource.role.id are required. + class AutotaskTicketingAlertConfiguration + attr_accessor :category + + attr_accessor :description + + attr_accessor :destination + + attr_accessor :display_name + + attr_accessor :due_days + + attr_accessor :id + + attr_accessor :priority + + attr_accessor :queue + + attr_accessor :resource + + attr_accessor :should_create_tickets + + attr_accessor :source + + attr_accessor :status + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'category' => :'category', + :'description' => :'description', + :'destination' => :'destination', + :'display_name' => :'displayName', + :'due_days' => :'dueDays', + :'id' => :'id', + :'priority' => :'priority', + :'queue' => :'queue', + :'resource' => :'resource', + :'should_create_tickets' => :'shouldCreateTickets', + :'source' => :'source', + :'status' => :'status' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'category' => :'Object', + :'description' => :'Object', + :'destination' => :'Object', + :'display_name' => :'Object', + :'due_days' => :'Object', + :'id' => :'Object', + :'priority' => :'Object', + :'queue' => :'Object', + :'resource' => :'Object', + :'should_create_tickets' => :'Object', + :'source' => :'Object', + :'status' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskTicketingAlertConfiguration` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskTicketingAlertConfiguration`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'category') + self.category = attributes[:'category'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'destination') + self.destination = attributes[:'destination'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'due_days') + self.due_days = attributes[:'due_days'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'priority') + self.priority = attributes[:'priority'] + end + + if attributes.key?(:'queue') + self.queue = attributes[:'queue'] + end + + if attributes.key?(:'resource') + self.resource = attributes[:'resource'] + end + + if attributes.key?(:'should_create_tickets') + self.should_create_tickets = attributes[:'should_create_tickets'] + end + + if attributes.key?(:'source') + self.source = attributes[:'source'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + destination_validator = EnumAttributeValidator.new('Object', ['queue', 'resource']) + return false unless destination_validator.valid?(@destination) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] destination Object to be assigned + def destination=(destination) + validator = EnumAttributeValidator.new('Object', ['queue', 'resource']) + unless validator.valid?(destination) + fail ArgumentError, "invalid value for \"destination\", must be one of #{validator.allowable_values}." + end + @destination = destination + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + category == o.category && + description == o.description && + destination == o.destination && + display_name == o.display_name && + due_days == o.due_days && + id == o.id && + priority == o.priority && + queue == o.queue && + resource == o.resource && + should_create_tickets == o.should_create_tickets && + source == o.source && + status == o.status + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [category, description, destination, display_name, due_days, id, priority, queue, resource, should_create_tickets, source, status].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_list.rb b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_list.rb new file mode 100644 index 0000000..25b3f18 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_list.rb @@ -0,0 +1,213 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskTicketingAlertConfigurationList + attr_accessor :records + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskTicketingAlertConfigurationList` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskTicketingAlertConfigurationList`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_option.rb b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_option.rb new file mode 100644 index 0000000..dd8fffb --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_option.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskTicketingAlertConfigurationOption + attr_accessor :name + + attr_accessor :values + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'values' => :'values' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'values' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskTicketingAlertConfigurationOption` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskTicketingAlertConfigurationOption`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'values') + if (value = attributes[:'values']).is_a?(Array) + self.values = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + values == o.values + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, values].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_option_values.rb b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_option_values.rb new file mode 100644 index 0000000..ca83fce --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_option_values.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskTicketingAlertConfigurationOptionValues + attr_accessor :label + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'label' => :'label', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'label' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskTicketingAlertConfigurationOptionValues` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskTicketingAlertConfigurationOptionValues`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'label') + self.label = attributes[:'label'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + label == o.label && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [label, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_options.rb b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_options.rb new file mode 100644 index 0000000..557d951 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_options.rb @@ -0,0 +1,219 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskTicketingAlertConfigurationOptions + attr_accessor :options + + attr_accessor :resources + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'options' => :'options', + :'resources' => :'resources' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'options' => :'Object', + :'resources' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskTicketingAlertConfigurationOptions` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskTicketingAlertConfigurationOptions`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'options') + if (value = attributes[:'options']).is_a?(Array) + self.options = value + end + end + + if attributes.key?(:'resources') + if (value = attributes[:'resources']).is_a?(Array) + self.resources = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + options == o.options && + resources == o.resources + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [options, resources].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_priority.rb b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_priority.rb new file mode 100644 index 0000000..457a26f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_priority.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskTicketingAlertConfigurationPriority + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskTicketingAlertConfigurationPriority` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskTicketingAlertConfigurationPriority`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_request.rb b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_request.rb new file mode 100644 index 0000000..3da5841 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_request.rb @@ -0,0 +1,329 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # An AutotaskTicketingAlertConfigurationRequest object requires a queueId if the destination is queue. If the destination is resource, resource.id and resource.role.id are required. + class AutotaskTicketingAlertConfigurationRequest + attr_accessor :destination + + attr_accessor :due_days + + attr_accessor :priority + + attr_accessor :queue + + attr_accessor :resource + + attr_accessor :should_create_tickets + + attr_accessor :source + + attr_accessor :status + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'destination' => :'destination', + :'due_days' => :'dueDays', + :'priority' => :'priority', + :'queue' => :'queue', + :'resource' => :'resource', + :'should_create_tickets' => :'shouldCreateTickets', + :'source' => :'source', + :'status' => :'status' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'destination' => :'Object', + :'due_days' => :'Object', + :'priority' => :'Object', + :'queue' => :'Object', + :'resource' => :'Object', + :'should_create_tickets' => :'Object', + :'source' => :'Object', + :'status' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskTicketingAlertConfigurationRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskTicketingAlertConfigurationRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'destination') + self.destination = attributes[:'destination'] + end + + if attributes.key?(:'due_days') + self.due_days = attributes[:'due_days'] + end + + if attributes.key?(:'priority') + self.priority = attributes[:'priority'] + end + + if attributes.key?(:'queue') + self.queue = attributes[:'queue'] + end + + if attributes.key?(:'resource') + self.resource = attributes[:'resource'] + end + + if attributes.key?(:'should_create_tickets') + self.should_create_tickets = attributes[:'should_create_tickets'] + end + + if attributes.key?(:'source') + self.source = attributes[:'source'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @destination.nil? + invalid_properties.push('invalid value for "destination", destination cannot be nil.') + end + + if @due_days.nil? + invalid_properties.push('invalid value for "due_days", due_days cannot be nil.') + end + + if @priority.nil? + invalid_properties.push('invalid value for "priority", priority cannot be nil.') + end + + if @should_create_tickets.nil? + invalid_properties.push('invalid value for "should_create_tickets", should_create_tickets cannot be nil.') + end + + if @status.nil? + invalid_properties.push('invalid value for "status", status cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @destination.nil? + destination_validator = EnumAttributeValidator.new('Object', ['queue', 'resource']) + return false unless destination_validator.valid?(@destination) + return false if @due_days.nil? + return false if @priority.nil? + return false if @should_create_tickets.nil? + return false if @status.nil? + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] destination Object to be assigned + def destination=(destination) + validator = EnumAttributeValidator.new('Object', ['queue', 'resource']) + unless validator.valid?(destination) + fail ArgumentError, "invalid value for \"destination\", must be one of #{validator.allowable_values}." + end + @destination = destination + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + destination == o.destination && + due_days == o.due_days && + priority == o.priority && + queue == o.queue && + resource == o.resource && + should_create_tickets == o.should_create_tickets && + source == o.source && + status == o.status + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [destination, due_days, priority, queue, resource, should_create_tickets, source, status].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_resource.rb b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_resource.rb new file mode 100644 index 0000000..e49d72e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/autotask_ticketing_alert_configuration_resource.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class AutotaskTicketingAlertConfigurationResource + attr_accessor :id + + attr_accessor :name + + attr_accessor :role + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name', + :'role' => :'role' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object', + :'role' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::AutotaskTicketingAlertConfigurationResource` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::AutotaskTicketingAlertConfigurationResource`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'role') + self.role = attributes[:'role'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name && + role == o.role + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name, role].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/billing_integration_company_type.rb b/jcapiv2/lib/jcapiv2/models/billing_integration_company_type.rb new file mode 100644 index 0000000..280fc15 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/billing_integration_company_type.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Billing Integration company type + class BillingIntegrationCompanyType + # The company type identifier. + attr_accessor :id + + # The company type name. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::BillingIntegrationCompanyType` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::BillingIntegrationCompanyType`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/body.rb b/jcapiv2/lib/jcapiv2/models/body.rb deleted file mode 100644 index ef34dd2..0000000 --- a/jcapiv2/lib/jcapiv2/models/body.rb +++ /dev/null @@ -1,205 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class Body - # The name used to identify this AppleMDM. - attr_accessor :name - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'name' => :'name' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'name' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if !@name.nil? && @name.to_s.length > 255 - invalid_properties.push("invalid value for 'name', the character length must be smaller than or equal to 255.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if !@name.nil? && @name.to_s.length > 255 - return true - end - - # Custom attribute writer method with validation - # @param [Object] name Value to be assigned - def name=(name) - - if !name.nil? && name.to_s.length > 255 - fail ArgumentError, "invalid value for 'name', the character length must be smaller than or equal to 255." - end - - @name = name - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - name == o.name - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [name].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/body_1.rb b/jcapiv2/lib/jcapiv2/models/body_1.rb deleted file mode 100644 index 85817a1..0000000 --- a/jcapiv2/lib/jcapiv2/models/body_1.rb +++ /dev/null @@ -1,210 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class Body1 - attr_accessor :groups - - attr_accessor :name - - attr_accessor :users - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'groups' => :'groups', - :'name' => :'name', - :'users' => :'users' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'groups' => :'Array', - :'name' => :'String', - :'users' => :'Array' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'groups') - if (value = attributes[:'groups']).is_a?(Array) - self.groups = value - end - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'users') - if (value = attributes[:'users']).is_a?(Array) - self.users = value - end - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - groups == o.groups && - name == o.name && - users == o.users - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [groups, name, users].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/body_2.rb b/jcapiv2/lib/jcapiv2/models/body_2.rb deleted file mode 100644 index 665f086..0000000 --- a/jcapiv2/lib/jcapiv2/models/body_2.rb +++ /dev/null @@ -1,210 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class Body2 - attr_accessor :groups - - attr_accessor :name - - attr_accessor :users - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'groups' => :'groups', - :'name' => :'name', - :'users' => :'users' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'groups' => :'Array', - :'name' => :'String', - :'users' => :'Array' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'groups') - if (value = attributes[:'groups']).is_a?(Array) - self.groups = value - end - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'users') - if (value = attributes[:'users']).is_a?(Array) - self.users = value - end - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - groups == o.groups && - name == o.name && - users == o.users - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [groups, name, users].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/body_3.rb b/jcapiv2/lib/jcapiv2/models/body_3.rb deleted file mode 100644 index 5720205..0000000 --- a/jcapiv2/lib/jcapiv2/models/body_3.rb +++ /dev/null @@ -1,206 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class Body3 - attr_accessor :id - - attr_accessor :user_lockout_action - - attr_accessor :user_password_expiration_action - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'id' => :'id', - :'user_lockout_action' => :'userLockoutAction', - :'user_password_expiration_action' => :'userPasswordExpirationAction' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'id' => :'String', - :'user_lockout_action' => :'LdapServerAction', - :'user_password_expiration_action' => :'LdapServerAction' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'userLockoutAction') - self.user_lockout_action = attributes[:'userLockoutAction'] - end - - if attributes.has_key?(:'userPasswordExpirationAction') - self.user_password_expiration_action = attributes[:'userPasswordExpirationAction'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - id == o.id && - user_lockout_action == o.user_lockout_action && - user_password_expiration_action == o.user_password_expiration_action - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [id, user_lockout_action, user_password_expiration_action].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/bulk_scheduled_statechange_create.rb b/jcapiv2/lib/jcapiv2/models/bulk_scheduled_statechange_create.rb new file mode 100644 index 0000000..7c70833 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/bulk_scheduled_statechange_create.rb @@ -0,0 +1,299 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Model to support bulk scheduling of a state change for one or more users + class BulkScheduledStatechangeCreate + # Send the activation or welcome email to the specified email address upon activation. Can only be used with a single user_id and scheduled activation. This field will be ignored if `send_activation_emails` is explicitly set to false. + attr_accessor :activation_email_override + + # Set to true to send activation or welcome email(s) to each user_id upon activation. Set to false to suppress emails. Can only be used with scheduled activation(s). + attr_accessor :send_activation_emails + + # Date and time that scheduled action should occur + attr_accessor :start_date + + # The state to move the user(s) to + attr_accessor :state + + # Array of system user ids to schedule for a state change + attr_accessor :user_ids + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'activation_email_override' => :'activation_email_override', + :'send_activation_emails' => :'send_activation_emails', + :'start_date' => :'start_date', + :'state' => :'state', + :'user_ids' => :'user_ids' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'activation_email_override' => :'Object', + :'send_activation_emails' => :'Object', + :'start_date' => :'Object', + :'state' => :'Object', + :'user_ids' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::BulkScheduledStatechangeCreate` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::BulkScheduledStatechangeCreate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'activation_email_override') + self.activation_email_override = attributes[:'activation_email_override'] + end + + if attributes.key?(:'send_activation_emails') + self.send_activation_emails = attributes[:'send_activation_emails'] + end + + if attributes.key?(:'start_date') + self.start_date = attributes[:'start_date'] + end + + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'user_ids') + if (value = attributes[:'user_ids']).is_a?(Array) + self.user_ids = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @start_date.nil? + invalid_properties.push('invalid value for "start_date", start_date cannot be nil.') + end + + if @state.nil? + invalid_properties.push('invalid value for "state", state cannot be nil.') + end + + if @user_ids.nil? + invalid_properties.push('invalid value for "user_ids", user_ids cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @start_date.nil? + return false if @state.nil? + state_validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'SUSPENDED']) + return false unless state_validator.valid?(@state) + return false if @user_ids.nil? + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] state Object to be assigned + def state=(state) + validator = EnumAttributeValidator.new('Object', ['ACTIVATED', 'SUSPENDED']) + unless validator.valid?(state) + fail ArgumentError, "invalid value for \"state\", must be one of #{validator.allowable_values}." + end + @state = state + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + activation_email_override == o.activation_email_override && + send_activation_emails == o.send_activation_emails && + start_date == o.start_date && + state == o.state && + user_ids == o.user_ids + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [activation_email_override, send_activation_emails, start_date, state, user_ids].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/bulk_user_create.rb b/jcapiv2/lib/jcapiv2/models/bulk_user_create.rb index 91b888b..c580e62 100644 --- a/jcapiv2/lib/jcapiv2/models/bulk_user_create.rb +++ b/jcapiv2/lib/jcapiv2/models/bulk_user_create.rb @@ -1,19 +1,18 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - # See [V1 system user creation](https://docs.jumpcloud.com/1.0/systemusers/create-a-system-user) for full list of attributes. + # See [V1 system user creation](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_post) for full list of attributes. class BulkUserCreate # Map of additional attributes. attr_accessor :attributes @@ -26,7 +25,6 @@ class BulkUserCreate attr_accessor :username - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -39,59 +37,71 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'attributes' => :'Array', - :'email' => :'String', - :'firstname' => :'String', - :'lastname' => :'String', - :'username' => :'String' + :'attributes' => :'Object', + :'email' => :'Object', + :'firstname' => :'Object', + :'lastname' => :'Object', + :'username' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::BulkUserCreate` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::BulkUserCreate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'attributes') + if attributes.key?(:'attributes') if (value = attributes[:'attributes']).is_a?(Array) self.attributes = value end end - if attributes.has_key?(:'email') + if attributes.key?(:'email') self.email = attributes[:'email'] end - if attributes.has_key?(:'firstname') + if attributes.key?(:'firstname') self.firstname = attributes[:'firstname'] end - if attributes.has_key?(:'lastname') + if attributes.key?(:'lastname') self.lastname = attributes[:'lastname'] end - if attributes.has_key?(:'username') + if attributes.key?(:'username') self.username = attributes[:'username'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -113,26 +123,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [attributes, email, firstname, lastname, username].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -154,7 +173,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -175,8 +194,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -198,7 +216,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -210,7 +232,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -220,8 +242,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/bulk_user_expire.rb b/jcapiv2/lib/jcapiv2/models/bulk_user_expire.rb new file mode 100644 index 0000000..3ebfc52 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/bulk_user_expire.rb @@ -0,0 +1,229 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class BulkUserExpire + # Map of additional attributes. + attr_accessor :attributes + + # Object ID of the systemuser to expire + attr_accessor :id + + # The identifier for an organization to link this systemuser to + attr_accessor :organization + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'attributes' => :'attributes', + :'id' => :'id', + :'organization' => :'organization' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'attributes' => :'Object', + :'id' => :'Object', + :'organization' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::BulkUserExpire` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::BulkUserExpire`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'attributes') + if (value = attributes[:'attributes']).is_a?(Array) + self.attributes = value + end + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + id == o.id && + organization == o.organization + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [attributes, id, organization].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/bulk_user_unlock.rb b/jcapiv2/lib/jcapiv2/models/bulk_user_unlock.rb new file mode 100644 index 0000000..457b626 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/bulk_user_unlock.rb @@ -0,0 +1,229 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class BulkUserUnlock + # Map of additional attributes. + attr_accessor :attributes + + # Object ID of the systemuser to unlock + attr_accessor :id + + # The identifier for an organization to link this systemuser + attr_accessor :organization + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'attributes' => :'attributes', + :'id' => :'id', + :'organization' => :'organization' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'attributes' => :'Object', + :'id' => :'Object', + :'organization' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::BulkUserUnlock` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::BulkUserUnlock`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'attributes') + if (value = attributes[:'attributes']).is_a?(Array) + self.attributes = value + end + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + id == o.id && + organization == o.organization + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [attributes, id, organization].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/bulk_user_update.rb b/jcapiv2/lib/jcapiv2/models/bulk_user_update.rb index cee2a06..ee0a9f6 100644 --- a/jcapiv2/lib/jcapiv2/models/bulk_user_update.rb +++ b/jcapiv2/lib/jcapiv2/models/bulk_user_update.rb @@ -1,19 +1,18 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - # See [V1 system user update](https://docs.jumpcloud.com/1.0/systemusers/update-a-system-user) for full list of attributes. + # See [V1 system user update](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_put) for full list of attributes. class BulkUserUpdate # Map of additional attributes. attr_accessor :attributes @@ -22,13 +21,15 @@ class BulkUserUpdate attr_accessor :firstname - # Object ID of the systemuser being updated + # Object ID of the user being updated attr_accessor :id attr_accessor :lastname - attr_accessor :username + # Organization object id of the user + attr_accessor :organization + attr_accessor :username # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map @@ -38,69 +39,87 @@ def self.attribute_map :'firstname' => :'firstname', :'id' => :'id', :'lastname' => :'lastname', + :'organization' => :'organization', :'username' => :'username' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'attributes' => :'Array', - :'email' => :'String', - :'firstname' => :'String', - :'id' => :'String', - :'lastname' => :'String', - :'username' => :'String' + :'attributes' => :'Object', + :'email' => :'Object', + :'firstname' => :'Object', + :'id' => :'Object', + :'lastname' => :'Object', + :'organization' => :'Object', + :'username' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::BulkUserUpdate` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::BulkUserUpdate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'attributes') + if attributes.key?(:'attributes') if (value = attributes[:'attributes']).is_a?(Array) self.attributes = value end end - if attributes.has_key?(:'email') + if attributes.key?(:'email') self.email = attributes[:'email'] end - if attributes.has_key?(:'firstname') + if attributes.key?(:'firstname') self.firstname = attributes[:'firstname'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'lastname') + if attributes.key?(:'lastname') self.lastname = attributes[:'lastname'] end - if attributes.has_key?(:'username') - self.username = attributes[:'username'] + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] end + if attributes.key?(:'username') + self.username = attributes[:'username'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -113,6 +132,7 @@ def ==(o) firstname == o.firstname && id == o.id && lastname == o.lastname && + organization == o.organization && username == o.username end @@ -123,9 +143,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [attributes, email, firstname, id, lastname, username].hash + [attributes, email, firstname, id, lastname, organization, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -133,16 +160,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -164,7 +193,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -185,8 +214,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -208,7 +236,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -220,7 +252,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -230,8 +262,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/cases_response.rb b/jcapiv2/lib/jcapiv2/models/cases_response.rb new file mode 100644 index 0000000..e3c70a7 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/cases_response.rb @@ -0,0 +1,218 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Response for retrieving the cases (support/feature requests) + class CasesResponse + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::CasesResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::CasesResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/command_result_list.rb b/jcapiv2/lib/jcapiv2/models/command_result_list.rb new file mode 100644 index 0000000..d4c0907 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/command_result_list.rb @@ -0,0 +1,219 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # List of command results + class CommandResultList + attr_accessor :results + + # The total number of command results + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::CommandResultList` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::CommandResultList`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/command_result_list_results.rb b/jcapiv2/lib/jcapiv2/models/command_result_list_results.rb new file mode 100644 index 0000000..8089d8b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/command_result_list_results.rb @@ -0,0 +1,247 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class CommandResultListResults + # The ID of the command, from savedAgentCommands. + attr_accessor :command + + # The number of devices that we do have results from. + attr_accessor :completed_count + + # The workflowInstanceId. + attr_accessor :id + + # The number of devices that we haven't received results from. + attr_accessor :pending_count + + # The ID of the device the command is bound to. + attr_accessor :system + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'command' => :'command', + :'completed_count' => :'completedCount', + :'id' => :'id', + :'pending_count' => :'pendingCount', + :'system' => :'system' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'command' => :'Object', + :'completed_count' => :'Object', + :'id' => :'Object', + :'pending_count' => :'Object', + :'system' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::CommandResultListResults` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::CommandResultListResults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'command') + self.command = attributes[:'command'] + end + + if attributes.key?(:'completed_count') + self.completed_count = attributes[:'completed_count'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'pending_count') + self.pending_count = attributes[:'pending_count'] + end + + if attributes.key?(:'system') + self.system = attributes[:'system'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + command == o.command && + completed_count == o.completed_count && + id == o.id && + pending_count == o.pending_count && + system == o.system + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [command, completed_count, id, pending_count, system].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/commands_graph_object_with_paths.rb b/jcapiv2/lib/jcapiv2/models/commands_graph_object_with_paths.rb new file mode 100644 index 0000000..bc21b65 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/commands_graph_object_with_paths.rb @@ -0,0 +1,333 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class CommandsGraphObjectWithPaths + attr_accessor :command + + attr_accessor :command_type + + attr_accessor :compiled_attributes + + # Object ID of this graph object. + attr_accessor :id + + attr_accessor :launch_type + + attr_accessor :name + + attr_accessor :organization + + # A path through the graph between two graph objects. + attr_accessor :paths + + attr_accessor :schedule + + attr_accessor :schedule_repeat_type + + attr_accessor :time_to_live_seconds + + attr_accessor :timeout + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'command' => :'command', + :'command_type' => :'commandType', + :'compiled_attributes' => :'compiledAttributes', + :'id' => :'id', + :'launch_type' => :'launchType', + :'name' => :'name', + :'organization' => :'organization', + :'paths' => :'paths', + :'schedule' => :'schedule', + :'schedule_repeat_type' => :'scheduleRepeatType', + :'time_to_live_seconds' => :'timeToLiveSeconds', + :'timeout' => :'timeout', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'command' => :'Object', + :'command_type' => :'Object', + :'compiled_attributes' => :'Object', + :'id' => :'Object', + :'launch_type' => :'Object', + :'name' => :'Object', + :'organization' => :'Object', + :'paths' => :'Object', + :'schedule' => :'Object', + :'schedule_repeat_type' => :'Object', + :'time_to_live_seconds' => :'Object', + :'timeout' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::CommandsGraphObjectWithPaths` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::CommandsGraphObjectWithPaths`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'command') + self.command = attributes[:'command'] + end + + if attributes.key?(:'command_type') + self.command_type = attributes[:'command_type'] + end + + if attributes.key?(:'compiled_attributes') + self.compiled_attributes = attributes[:'compiled_attributes'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'launch_type') + self.launch_type = attributes[:'launch_type'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + + if attributes.key?(:'paths') + if (value = attributes[:'paths']).is_a?(Array) + self.paths = value + end + end + + if attributes.key?(:'schedule') + self.schedule = attributes[:'schedule'] + end + + if attributes.key?(:'schedule_repeat_type') + self.schedule_repeat_type = attributes[:'schedule_repeat_type'] + end + + if attributes.key?(:'time_to_live_seconds') + self.time_to_live_seconds = attributes[:'time_to_live_seconds'] + end + + if attributes.key?(:'timeout') + self.timeout = attributes[:'timeout'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @paths.nil? + invalid_properties.push('invalid value for "paths", paths cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @paths.nil? + return false if @type.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + command == o.command && + command_type == o.command_type && + compiled_attributes == o.compiled_attributes && + id == o.id && + launch_type == o.launch_type && + name == o.name && + organization == o.organization && + paths == o.paths && + schedule == o.schedule && + schedule_repeat_type == o.schedule_repeat_type && + time_to_live_seconds == o.time_to_live_seconds && + timeout == o.timeout && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [command, command_type, compiled_attributes, id, launch_type, name, organization, paths, schedule, schedule_repeat_type, time_to_live_seconds, timeout, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/configured_policy_template.rb b/jcapiv2/lib/jcapiv2/models/configured_policy_template.rb new file mode 100644 index 0000000..1a2335f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/configured_policy_template.rb @@ -0,0 +1,235 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConfiguredPolicyTemplate + attr_accessor :id + + attr_accessor :name + + attr_accessor :policy_template_id + + attr_accessor :values + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name', + :'policy_template_id' => :'policyTemplateId', + :'values' => :'values' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object', + :'policy_template_id' => :'Object', + :'values' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConfiguredPolicyTemplate` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConfiguredPolicyTemplate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'policy_template_id') + self.policy_template_id = attributes[:'policy_template_id'] + end + + if attributes.key?(:'values') + if (value = attributes[:'values']).is_a?(Array) + self.values = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name && + policy_template_id == o.policy_template_id && + values == o.values + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name, policy_template_id, values].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/configured_policy_template_value.rb b/jcapiv2/lib/jcapiv2/models/configured_policy_template_value.rb new file mode 100644 index 0000000..f85d2eb --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/configured_policy_template_value.rb @@ -0,0 +1,226 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConfiguredPolicyTemplateValue + # The ObjectId of the corresponding Policy Template configuration field. + attr_accessor :config_field_id + + attr_accessor :name + + # The value of this Configured Policy Template Value + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'config_field_id' => :'configFieldId', + :'name' => :'name', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'config_field_id' => :'Object', + :'name' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConfiguredPolicyTemplateValue` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConfiguredPolicyTemplateValue`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'config_field_id') + self.config_field_id = attributes[:'config_field_id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + config_field_id == o.config_field_id && + name == o.name && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [config_field_id, name, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request.rb new file mode 100644 index 0000000..b8996f5 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request.rb @@ -0,0 +1,209 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request object for creating ConnectWise mappings + class ConnectWiseMappingRequest + attr_accessor :data + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'data' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseMappingRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseMappingRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'data') + if (value = attributes[:'data']).is_a?(Array) + self.data = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [data].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_company.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_company.rb new file mode 100644 index 0000000..bf0fd3f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_company.rb @@ -0,0 +1,225 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConnectWiseMappingRequestCompany + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseMappingRequestCompany` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseMappingRequestCompany`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_data.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_data.rb new file mode 100644 index 0000000..799f7dc --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_data.rb @@ -0,0 +1,252 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConnectWiseMappingRequestData + attr_accessor :addition + + attr_accessor :agreement + + attr_accessor :company + + attr_accessor :delete + + attr_accessor :organization + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'addition' => :'addition', + :'agreement' => :'agreement', + :'company' => :'company', + :'delete' => :'delete', + :'organization' => :'organization' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'addition' => :'Object', + :'agreement' => :'Object', + :'company' => :'Object', + :'delete' => :'Object', + :'organization' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseMappingRequestData` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseMappingRequestData`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'addition') + self.addition = attributes[:'addition'] + end + + if attributes.key?(:'agreement') + self.agreement = attributes[:'agreement'] + end + + if attributes.key?(:'company') + self.company = attributes[:'company'] + end + + if attributes.key?(:'delete') + self.delete = attributes[:'delete'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @company.nil? + invalid_properties.push('invalid value for "company", company cannot be nil.') + end + + if @organization.nil? + invalid_properties.push('invalid value for "organization", organization cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @company.nil? + return false if @organization.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + addition == o.addition && + agreement == o.agreement && + company == o.company && + delete == o.delete && + organization == o.organization + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [addition, agreement, company, delete, organization].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_organization.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_organization.rb new file mode 100644 index 0000000..d24386f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_request_organization.rb @@ -0,0 +1,225 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConnectWiseMappingRequestOrganization + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseMappingRequestOrganization` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseMappingRequestOrganization`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_response.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_response.rb new file mode 100644 index 0000000..26a5895 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_response.rb @@ -0,0 +1,252 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # ConnectWise mapping GET response + class ConnectWiseMappingResponse + attr_accessor :addition + + attr_accessor :agreement + + attr_accessor :company + + attr_accessor :last_sync_date_time + + attr_accessor :last_sync_status + + attr_accessor :organization + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'addition' => :'addition', + :'agreement' => :'agreement', + :'company' => :'company', + :'last_sync_date_time' => :'lastSyncDateTime', + :'last_sync_status' => :'lastSyncStatus', + :'organization' => :'organization' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'addition' => :'Object', + :'agreement' => :'Object', + :'company' => :'Object', + :'last_sync_date_time' => :'Object', + :'last_sync_status' => :'Object', + :'organization' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseMappingResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseMappingResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'addition') + self.addition = attributes[:'addition'] + end + + if attributes.key?(:'agreement') + self.agreement = attributes[:'agreement'] + end + + if attributes.key?(:'company') + self.company = attributes[:'company'] + end + + if attributes.key?(:'last_sync_date_time') + self.last_sync_date_time = attributes[:'last_sync_date_time'] + end + + if attributes.key?(:'last_sync_status') + self.last_sync_status = attributes[:'last_sync_status'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + addition == o.addition && + agreement == o.agreement && + company == o.company && + last_sync_date_time == o.last_sync_date_time && + last_sync_status == o.last_sync_status && + organization == o.organization + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [addition, agreement, company, last_sync_date_time, last_sync_status, organization].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_response_addition.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_response_addition.rb new file mode 100644 index 0000000..3263f2d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_mapping_response_addition.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConnectWiseMappingResponseAddition + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseMappingResponseAddition` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseMappingResponseAddition`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_settings.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_settings.rb new file mode 100644 index 0000000..c60f384 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_settings.rb @@ -0,0 +1,220 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # ConnectWise integration settings + class ConnectWiseSettings + # Determine whether ConnectWise uses automatic ticketing + attr_accessor :automatic_ticketing + + # The array of ConnectWise companyType IDs applicable to the Provider. + attr_accessor :company_type_ids + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'automatic_ticketing' => :'automaticTicketing', + :'company_type_ids' => :'companyTypeIds' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'automatic_ticketing' => :'Object', + :'company_type_ids' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseSettings` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseSettings`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'automatic_ticketing') + self.automatic_ticketing = attributes[:'automatic_ticketing'] + end + + if attributes.key?(:'company_type_ids') + if (value = attributes[:'company_type_ids']).is_a?(Array) + self.company_type_ids = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + automatic_ticketing == o.automatic_ticketing && + company_type_ids == o.company_type_ids + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [automatic_ticketing, company_type_ids].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_settings_patch_req.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_settings_patch_req.rb new file mode 100644 index 0000000..6600c45 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_settings_patch_req.rb @@ -0,0 +1,220 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request for updating a ConnectWise integration's settings + class ConnectWiseSettingsPatchReq + # Determine whether ConnectWise uses automatic ticketing + attr_accessor :automatic_ticketing + + # The array of ConnectWise companyType IDs applicable to the Provider. + attr_accessor :company_type_ids + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'automatic_ticketing' => :'automaticTicketing', + :'company_type_ids' => :'companyTypeIds' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'automatic_ticketing' => :'Object', + :'company_type_ids' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseSettingsPatchReq` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseSettingsPatchReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'automatic_ticketing') + self.automatic_ticketing = attributes[:'automatic_ticketing'] + end + + if attributes.key?(:'company_type_ids') + if (value = attributes[:'company_type_ids']).is_a?(Array) + self.company_type_ids = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + automatic_ticketing == o.automatic_ticketing && + company_type_ids == o.company_type_ids + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [automatic_ticketing, company_type_ids].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration.rb new file mode 100644 index 0000000..a131973 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration.rb @@ -0,0 +1,274 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConnectWiseTicketingAlertConfiguration + attr_accessor :category + + attr_accessor :description + + attr_accessor :display_name + + attr_accessor :due_days + + attr_accessor :id + + attr_accessor :priority + + attr_accessor :should_create_tickets + + attr_accessor :source + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'category' => :'category', + :'description' => :'description', + :'display_name' => :'displayName', + :'due_days' => :'dueDays', + :'id' => :'id', + :'priority' => :'priority', + :'should_create_tickets' => :'shouldCreateTickets', + :'source' => :'source' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'category' => :'Object', + :'description' => :'Object', + :'display_name' => :'Object', + :'due_days' => :'Object', + :'id' => :'Object', + :'priority' => :'Object', + :'should_create_tickets' => :'Object', + :'source' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseTicketingAlertConfiguration` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseTicketingAlertConfiguration`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'category') + self.category = attributes[:'category'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'due_days') + self.due_days = attributes[:'due_days'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'priority') + self.priority = attributes[:'priority'] + end + + if attributes.key?(:'should_create_tickets') + self.should_create_tickets = attributes[:'should_create_tickets'] + end + + if attributes.key?(:'source') + self.source = attributes[:'source'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @should_create_tickets.nil? + invalid_properties.push('invalid value for "should_create_tickets", should_create_tickets cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @should_create_tickets.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + category == o.category && + description == o.description && + display_name == o.display_name && + due_days == o.due_days && + id == o.id && + priority == o.priority && + should_create_tickets == o.should_create_tickets && + source == o.source + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [category, description, display_name, due_days, id, priority, should_create_tickets, source].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_list.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_list.rb new file mode 100644 index 0000000..752853a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_list.rb @@ -0,0 +1,213 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConnectWiseTicketingAlertConfigurationList + attr_accessor :records + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseTicketingAlertConfigurationList` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseTicketingAlertConfigurationList`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_option.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_option.rb new file mode 100644 index 0000000..d1c4762 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_option.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConnectWiseTicketingAlertConfigurationOption + attr_accessor :name + + attr_accessor :values + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'values' => :'values' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'values' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseTicketingAlertConfigurationOption` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseTicketingAlertConfigurationOption`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'values') + if (value = attributes[:'values']).is_a?(Array) + self.values = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + values == o.values + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, values].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_options.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_options.rb new file mode 100644 index 0000000..61d63c1 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_options.rb @@ -0,0 +1,213 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConnectWiseTicketingAlertConfigurationOptions + attr_accessor :records + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseTicketingAlertConfigurationOptions` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseTicketingAlertConfigurationOptions`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_request.rb b/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_request.rb new file mode 100644 index 0000000..25cb94a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connect_wise_ticketing_alert_configuration_request.rb @@ -0,0 +1,238 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ConnectWiseTicketingAlertConfigurationRequest + attr_accessor :due_days + + attr_accessor :priority + + attr_accessor :should_create_tickets + + attr_accessor :source + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'due_days' => :'dueDays', + :'priority' => :'priority', + :'should_create_tickets' => :'shouldCreateTickets', + :'source' => :'source' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'due_days' => :'Object', + :'priority' => :'Object', + :'should_create_tickets' => :'Object', + :'source' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectWiseTicketingAlertConfigurationRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectWiseTicketingAlertConfigurationRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'due_days') + self.due_days = attributes[:'due_days'] + end + + if attributes.key?(:'priority') + self.priority = attributes[:'priority'] + end + + if attributes.key?(:'should_create_tickets') + self.should_create_tickets = attributes[:'should_create_tickets'] + end + + if attributes.key?(:'source') + self.source = attributes[:'source'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @should_create_tickets.nil? + invalid_properties.push('invalid value for "should_create_tickets", should_create_tickets cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @should_create_tickets.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + due_days == o.due_days && + priority == o.priority && + should_create_tickets == o.should_create_tickets && + source == o.source + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [due_days, priority, should_create_tickets, source].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connectwise_addition.rb b/jcapiv2/lib/jcapiv2/models/connectwise_addition.rb new file mode 100644 index 0000000..336d32e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connectwise_addition.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Connectwise addition details + class ConnectwiseAddition + # The addition identifier. + attr_accessor :id + + # The addition name. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectwiseAddition` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectwiseAddition`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connectwise_agreement.rb b/jcapiv2/lib/jcapiv2/models/connectwise_agreement.rb new file mode 100644 index 0000000..bc3fc24 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connectwise_agreement.rb @@ -0,0 +1,243 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Connectwise agreement details + class ConnectwiseAgreement + # The ConnectWise company identifier linked to agreement. + attr_accessor :company_id + + # The agreement identifier. + attr_accessor :id + + # The agreement name. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'company_id' => :'companyId', + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'company_id' => :'Object', + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectwiseAgreement` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectwiseAgreement`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'company_id') + self.company_id = attributes[:'company_id'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @company_id.nil? + invalid_properties.push('invalid value for "company_id", company_id cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @company_id.nil? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + company_id == o.company_id && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [company_id, id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connectwise_company.rb b/jcapiv2/lib/jcapiv2/models/connectwise_company.rb new file mode 100644 index 0000000..8859c16 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connectwise_company.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Connectwise company details + class ConnectwiseCompany + # The company identifier. + attr_accessor :id + + # The company name. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectwiseCompany` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectwiseCompany`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connectwise_company_resp.rb b/jcapiv2/lib/jcapiv2/models/connectwise_company_resp.rb new file mode 100644 index 0000000..1ff6ba5 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connectwise_company_resp.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Response for retrieving ConnectWise companies + class ConnectwiseCompanyResp + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectwiseCompanyResp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectwiseCompanyResp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connectwise_company_type_resp.rb b/jcapiv2/lib/jcapiv2/models/connectwise_company_type_resp.rb new file mode 100644 index 0000000..0ce20ea --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connectwise_company_type_resp.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Response for retrieving ConnectWise company types + class ConnectwiseCompanyTypeResp + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectwiseCompanyTypeResp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectwiseCompanyTypeResp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connectwise_integration.rb b/jcapiv2/lib/jcapiv2/models/connectwise_integration.rb new file mode 100644 index 0000000..77c4581 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connectwise_integration.rb @@ -0,0 +1,253 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # ConnectWise integration configuration details + class ConnectwiseIntegration + # The ConnectWise company identifier. + attr_accessor :company_id + + # The identifier for this ConnectWise integration. + attr_accessor :id + + # Has the msp-api been configured with auth data yet + attr_accessor :is_msp_auth_configured + + # The base url for connecting to ConnectWise. + attr_accessor :url + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'company_id' => :'companyId', + :'id' => :'id', + :'is_msp_auth_configured' => :'isMspAuthConfigured', + :'url' => :'url' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'company_id' => :'Object', + :'id' => :'Object', + :'is_msp_auth_configured' => :'Object', + :'url' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectwiseIntegration` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectwiseIntegration`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'company_id') + self.company_id = attributes[:'company_id'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'is_msp_auth_configured') + self.is_msp_auth_configured = attributes[:'is_msp_auth_configured'] + end + + if attributes.key?(:'url') + self.url = attributes[:'url'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @company_id.nil? + invalid_properties.push('invalid value for "company_id", company_id cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @url.nil? + invalid_properties.push('invalid value for "url", url cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @company_id.nil? + return false if @id.nil? + return false if @url.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + company_id == o.company_id && + id == o.id && + is_msp_auth_configured == o.is_msp_auth_configured && + url == o.url + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [company_id, id, is_msp_auth_configured, url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connectwise_integration_patch_req.rb b/jcapiv2/lib/jcapiv2/models/connectwise_integration_patch_req.rb new file mode 100644 index 0000000..84bcbbc --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connectwise_integration_patch_req.rb @@ -0,0 +1,238 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request for updating a ConnectWise integration + class ConnectwiseIntegrationPatchReq + # The ConnectWise company identifier. + attr_accessor :company_id + + # The ConnectWise private key for authentication + attr_accessor :private_key + + # The ConnectWise public key for authentication. + attr_accessor :public_key + + # The base url for connecting to ConnectWise. + attr_accessor :url + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'company_id' => :'companyId', + :'private_key' => :'privateKey', + :'public_key' => :'publicKey', + :'url' => :'url' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'company_id' => :'Object', + :'private_key' => :'Object', + :'public_key' => :'Object', + :'url' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectwiseIntegrationPatchReq` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectwiseIntegrationPatchReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'company_id') + self.company_id = attributes[:'company_id'] + end + + if attributes.key?(:'private_key') + self.private_key = attributes[:'private_key'] + end + + if attributes.key?(:'public_key') + self.public_key = attributes[:'public_key'] + end + + if attributes.key?(:'url') + self.url = attributes[:'url'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + company_id == o.company_id && + private_key == o.private_key && + public_key == o.public_key && + url == o.url + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [company_id, private_key, public_key, url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/connectwise_integration_req.rb b/jcapiv2/lib/jcapiv2/models/connectwise_integration_req.rb new file mode 100644 index 0000000..ae75a19 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/connectwise_integration_req.rb @@ -0,0 +1,258 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request for creating a ConnectWise integration + class ConnectwiseIntegrationReq + # The ConnectWise company identifier. + attr_accessor :company_id + + # The ConnectWise private key for authentication + attr_accessor :private_key + + # The ConnectWise public key for authentication. + attr_accessor :public_key + + # The base url for connecting to ConnectWise. + attr_accessor :url + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'company_id' => :'companyId', + :'private_key' => :'privateKey', + :'public_key' => :'publicKey', + :'url' => :'url' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'company_id' => :'Object', + :'private_key' => :'Object', + :'public_key' => :'Object', + :'url' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ConnectwiseIntegrationReq` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ConnectwiseIntegrationReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'company_id') + self.company_id = attributes[:'company_id'] + end + + if attributes.key?(:'private_key') + self.private_key = attributes[:'private_key'] + end + + if attributes.key?(:'public_key') + self.public_key = attributes[:'public_key'] + end + + if attributes.key?(:'url') + self.url = attributes[:'url'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @company_id.nil? + invalid_properties.push('invalid value for "company_id", company_id cannot be nil.') + end + + if @private_key.nil? + invalid_properties.push('invalid value for "private_key", private_key cannot be nil.') + end + + if @public_key.nil? + invalid_properties.push('invalid value for "public_key", public_key cannot be nil.') + end + + if @url.nil? + invalid_properties.push('invalid value for "url", url cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @company_id.nil? + return false if @private_key.nil? + return false if @public_key.nil? + return false if @url.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + company_id == o.company_id && + private_key == o.private_key && + public_key == o.public_key && + url == o.url + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [company_id, private_key, public_key, url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/create_organization.rb b/jcapiv2/lib/jcapiv2/models/create_organization.rb new file mode 100644 index 0000000..836e2ca --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/create_organization.rb @@ -0,0 +1,216 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class CreateOrganization + # The maximum number of users allowed in this organization. Requires organizations.billing scope to modify. + attr_accessor :max_system_users + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'max_system_users' => :'maxSystemUsers', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'max_system_users' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::CreateOrganization` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::CreateOrganization`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'max_system_users') + self.max_system_users = attributes[:'max_system_users'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + max_system_users == o.max_system_users && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [max_system_users, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/custom_email.rb b/jcapiv2/lib/jcapiv2/models/custom_email.rb new file mode 100644 index 0000000..7982af4 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/custom_email.rb @@ -0,0 +1,280 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Custom email content created by the admin user to personalize emails sent to their system users. + class CustomEmail + attr_accessor :body + + attr_accessor :button + + attr_accessor :header + + attr_accessor :id + + attr_accessor :next_step_contact_info + + attr_accessor :subject + + attr_accessor :title + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'body' => :'body', + :'button' => :'button', + :'header' => :'header', + :'id' => :'id', + :'next_step_contact_info' => :'nextStepContactInfo', + :'subject' => :'subject', + :'title' => :'title', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'body' => :'Object', + :'button' => :'Object', + :'header' => :'Object', + :'id' => :'Object', + :'next_step_contact_info' => :'Object', + :'subject' => :'Object', + :'title' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::CustomEmail` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::CustomEmail`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'body') + self.body = attributes[:'body'] + end + + if attributes.key?(:'button') + self.button = attributes[:'button'] + end + + if attributes.key?(:'header') + self.header = attributes[:'header'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'next_step_contact_info') + self.next_step_contact_info = attributes[:'next_step_contact_info'] + end + + if attributes.key?(:'subject') + self.subject = attributes[:'subject'] + end + + if attributes.key?(:'title') + self.title = attributes[:'title'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @subject.nil? + invalid_properties.push('invalid value for "subject", subject cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @subject.nil? + return false if @type.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + body == o.body && + button == o.button && + header == o.header && + id == o.id && + next_step_contact_info == o.next_step_contact_info && + subject == o.subject && + title == o.title && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [body, button, header, id, next_step_contact_info, subject, title, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/custom_email_template.rb b/jcapiv2/lib/jcapiv2/models/custom_email_template.rb new file mode 100644 index 0000000..ca912e0 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/custom_email_template.rb @@ -0,0 +1,235 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class CustomEmailTemplate + attr_accessor :description + + attr_accessor :display_name + + attr_accessor :fields + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'description' => :'description', + :'display_name' => :'displayName', + :'fields' => :'fields', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'description' => :'Object', + :'display_name' => :'Object', + :'fields' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::CustomEmailTemplate` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::CustomEmailTemplate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'fields') + if (value = attributes[:'fields']).is_a?(Array) + self.fields = value + end + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + description == o.description && + display_name == o.display_name && + fields == o.fields && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [description, display_name, fields, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/custom_email_template_field.rb b/jcapiv2/lib/jcapiv2/models/custom_email_template_field.rb new file mode 100644 index 0000000..927ecfd --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/custom_email_template_field.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class CustomEmailTemplateField + attr_accessor :default_value + + attr_accessor :display_name + + attr_accessor :field + + attr_accessor :multiline + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'default_value' => :'defaultValue', + :'display_name' => :'displayName', + :'field' => :'field', + :'multiline' => :'multiline' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'default_value' => :'Object', + :'display_name' => :'Object', + :'field' => :'Object', + :'multiline' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::CustomEmailTemplateField` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::CustomEmailTemplateField`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'default_value') + self.default_value = attributes[:'default_value'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'field') + self.field = attributes[:'field'] + end + + if attributes.key?(:'multiline') + self.multiline = attributes[:'multiline'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + default_value == o.default_value && + display_name == o.display_name && + field == o.field && + multiline == o.multiline + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [default_value, display_name, field, multiline].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/custom_email_type.rb b/jcapiv2/lib/jcapiv2/models/custom_email_type.rb new file mode 100644 index 0000000..ba4ff24 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/custom_email_type.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class CustomEmailType + ACTIVATE_GAPPS_USER = 'activate_gapps_user'.freeze + ACTIVATE_O365_USER = 'activate_o365_user'.freeze + LOCKOUT_NOTICE_USER = 'lockout_notice_user'.freeze + PASSWORD_EXPIRATION = 'password_expiration'.freeze + PASSWORD_EXPIRATION_WARNING = 'password_expiration_warning'.freeze + PASSWORD_RESET_CONFIRMATION = 'password_reset_confirmation'.freeze + USER_CHANGE_PASSWORD = 'user_change_password'.freeze + ACTIVATE_USER_CUSTOM = 'activate_user_custom'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = CustomEmailType.constants.select { |c| CustomEmailType::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #CustomEmailType" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/default_domain.rb b/jcapiv2/lib/jcapiv2/models/default_domain.rb new file mode 100644 index 0000000..3ac8839 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/default_domain.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DefaultDomain + attr_accessor :domain + + attr_accessor :id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'domain' => :'domain', + :'id' => :'id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'domain' => :'Object', + :'id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DefaultDomain` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DefaultDomain`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'domain') + self.domain = attributes[:'domain'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + domain == o.domain && + id == o.id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [domain, id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/dep.rb b/jcapiv2/lib/jcapiv2/models/dep.rb new file mode 100644 index 0000000..d851084 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/dep.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DEP + # A toggle to determine if DEP registered devices should go through JumpCloud Zero Touch Enrollment. + attr_accessor :enable_zero_touch_enrollment + + attr_accessor :setup_assistant_options + + attr_accessor :welcome_screen + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'enable_zero_touch_enrollment' => :'enableZeroTouchEnrollment', + :'setup_assistant_options' => :'setupAssistantOptions', + :'welcome_screen' => :'welcomeScreen' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'enable_zero_touch_enrollment' => :'Object', + :'setup_assistant_options' => :'Object', + :'welcome_screen' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DEP` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DEP`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'enable_zero_touch_enrollment') + self.enable_zero_touch_enrollment = attributes[:'enable_zero_touch_enrollment'] + end + + if attributes.key?(:'setup_assistant_options') + if (value = attributes[:'setup_assistant_options']).is_a?(Array) + self.setup_assistant_options = value + end + end + + if attributes.key?(:'welcome_screen') + self.welcome_screen = attributes[:'welcome_screen'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enable_zero_touch_enrollment == o.enable_zero_touch_enrollment && + setup_assistant_options == o.setup_assistant_options && + welcome_screen == o.welcome_screen + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [enable_zero_touch_enrollment, setup_assistant_options, welcome_screen].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/dep_setup_assistant_option.rb b/jcapiv2/lib/jcapiv2/models/dep_setup_assistant_option.rb new file mode 100644 index 0000000..7992a68 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/dep_setup_assistant_option.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DEPSetupAssistantOption + attr_accessor :option + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'option' => :'option' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'option' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DEPSetupAssistantOption` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DEPSetupAssistantOption`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'option') + self.option = attributes[:'option'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + option == o.option + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [option].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/dep_welcome_screen.rb b/jcapiv2/lib/jcapiv2/models/dep_welcome_screen.rb new file mode 100644 index 0000000..794a84f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/dep_welcome_screen.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DEPWelcomeScreen + # Text to display on the button on the DEP Welcome Screen. + attr_accessor :button + + # A message to display on the DEP Welcome Screen. + attr_accessor :paragraph + + # The title to display on the DEP Welcome Screen. + attr_accessor :title + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'button' => :'button', + :'paragraph' => :'paragraph', + :'title' => :'title' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'button' => :'Object', + :'paragraph' => :'Object', + :'title' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DEPWelcomeScreen` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DEPWelcomeScreen`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'button') + self.button = attributes[:'button'] + end + + if attributes.key?(:'paragraph') + self.paragraph = attributes[:'paragraph'] + end + + if attributes.key?(:'title') + self.title = attributes[:'title'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + button == o.button && + paragraph == o.paragraph && + title == o.title + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [button, paragraph, title].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/device_id_erase_body.rb b/jcapiv2/lib/jcapiv2/models/device_id_erase_body.rb new file mode 100644 index 0000000..83e4587 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/device_id_erase_body.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DeviceIdEraseBody + # 6-digit PIN, required for MacOS, to erase the device + attr_accessor :pin + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'pin' => :'pin' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'pin' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DeviceIdEraseBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DeviceIdEraseBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'pin') + self.pin = attributes[:'pin'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + pin == o.pin + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [pin].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/device_id_lock_body.rb b/jcapiv2/lib/jcapiv2/models/device_id_lock_body.rb new file mode 100644 index 0000000..ca9363b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/device_id_lock_body.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DeviceIdLockBody + # 6-digit PIN, required for MacOS, to lock the device + attr_accessor :pin + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'pin' => :'pin' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'pin' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DeviceIdLockBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DeviceIdLockBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'pin') + self.pin = attributes[:'pin'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + pin == o.pin + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [pin].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/device_id_resetpassword_body.rb b/jcapiv2/lib/jcapiv2/models/device_id_resetpassword_body.rb new file mode 100644 index 0000000..78a243a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/device_id_resetpassword_body.rb @@ -0,0 +1,218 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DeviceIdResetpasswordBody + attr_accessor :flags + + # Not logging as it contains sensitive information. + attr_accessor :new_password + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'flags' => :'flags', + :'new_password' => :'newPassword' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'flags' => :'Object', + :'new_password' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DeviceIdResetpasswordBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DeviceIdResetpasswordBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'flags') + if (value = attributes[:'flags']).is_a?(Array) + self.flags = value + end + end + + if attributes.key?(:'new_password') + self.new_password = attributes[:'new_password'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + flags == o.flags && + new_password == o.new_password + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [flags, new_password].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/device_id_restart_body.rb b/jcapiv2/lib/jcapiv2/models/device_id_restart_body.rb new file mode 100644 index 0000000..782d654 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/device_id_restart_body.rb @@ -0,0 +1,209 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DeviceIdRestartBody + # The string to pass when doing a restart and performing a RebuildKernelCache. + attr_accessor :kext_paths + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'kext_paths' => :'kextPaths' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'kext_paths' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DeviceIdRestartBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DeviceIdRestartBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'kext_paths') + if (value = attributes[:'kext_paths']).is_a?(Array) + self.kext_paths = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + kext_paths == o.kext_paths + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [kext_paths].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/device_package_v1_device.rb b/jcapiv2/lib/jcapiv2/models/device_package_v1_device.rb new file mode 100644 index 0000000..250574c --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/device_package_v1_device.rb @@ -0,0 +1,269 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DevicePackageV1Device + attr_accessor :app_version + + attr_accessor :created_at + + attr_accessor :id + + attr_accessor :name + + attr_accessor :os_name + + attr_accessor :public_key + + attr_accessor :updated_at + + attr_accessor :user_uuid + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'app_version' => :'appVersion', + :'created_at' => :'createdAt', + :'id' => :'id', + :'name' => :'name', + :'os_name' => :'osName', + :'public_key' => :'publicKey', + :'updated_at' => :'updatedAt', + :'user_uuid' => :'userUuid' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'app_version' => :'Object', + :'created_at' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'os_name' => :'Object', + :'public_key' => :'Object', + :'updated_at' => :'Object', + :'user_uuid' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DevicePackageV1Device` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DevicePackageV1Device`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'app_version') + self.app_version = attributes[:'app_version'] + end + + if attributes.key?(:'created_at') + self.created_at = attributes[:'created_at'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'os_name') + self.os_name = attributes[:'os_name'] + end + + if attributes.key?(:'public_key') + self.public_key = attributes[:'public_key'] + end + + if attributes.key?(:'updated_at') + self.updated_at = attributes[:'updated_at'] + end + + if attributes.key?(:'user_uuid') + self.user_uuid = attributes[:'user_uuid'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + app_version == o.app_version && + created_at == o.created_at && + id == o.id && + name == o.name && + os_name == o.os_name && + public_key == o.public_key && + updated_at == o.updated_at && + user_uuid == o.user_uuid + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [app_version, created_at, id, name, os_name, public_key, updated_at, user_uuid].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/device_package_v1_list_devices_response.rb b/jcapiv2/lib/jcapiv2/models/device_package_v1_list_devices_response.rb new file mode 100644 index 0000000..48e4552 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/device_package_v1_list_devices_response.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DevicePackageV1ListDevicesResponse + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DevicePackageV1ListDevicesResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DevicePackageV1ListDevicesResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/devices_get_sign_in_with_jump_cloud_settings_response.rb b/jcapiv2/lib/jcapiv2/models/devices_get_sign_in_with_jump_cloud_settings_response.rb new file mode 100644 index 0000000..c200c8f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/devices_get_sign_in_with_jump_cloud_settings_response.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DevicesGetSignInWithJumpCloudSettingsResponse + attr_accessor :organization_object_id + + attr_accessor :settings + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'organization_object_id' => :'organizationObjectId', + :'settings' => :'settings' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'organization_object_id' => :'Object', + :'settings' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DevicesGetSignInWithJumpCloudSettingsResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DevicesGetSignInWithJumpCloudSettingsResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'organization_object_id') + self.organization_object_id = attributes[:'organization_object_id'] + end + + if attributes.key?(:'settings') + if (value = attributes[:'settings']).is_a?(Array) + self.settings = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + organization_object_id == o.organization_object_id && + settings == o.settings + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [organization_object_id, settings].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/devices_set_sign_in_with_jump_cloud_settings_request.rb b/jcapiv2/lib/jcapiv2/models/devices_set_sign_in_with_jump_cloud_settings_request.rb new file mode 100644 index 0000000..adafe95 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/devices_set_sign_in_with_jump_cloud_settings_request.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DevicesSetSignInWithJumpCloudSettingsRequest + attr_accessor :organization_object_id + + attr_accessor :settings + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'organization_object_id' => :'organizationObjectId', + :'settings' => :'settings' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'organization_object_id' => :'Object', + :'settings' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DevicesSetSignInWithJumpCloudSettingsRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DevicesSetSignInWithJumpCloudSettingsRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'organization_object_id') + self.organization_object_id = attributes[:'organization_object_id'] + end + + if attributes.key?(:'settings') + if (value = attributes[:'settings']).is_a?(Array) + self.settings = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + organization_object_id == o.organization_object_id && + settings == o.settings + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [organization_object_id, settings].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting.rb b/jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting.rb new file mode 100644 index 0000000..d85ebf4 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DevicesSignInWithJumpCloudSetting + attr_accessor :default_permission + + attr_accessor :enabled + + attr_accessor :os_family + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'default_permission' => :'defaultPermission', + :'enabled' => :'enabled', + :'os_family' => :'osFamily' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'default_permission' => :'Object', + :'enabled' => :'Object', + :'os_family' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DevicesSignInWithJumpCloudSetting` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DevicesSignInWithJumpCloudSetting`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'default_permission') + self.default_permission = attributes[:'default_permission'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'os_family') + self.os_family = attributes[:'os_family'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + default_permission == o.default_permission && + enabled == o.enabled && + os_family == o.os_family + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [default_permission, enabled, os_family].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting_os_family.rb b/jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting_os_family.rb new file mode 100644 index 0000000..40d1ecc --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting_os_family.rb @@ -0,0 +1,29 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DevicesSignInWithJumpCloudSettingOSFamily + UNKNOWN = 'UNKNOWN'.freeze + WINDOWS = 'WINDOWS'.freeze + MACOS = 'MACOS'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = DevicesSignInWithJumpCloudSettingOSFamily.constants.select { |c| DevicesSignInWithJumpCloudSettingOSFamily::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #DevicesSignInWithJumpCloudSettingOSFamily" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting_permission.rb b/jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting_permission.rb new file mode 100644 index 0000000..00b90b8 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/devices_sign_in_with_jump_cloud_setting_permission.rb @@ -0,0 +1,28 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class DevicesSignInWithJumpCloudSettingPermission + STANDARD = 'STANDARD'.freeze + ADMIN = 'ADMIN'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = DevicesSignInWithJumpCloudSettingPermission.constants.select { |c| DevicesSignInWithJumpCloudSettingPermission::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #DevicesSignInWithJumpCloudSettingPermission" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/directory.rb b/jcapiv2/lib/jcapiv2/models/directory.rb index 5c071c5..bc056c8 100644 --- a/jcapiv2/lib/jcapiv2/models/directory.rb +++ b/jcapiv2/lib/jcapiv2/models/directory.rb @@ -1,26 +1,29 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class Directory + attr_accessor :default_domain + # The ObjectID of the directory. attr_accessor :id # The name of the directory. attr_accessor :name + # the expiry and error status of the bearer token + attr_accessor :o_auth_status + # The type of directory. attr_accessor :type @@ -49,41 +52,65 @@ def valid?(value) # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'default_domain' => :'defaultDomain', :'id' => :'id', :'name' => :'name', + :'o_auth_status' => :'oAuthStatus', :'type' => :'type' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'id' => :'String', - :'name' => :'String', - :'type' => :'String' + :'default_domain' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'o_auth_status' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Directory` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Directory`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'default_domain') + self.default_domain = attributes[:'default_domain'] + end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'type') - self.type = attributes[:'type'] + if attributes.key?(:'o_auth_status') + self.o_auth_status = attributes[:'o_auth_status'] end + if attributes.key?(:'type') + self.type = attributes[:'type'] + end end # Show invalid properties with the reasons. Usually used together with valid? @@ -91,18 +118,18 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") + invalid_properties.push('invalid value for "id", id cannot be nil.') end if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") + invalid_properties.push('invalid value for "name", name cannot be nil.') end if @type.nil? - invalid_properties.push("invalid value for 'type', type cannot be nil.") + invalid_properties.push('invalid value for "type", type cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid @@ -111,17 +138,17 @@ def valid? return false if @id.nil? return false if @name.nil? return false if @type.nil? - type_validator = EnumAttributeValidator.new('String', ["active_directory", "g_suite", "ldap_server", "office_365", "workday"]) + type_validator = EnumAttributeValidator.new('Object', ['active_directory', 'g_suite', 'ldap_server', 'office_365', 'workday']) return false unless type_validator.valid?(@type) - return true + true end # Custom attribute writer method checking allowed values (enum). # @param [Object] type Object to be assigned def type=(type) - validator = EnumAttributeValidator.new('String', ["active_directory", "g_suite", "ldap_server", "office_365", "workday"]) + validator = EnumAttributeValidator.new('Object', ['active_directory', 'g_suite', 'ldap_server', 'office_365', 'workday']) unless validator.valid?(type) - fail ArgumentError, "invalid value for 'type', must be one of #{validator.allowable_values}." + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." end @type = type end @@ -131,8 +158,10 @@ def type=(type) def ==(o) return true if self.equal?(o) self.class == o.class && + default_domain == o.default_domain && id == o.id && name == o.name && + o_auth_status == o.o_auth_status && type == o.type end @@ -143,9 +172,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [id, name, type].hash + [default_domain, id, name, o_auth_status, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -153,16 +189,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -184,7 +222,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -205,8 +243,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -228,7 +265,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -240,7 +281,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -250,8 +291,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/directory_default_domain.rb b/jcapiv2/lib/jcapiv2/models/directory_default_domain.rb new file mode 100644 index 0000000..1856951 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/directory_default_domain.rb @@ -0,0 +1,216 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # The default domain object if exists, contains id and name of the domain. + class DirectoryDefaultDomain + attr_accessor :domain + + attr_accessor :id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'domain' => :'domain', + :'id' => :'id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'domain' => :'Object', + :'id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DirectoryDefaultDomain` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DirectoryDefaultDomain`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'domain') + self.domain = attributes[:'domain'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + domain == o.domain && + id == o.id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [domain, id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/duo_account.rb b/jcapiv2/lib/jcapiv2/models/duo_account.rb index 949ae0a..8d73cee 100644 --- a/jcapiv2/lib/jcapiv2/models/duo_account.rb +++ b/jcapiv2/lib/jcapiv2/models/duo_account.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class DuoAccount # object ID attr_accessor :id @@ -21,7 +19,6 @@ class DuoAccount # Duo application name. attr_accessor :name - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -31,29 +28,41 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'id' => :'String', - :'name' => :'String' + :'id' => :'Object', + :'name' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DuoAccount` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DuoAccount`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - end # Show invalid properties with the reasons. Usually used together with valid? @@ -61,17 +70,17 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") + invalid_properties.push('invalid value for "id", id cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? return false if @id.nil? - return true + true end # Checks equality by comparing each attribute. @@ -90,26 +99,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [id, name].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -131,7 +149,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -152,8 +170,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -175,7 +192,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -187,7 +208,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -197,8 +218,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/duo_application.rb b/jcapiv2/lib/jcapiv2/models/duo_application.rb index 2c609db..d390db4 100644 --- a/jcapiv2/lib/jcapiv2/models/duo_application.rb +++ b/jcapiv2/lib/jcapiv2/models/duo_application.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class DuoApplication attr_accessor :api_host @@ -23,7 +21,6 @@ class DuoApplication attr_accessor :name - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -35,39 +32,51 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'api_host' => :'String', - :'id' => :'String', - :'integration_key' => :'String', - :'name' => :'String' + :'api_host' => :'Object', + :'id' => :'Object', + :'integration_key' => :'Object', + :'name' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DuoApplication` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DuoApplication`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'apiHost') - self.api_host = attributes[:'apiHost'] + if attributes.key?(:'api_host') + self.api_host = attributes[:'api_host'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'integrationKey') - self.integration_key = attributes[:'integrationKey'] + if attributes.key?(:'integration_key') + self.integration_key = attributes[:'integration_key'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - end # Show invalid properties with the reasons. Usually used together with valid? @@ -75,22 +84,22 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @api_host.nil? - invalid_properties.push("invalid value for 'api_host', api_host cannot be nil.") + invalid_properties.push('invalid value for "api_host", api_host cannot be nil.') end if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") + invalid_properties.push('invalid value for "id", id cannot be nil.') end if @integration_key.nil? - invalid_properties.push("invalid value for 'integration_key', integration_key cannot be nil.") + invalid_properties.push('invalid value for "integration_key", integration_key cannot be nil.') end if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") + invalid_properties.push('invalid value for "name", name cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid @@ -100,7 +109,7 @@ def valid? return false if @id.nil? return false if @integration_key.nil? return false if @name.nil? - return true + true end # Checks equality by comparing each attribute. @@ -121,26 +130,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [api_host, id, integration_key, name].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -162,7 +180,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -183,8 +201,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -206,7 +223,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -218,7 +239,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -228,8 +249,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/duo_application_req.rb b/jcapiv2/lib/jcapiv2/models/duo_application_req.rb index 2fdc0b9..eee6c55 100644 --- a/jcapiv2/lib/jcapiv2/models/duo_application_req.rb +++ b/jcapiv2/lib/jcapiv2/models/duo_application_req.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class DuoApplicationReq attr_accessor :api_host @@ -23,7 +21,6 @@ class DuoApplicationReq attr_accessor :secret_key - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -35,39 +32,51 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'api_host' => :'String', - :'integration_key' => :'String', - :'name' => :'String', - :'secret_key' => :'String' + :'api_host' => :'Object', + :'integration_key' => :'Object', + :'name' => :'Object', + :'secret_key' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DuoApplicationReq` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DuoApplicationReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'apiHost') - self.api_host = attributes[:'apiHost'] + if attributes.key?(:'api_host') + self.api_host = attributes[:'api_host'] end - if attributes.has_key?(:'integrationKey') - self.integration_key = attributes[:'integrationKey'] + if attributes.key?(:'integration_key') + self.integration_key = attributes[:'integration_key'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'secretKey') - self.secret_key = attributes[:'secretKey'] + if attributes.key?(:'secret_key') + self.secret_key = attributes[:'secret_key'] end - end # Show invalid properties with the reasons. Usually used together with valid? @@ -75,22 +84,22 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @api_host.nil? - invalid_properties.push("invalid value for 'api_host', api_host cannot be nil.") + invalid_properties.push('invalid value for "api_host", api_host cannot be nil.') end if @integration_key.nil? - invalid_properties.push("invalid value for 'integration_key', integration_key cannot be nil.") + invalid_properties.push('invalid value for "integration_key", integration_key cannot be nil.') end if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") + invalid_properties.push('invalid value for "name", name cannot be nil.') end if @secret_key.nil? - invalid_properties.push("invalid value for 'secret_key', secret_key cannot be nil.") + invalid_properties.push('invalid value for "secret_key", secret_key cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid @@ -100,7 +109,7 @@ def valid? return false if @integration_key.nil? return false if @name.nil? return false if @secret_key.nil? - return true + true end # Checks equality by comparing each attribute. @@ -121,26 +130,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [api_host, integration_key, name, secret_key].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -162,7 +180,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -183,8 +201,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -206,7 +223,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -218,7 +239,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -228,8 +249,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/duo_application_update_req.rb b/jcapiv2/lib/jcapiv2/models/duo_application_update_req.rb index 312cc28..d4d8bac 100644 --- a/jcapiv2/lib/jcapiv2/models/duo_application_update_req.rb +++ b/jcapiv2/lib/jcapiv2/models/duo_application_update_req.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class DuoApplicationUpdateReq attr_accessor :api_host @@ -23,7 +21,6 @@ class DuoApplicationUpdateReq attr_accessor :secret_key - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -35,52 +32,79 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'api_host' => :'String', - :'integration_key' => :'String', - :'name' => :'String', - :'secret_key' => :'String' + :'api_host' => :'Object', + :'integration_key' => :'Object', + :'name' => :'Object', + :'secret_key' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::DuoApplicationUpdateReq` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::DuoApplicationUpdateReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'apiHost') - self.api_host = attributes[:'apiHost'] + if attributes.key?(:'api_host') + self.api_host = attributes[:'api_host'] end - if attributes.has_key?(:'integrationKey') - self.integration_key = attributes[:'integrationKey'] + if attributes.key?(:'integration_key') + self.integration_key = attributes[:'integration_key'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'secretKey') - self.secret_key = attributes[:'secretKey'] + if attributes.key?(:'secret_key') + self.secret_key = attributes[:'secret_key'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + if @api_host.nil? + invalid_properties.push('invalid value for "api_host", api_host cannot be nil.') + end + + if @integration_key.nil? + invalid_properties.push('invalid value for "integration_key", integration_key cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + return false if @api_host.nil? + return false if @integration_key.nil? + return false if @name.nil? + true end # Checks equality by comparing each attribute. @@ -101,26 +125,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [api_host, integration_key, name, secret_key].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -142,7 +175,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -163,8 +196,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -186,7 +218,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -198,7 +234,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -208,8 +244,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/duo_registration_application.rb b/jcapiv2/lib/jcapiv2/models/duo_registration_application.rb deleted file mode 100644 index 6576c48..0000000 --- a/jcapiv2/lib/jcapiv2/models/duo_registration_application.rb +++ /dev/null @@ -1,224 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class DuoRegistrationApplication - # Duo Application host name. - attr_accessor :api_host - - # Duo Application integration key. - attr_accessor :integration_key - - # Duo Application secret key. - attr_accessor :secret_key - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'api_host' => :'apiHost', - :'integration_key' => :'integrationKey', - :'secret_key' => :'secretKey' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'api_host' => :'String', - :'integration_key' => :'String', - :'secret_key' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'apiHost') - self.api_host = attributes[:'apiHost'] - end - - if attributes.has_key?(:'integrationKey') - self.integration_key = attributes[:'integrationKey'] - end - - if attributes.has_key?(:'secretKey') - self.secret_key = attributes[:'secretKey'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @api_host.nil? - invalid_properties.push("invalid value for 'api_host', api_host cannot be nil.") - end - - if @integration_key.nil? - invalid_properties.push("invalid value for 'integration_key', integration_key cannot be nil.") - end - - if @secret_key.nil? - invalid_properties.push("invalid value for 'secret_key', secret_key cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @api_host.nil? - return false if @integration_key.nil? - return false if @secret_key.nil? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - api_host == o.api_host && - integration_key == o.integration_key && - secret_key == o.secret_key - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [api_host, integration_key, secret_key].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/duo_registration_application_req.rb b/jcapiv2/lib/jcapiv2/models/duo_registration_application_req.rb deleted file mode 100644 index bd793c9..0000000 --- a/jcapiv2/lib/jcapiv2/models/duo_registration_application_req.rb +++ /dev/null @@ -1,193 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class DuoRegistrationApplicationReq - attr_accessor :registration_application - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'registration_application' => :'registrationApplication' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'registration_application' => :'DuoRegistrationApplication' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'registrationApplication') - self.registration_application = attributes[:'registrationApplication'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @registration_application.nil? - invalid_properties.push("invalid value for 'registration_application', registration_application cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @registration_application.nil? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - registration_application == o.registration_application - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [registration_application].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/emailrequest.rb b/jcapiv2/lib/jcapiv2/models/emailrequest.rb deleted file mode 100644 index 2097a24..0000000 --- a/jcapiv2/lib/jcapiv2/models/emailrequest.rb +++ /dev/null @@ -1,221 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class Emailrequest - attr_accessor :email_type - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'email_type' => :'emailType' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'email_type' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'emailType') - self.email_type = attributes[:'emailType'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - email_type_validator = EnumAttributeValidator.new('String', ["activation"]) - return false unless email_type_validator.valid?(@email_type) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] email_type Object to be assigned - def email_type=(email_type) - validator = EnumAttributeValidator.new('String', ["activation"]) - unless validator.valid?(email_type) - fail ArgumentError, "invalid value for 'email_type', must be one of #{validator.allowable_values}." - end - @email_type = email_type - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - email_type == o.email_type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [email_type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/enrollment_profile.rb b/jcapiv2/lib/jcapiv2/models/enrollment_profile.rb deleted file mode 100644 index 1ff7ec3..0000000 --- a/jcapiv2/lib/jcapiv2/models/enrollment_profile.rb +++ /dev/null @@ -1,197 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class EnrollmentProfile - attr_accessor :apple_mdm_id - - attr_accessor :id - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'apple_mdm_id' => :'appleMdmId', - :'id' => :'id' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'apple_mdm_id' => :'String', - :'id' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'appleMdmId') - self.apple_mdm_id = attributes[:'appleMdmId'] - end - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - apple_mdm_id == o.apple_mdm_id && - id == o.id - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [apple_mdm_id, id].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/enterprises_enterprise_id_body.rb b/jcapiv2/lib/jcapiv2/models/enterprises_enterprise_id_body.rb new file mode 100644 index 0000000..55b1539 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/enterprises_enterprise_id_body.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class EnterprisesEnterpriseIdBody + attr_accessor :allow_device_enrollment + + attr_accessor :device_group_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'allow_device_enrollment' => :'allowDeviceEnrollment', + :'device_group_id' => :'deviceGroupId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'allow_device_enrollment' => :'Object', + :'device_group_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::EnterprisesEnterpriseIdBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::EnterprisesEnterpriseIdBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'allow_device_enrollment') + self.allow_device_enrollment = attributes[:'allow_device_enrollment'] + end + + if attributes.key?(:'device_group_id') + self.device_group_id = attributes[:'device_group_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + allow_device_enrollment == o.allow_device_enrollment && + device_group_id == o.device_group_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [allow_device_enrollment, device_group_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/error.rb b/jcapiv2/lib/jcapiv2/models/error.rb index c1dfa0f..8d14fbc 100644 --- a/jcapiv2/lib/jcapiv2/models/error.rb +++ b/jcapiv2/lib/jcapiv2/models/error.rb @@ -1,78 +1,90 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class Error + # HTTP status code attr_accessor :code - attr_accessor :fields - + # Error message attr_accessor :message + # HTTP status description + attr_accessor :status # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'code' => :'code', - :'fields' => :'fields', - :'message' => :'message' + :'message' => :'message', + :'status' => :'status' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'code' => :'Integer', - :'fields' => :'String', - :'message' => :'String' + :'code' => :'Object', + :'message' => :'Object', + :'status' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Error` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Error`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'code') + if attributes.key?(:'code') self.code = attributes[:'code'] end - if attributes.has_key?(:'fields') - self.fields = attributes[:'fields'] - end - - if attributes.has_key?(:'message') + if attributes.key?(:'message') self.message = attributes[:'message'] end + if attributes.key?(:'status') + self.status = attributes[:'status'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -81,8 +93,8 @@ def ==(o) return true if self.equal?(o) self.class == o.class && code == o.code && - fields == o.fields && - message == o.message + message == o.message && + status == o.status end # @see the `==` method @@ -92,9 +104,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [code, fields, message].hash + [code, message, status].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -102,16 +121,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -133,7 +154,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -154,8 +175,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -177,7 +197,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -189,7 +213,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -199,8 +223,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/error_details.rb b/jcapiv2/lib/jcapiv2/models/error_details.rb new file mode 100644 index 0000000..34fe078 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/error_details.rb @@ -0,0 +1,243 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ErrorDetails + # HTTP status code + attr_accessor :code + + # Error message + attr_accessor :message + + # HTTP status description + attr_accessor :status + + # Describes a list of objects with more detailed information of the given error. Each detail schema is according to one of the messages defined in Google's API: https://github.com/googleapis/googleapis/blob/master/google/rpc/error_details.proto + attr_accessor :details + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'code' => :'code', + :'message' => :'message', + :'status' => :'status', + :'details' => :'details' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'code' => :'', + :'message' => :'', + :'status' => :'', + :'details' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ErrorDetails` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ErrorDetails`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'code') + self.code = attributes[:'code'] + end + + if attributes.key?(:'message') + self.message = attributes[:'message'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'details') + if (value = attributes[:'details']).is_a?(Array) + self.details = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + code == o.code && + message == o.message && + status == o.status && + details == o.details && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [code, message, status, details].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/errorresponse.rb b/jcapiv2/lib/jcapiv2/models/errorresponse.rb deleted file mode 100644 index 6e96c76..0000000 --- a/jcapiv2/lib/jcapiv2/models/errorresponse.rb +++ /dev/null @@ -1,188 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class Errorresponse - attr_accessor :message - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'message' => :'message' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'message' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'message') - self.message = attributes[:'message'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - message == o.message - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [message].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/feature.rb b/jcapiv2/lib/jcapiv2/models/feature.rb new file mode 100644 index 0000000..d85e978 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/feature.rb @@ -0,0 +1,242 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # A feature represents JumpCloud functionality. + class Feature + # The unique identifier for this feature. + attr_accessor :name + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Feature` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Feature`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + name_validator = EnumAttributeValidator.new('Object', ['cloudDirectory', 'deviceManagement', 'directoryInsightsPremium', 'implementationQuickstart', 'ldap', 'mdm', 'mfa', 'premiumSupport', 'radius', 'sso', 'systemInsights', 'userLifecycle', 'zeroTrust', 'jumpcloudProtect', 'osPatchManagement', 'remoteAssist', 'cloudInsights', 'passwordManagement']) + return false unless name_validator.valid?(@name) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] name Object to be assigned + def name=(name) + validator = EnumAttributeValidator.new('Object', ['cloudDirectory', 'deviceManagement', 'directoryInsightsPremium', 'implementationQuickstart', 'ldap', 'mdm', 'mfa', 'premiumSupport', 'radius', 'sso', 'systemInsights', 'userLifecycle', 'zeroTrust', 'jumpcloudProtect', 'osPatchManagement', 'remoteAssist', 'cloudInsights', 'passwordManagement']) + unless validator.valid?(name) + fail ArgumentError, "invalid value for \"name\", must be one of #{validator.allowable_values}." + end + @name = name + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/feature_trial_data.rb b/jcapiv2/lib/jcapiv2/models/feature_trial_data.rb new file mode 100644 index 0000000..5b8ffad --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/feature_trial_data.rb @@ -0,0 +1,216 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Feature usage data for a feature + class FeatureTrialData + attr_accessor :end_date + + attr_accessor :start_date + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'end_date' => :'endDate', + :'start_date' => :'startDate' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'end_date' => :'Object', + :'start_date' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::FeatureTrialData` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::FeatureTrialData`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'end_date') + self.end_date = attributes[:'end_date'] + end + + if attributes.key?(:'start_date') + self.start_date = attributes[:'start_date'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + end_date == o.end_date && + start_date == o.start_date + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [end_date, start_date].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/filter.rb b/jcapiv2/lib/jcapiv2/models/filter.rb new file mode 100644 index 0000000..5aaddf4 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/filter.rb @@ -0,0 +1,277 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Filter for a field. + class Filter + # Name of field in filter target object. + attr_accessor :field + + # Filter comparison operator. + attr_accessor :operator + + # Filter comparison value. + attr_accessor :value + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'field' => :'field', + :'operator' => :'operator', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'field' => :'Object', + :'operator' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Filter` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Filter`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'field') + self.field = attributes[:'field'] + end + + if attributes.key?(:'operator') + self.operator = attributes[:'operator'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @field.nil? + invalid_properties.push('invalid value for "field", field cannot be nil.') + end + + if @operator.nil? + invalid_properties.push('invalid value for "operator", operator cannot be nil.') + end + + if @value.nil? + invalid_properties.push('invalid value for "value", value cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @field.nil? + return false if @operator.nil? + operator_validator = EnumAttributeValidator.new('Object', ['eq', 'ne', 'gt', 'ge', 'lt', 'le', 'between', 'search', 'in']) + return false unless operator_validator.valid?(@operator) + return false if @value.nil? + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] operator Object to be assigned + def operator=(operator) + validator = EnumAttributeValidator.new('Object', ['eq', 'ne', 'gt', 'ge', 'lt', 'le', 'between', 'search', 'in']) + unless validator.valid?(operator) + fail ArgumentError, "invalid value for \"operator\", must be one of #{validator.allowable_values}." + end + @operator = operator + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + field == o.field && + operator == o.operator && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [field, operator, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/filter_query.rb b/jcapiv2/lib/jcapiv2/models/filter_query.rb new file mode 100644 index 0000000..e866fc6 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/filter_query.rb @@ -0,0 +1,261 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Query using a sequence of field filters. + class FilterQuery + attr_accessor :query_type + + attr_accessor :filters + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'query_type' => :'queryType', + :'filters' => :'filters' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'query_type' => :'', + :'filters' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::FilterQuery` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::FilterQuery`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'query_type') + self.query_type = attributes[:'query_type'] + end + + if attributes.key?(:'filters') + if (value = attributes[:'filters']).is_a?(Array) + self.filters = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @query_type.nil? + invalid_properties.push('invalid value for "query_type", query_type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @query_type.nil? + query_type_validator = EnumAttributeValidator.new('', ['FilterQuery']) + return false unless query_type_validator.valid?(@query_type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] query_type Object to be assigned + def query_type=(query_type) + validator = EnumAttributeValidator.new('', ['FilterQuery']) + unless validator.valid?(query_type) + fail ArgumentError, "invalid value for \"query_type\", must be one of #{validator.allowable_values}." + end + @query_type = query_type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + query_type == o.query_type && + filters == o.filters && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [query_type, filters].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/g_suite_builtin_translation.rb b/jcapiv2/lib/jcapiv2/models/g_suite_builtin_translation.rb index 5d4d46c..bd6d18b 100644 --- a/jcapiv2/lib/jcapiv2/models/g_suite_builtin_translation.rb +++ b/jcapiv2/lib/jcapiv2/models/g_suite_builtin_translation.rb @@ -1,43 +1,42 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 class GSuiteBuiltinTranslation - - HOME_ADDRESSES = "user_home_addresses".freeze - WORK_ADDRESSES = "user_work_addresses".freeze - OTHER_ADDRESSES = "user_other_addresses".freeze - HOME_PHONE_NUMBERS = "user_home_phone_numbers".freeze - MOBILE_PHONE_NUMBERS = "user_mobile_phone_numbers".freeze - OTHER_PHONE_NUMBERS = "user_other_phone_numbers".freeze - WORK_PHONE_NUMBERS = "user_work_phone_numbers".freeze - WORK_FAX_PHONE_NUMBERS = "user_work_fax_phone_numbers".freeze - WORK_MOBILE_PHONE_NUMBERS = "user_work_mobile_phone_numbers".freeze - PRIMARY_ORGANIZATION_COST_CENTER = "user_primary_organization_cost_center".freeze - PRIMARY_ORGANIZATION_DEPARTMENT = "user_primary_organization_department".freeze - PRIMARY_ORGANIZATION_DESCRIPTION = "user_primary_organization_description".freeze - PRIMARY_ORGANIZATION_EMPLOYEE_ID = "user_primary_organization_employee_id".freeze - PRIMARY_ORGANIZATION_TITLE = "user_primary_organization_title".freeze + HOME_ADDRESSES = 'user_home_addresses'.freeze + WORK_ADDRESSES = 'user_work_addresses'.freeze + OTHER_ADDRESSES = 'user_other_addresses'.freeze + HOME_PHONE_NUMBERS = 'user_home_phone_numbers'.freeze + MOBILE_PHONE_NUMBERS = 'user_mobile_phone_numbers'.freeze + OTHER_PHONE_NUMBERS = 'user_other_phone_numbers'.freeze + WORK_PHONE_NUMBERS = 'user_work_phone_numbers'.freeze + WORK_FAX_PHONE_NUMBERS = 'user_work_fax_phone_numbers'.freeze + WORK_MOBILE_PHONE_NUMBERS = 'user_work_mobile_phone_numbers'.freeze + MANAGER = 'user_manager'.freeze + ALTERNATE_EMAIL = 'user_alternate_email'.freeze + PRIMARY_ORGANIZATION_COST_CENTER = 'user_primary_organization_cost_center'.freeze + PRIMARY_ORGANIZATION_DEPARTMENT = 'user_primary_organization_department'.freeze + PRIMARY_ORGANIZATION_DESCRIPTION = 'user_primary_organization_description'.freeze + PRIMARY_ORGANIZATION_EMPLOYEE_ID = 'user_primary_organization_employee_id'.freeze + PRIMARY_ORGANIZATION_TITLE = 'user_primary_organization_title'.freeze # Builds the enum from string # @param [String] The enum value in the form of the string # @return [String] The enum value def build_from_hash(value) - constantValues = GSuiteBuiltinTranslation.constants.select{|c| GSuiteBuiltinTranslation::const_get(c) == value} + constantValues = GSuiteBuiltinTranslation.constants.select { |c| GSuiteBuiltinTranslation::const_get(c) == value } raise "Invalid ENUM value #{value} for class #GSuiteBuiltinTranslation" if constantValues.empty? value end end - end diff --git a/jcapiv2/lib/jcapiv2/models/g_suite_direction_translation.rb b/jcapiv2/lib/jcapiv2/models/g_suite_direction_translation.rb new file mode 100644 index 0000000..fb42bec --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/g_suite_direction_translation.rb @@ -0,0 +1,28 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GSuiteDirectionTranslation + EXPORT = 'export'.freeze + IMPORT = 'import'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = GSuiteDirectionTranslation.constants.select { |c| GSuiteDirectionTranslation::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #GSuiteDirectionTranslation" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/g_suite_translation_rule.rb b/jcapiv2/lib/jcapiv2/models/g_suite_translation_rule.rb index edfb547..4cdefc0 100644 --- a/jcapiv2/lib/jcapiv2/models/g_suite_translation_rule.rb +++ b/jcapiv2/lib/jcapiv2/models/g_suite_translation_rule.rb @@ -1,71 +1,88 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class GSuiteTranslationRule attr_accessor :built_in + attr_accessor :direction + # ObjectId uniquely identifying a Translation Rule. attr_accessor :id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'built_in' => :'builtIn', + :'direction' => :'direction', :'id' => :'id' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'built_in' => :'GSuiteBuiltinTranslation', - :'id' => :'String' + :'built_in' => :'Object', + :'direction' => :'Object', + :'id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GSuiteTranslationRule` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GSuiteTranslationRule`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'built_in') + self.built_in = attributes[:'built_in'] + end - if attributes.has_key?(:'builtIn') - self.built_in = attributes[:'builtIn'] + if attributes.key?(:'direction') + self.direction = attributes[:'direction'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -74,6 +91,7 @@ def ==(o) return true if self.equal?(o) self.class == o.class && built_in == o.built_in && + direction == o.direction && id == o.id end @@ -84,9 +102,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [built_in, id].hash + [built_in, direction, id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -94,16 +119,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -125,7 +152,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -146,8 +173,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -169,7 +195,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -181,7 +211,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -191,8 +221,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/g_suite_translation_rule_request.rb b/jcapiv2/lib/jcapiv2/models/g_suite_translation_rule_request.rb index 0cb6c2d..240375a 100644 --- a/jcapiv2/lib/jcapiv2/models/g_suite_translation_rule_request.rb +++ b/jcapiv2/lib/jcapiv2/models/g_suite_translation_rule_request.rb @@ -1,62 +1,79 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class GSuiteTranslationRuleRequest attr_accessor :built_in + attr_accessor :direction # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { - :'built_in' => :'builtIn' + :'built_in' => :'builtIn', + :'direction' => :'direction' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'built_in' => :'GSuiteBuiltinTranslation' + :'built_in' => :'Object', + :'direction' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GSuiteTranslationRuleRequest` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GSuiteTranslationRuleRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'builtIn') - self.built_in = attributes[:'builtIn'] + if attributes.key?(:'built_in') + self.built_in = attributes[:'built_in'] end + if attributes.key?(:'direction') + self.direction = attributes[:'direction'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -64,7 +81,8 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && - built_in == o.built_in + built_in == o.built_in && + direction == o.direction end # @see the `==` method @@ -74,9 +92,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [built_in].hash + [built_in, direction].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -84,16 +109,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -115,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -136,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -159,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -171,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -181,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/google_protobuf_any.rb b/jcapiv2/lib/jcapiv2/models/google_protobuf_any.rb new file mode 100644 index 0000000..5f1bc09 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/google_protobuf_any.rb @@ -0,0 +1,202 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # `Any` contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message. Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type. Example 1: Pack and unpack a message in C++. Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... } Example 2: Pack and unpack a message in Java. Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } Example 3: Pack and unpack a message in Python. foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ... Example 4: Pack and unpack a message in Go foo := &pb.Foo{...} any, err := anypb.New(foo) if err != nil { ... } ... foo := &pb.Foo{} if err := any.UnmarshalTo(foo); err != nil { ... } The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example \"foo.bar.com/x/y.z\" will yield type name \"y.z\". JSON The JSON representation of an `Any` value uses the regular representation of the deserialized, embedded message, with an additional field `@type` which contains the type URL. Example: package google.profile; message Person { string first_name = 1; string last_name = 2; } { \"@type\": \"type.googleapis.com/google.profile.Person\", \"firstName\": , \"lastName\": } If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field `value` which holds the custom JSON in addition to the `@type` field. Example (for message [google.protobuf.Duration][]): { \"@type\": \"type.googleapis.com/google.protobuf.Duration\", \"value\": \"1.212s\" } + class GoogleProtobufAny + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GoogleProtobufAny` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GoogleProtobufAny`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/google_rpc_status.rb b/jcapiv2/lib/jcapiv2/models/google_rpc_status.rb new file mode 100644 index 0000000..4188980 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/google_rpc_status.rb @@ -0,0 +1,226 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GoogleRpcStatus + attr_accessor :code + + attr_accessor :details + + attr_accessor :message + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'code' => :'code', + :'details' => :'details', + :'message' => :'message' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'code' => :'Object', + :'details' => :'Object', + :'message' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GoogleRpcStatus` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GoogleRpcStatus`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'code') + self.code = attributes[:'code'] + end + + if attributes.key?(:'details') + if (value = attributes[:'details']).is_a?(Array) + self.details = value + end + end + + if attributes.key?(:'message') + self.message = attributes[:'message'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + code == o.code && + details == o.details && + message == o.message + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [code, details, message].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_attribute_ldap_groups.rb b/jcapiv2/lib/jcapiv2/models/graph_attribute_ldap_groups.rb new file mode 100644 index 0000000..a66665d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_attribute_ldap_groups.rb @@ -0,0 +1,209 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # List of LDAP groups to provision when this JumpCloud group is bound to an LDAP instance. + class GraphAttributeLdapGroups + attr_accessor :ldap_groups + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'ldap_groups' => :'ldapGroups' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'ldap_groups' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphAttributeLdapGroups` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphAttributeLdapGroups`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'ldap_groups') + if (value = attributes[:'ldap_groups']).is_a?(Array) + self.ldap_groups = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + ldap_groups == o.ldap_groups + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [ldap_groups].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_attribute_posix_groups.rb b/jcapiv2/lib/jcapiv2/models/graph_attribute_posix_groups.rb new file mode 100644 index 0000000..ed353a3 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_attribute_posix_groups.rb @@ -0,0 +1,209 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # List of POSIX groups to provision when this JumpCloud group is bound to a supported resource. + class GraphAttributePosixGroups + attr_accessor :posix_groups + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'posix_groups' => :'posixGroups' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'posix_groups' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphAttributePosixGroups` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphAttributePosixGroups`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'posix_groups') + if (value = attributes[:'posix_groups']).is_a?(Array) + self.posix_groups = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + posix_groups == o.posix_groups + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [posix_groups].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_attribute_posix_groups_posix_groups.rb b/jcapiv2/lib/jcapiv2/models/graph_attribute_posix_groups_posix_groups.rb new file mode 100644 index 0000000..3636f0a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_attribute_posix_groups_posix_groups.rb @@ -0,0 +1,225 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphAttributePosixGroupsPosixGroups + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphAttributePosixGroupsPosixGroups` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphAttributePosixGroupsPosixGroups`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_attribute_radius.rb b/jcapiv2/lib/jcapiv2/models/graph_attribute_radius.rb new file mode 100644 index 0000000..9c2d405 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_attribute_radius.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # RADIUS reply attributes are returned in the Access-Accept messages sent to endpoints that authenticate with JumpCloud RADIUS. + class GraphAttributeRadius + attr_accessor :radius + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'radius' => :'radius' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'radius' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphAttributeRadius` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphAttributeRadius`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'radius') + self.radius = attributes[:'radius'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + radius == o.radius + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [radius].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_attribute_radius_radius.rb b/jcapiv2/lib/jcapiv2/models/graph_attribute_radius_radius.rb new file mode 100644 index 0000000..6d505ac --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_attribute_radius_radius.rb @@ -0,0 +1,208 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphAttributeRadiusRadius + attr_accessor :reply + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'reply' => :'reply' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'reply' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphAttributeRadiusRadius` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphAttributeRadiusRadius`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'reply') + if (value = attributes[:'reply']).is_a?(Array) + self.reply = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + reply == o.reply + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [reply].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_attribute_radius_radius_reply.rb b/jcapiv2/lib/jcapiv2/models/graph_attribute_radius_radius_reply.rb new file mode 100644 index 0000000..80a1f70 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_attribute_radius_radius_reply.rb @@ -0,0 +1,225 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphAttributeRadiusRadiusReply + attr_accessor :name + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphAttributeRadiusRadiusReply` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphAttributeRadiusRadiusReply`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @value.nil? + invalid_properties.push('invalid value for "value", value cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @name.nil? + return false if @value.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_attribute_samba_enabled.rb b/jcapiv2/lib/jcapiv2/models/graph_attribute_samba_enabled.rb new file mode 100644 index 0000000..ac2c7ee --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_attribute_samba_enabled.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Enabling Samba support allows for LDAP users to authenticate to endpoints that require Samba attributes within the LDAP directory + class GraphAttributeSambaEnabled + attr_accessor :samba_enabled + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'samba_enabled' => :'sambaEnabled' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'samba_enabled' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphAttributeSambaEnabled` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphAttributeSambaEnabled`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'samba_enabled') + self.samba_enabled = attributes[:'samba_enabled'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + samba_enabled == o.samba_enabled + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [samba_enabled].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_attribute_sudo.rb b/jcapiv2/lib/jcapiv2/models/graph_attribute_sudo.rb new file mode 100644 index 0000000..b108e51 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_attribute_sudo.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Setting user access controls in order to grant administrator permissions + class GraphAttributeSudo + attr_accessor :sudo + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'sudo' => :'sudo' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'sudo' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphAttributeSudo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphAttributeSudo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'sudo') + self.sudo = attributes[:'sudo'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + sudo == o.sudo + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [sudo].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_attribute_sudo_sudo.rb b/jcapiv2/lib/jcapiv2/models/graph_attribute_sudo_sudo.rb new file mode 100644 index 0000000..fb2b98a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_attribute_sudo_sudo.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphAttributeSudoSudo + # Enables sudo + attr_accessor :enabled + + # Enable sudo without password (requires 'enabled' to be true) + attr_accessor :without_password + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'enabled' => :'enabled', + :'without_password' => :'withoutPassword' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'enabled' => :'Object', + :'without_password' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphAttributeSudoSudo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphAttributeSudoSudo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'without_password') + self.without_password = attributes[:'without_password'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @enabled.nil? + invalid_properties.push('invalid value for "enabled", enabled cannot be nil.') + end + + if @without_password.nil? + invalid_properties.push('invalid value for "without_password", without_password cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @enabled.nil? + return false if @without_password.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enabled == o.enabled && + without_password == o.without_password + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [enabled, without_password].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_attributes.rb b/jcapiv2/lib/jcapiv2/models/graph_attributes.rb new file mode 100644 index 0000000..2c25994 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_attributes.rb @@ -0,0 +1,202 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # The graph attributes. + class GraphAttributes + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphAttributes` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphAttributes`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_connection.rb b/jcapiv2/lib/jcapiv2/models/graph_connection.rb index 6c58da1..9de063d 100644 --- a/jcapiv2/lib/jcapiv2/models/graph_connection.rb +++ b/jcapiv2/lib/jcapiv2/models/graph_connection.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' @@ -15,43 +14,62 @@ module JCAPIv2 # Represents an edge between two graph objects. From can be omitted if it is clear from context. class GraphConnection + attr_accessor :attributes + attr_accessor :from attr_accessor :to - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'attributes' => :'attributes', :'from' => :'from', :'to' => :'to' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'from' => :'GraphObject', - :'to' => :'GraphObject' + :'attributes' => :'Object', + :'from' => :'Object', + :'to' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphConnection` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphConnection`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'from') + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'from') self.from = attributes[:'from'] end - if attributes.has_key?(:'to') + if attributes.key?(:'to') self.to = attributes[:'to'] end - end # Show invalid properties with the reasons. Usually used together with valid? @@ -59,17 +77,17 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @to.nil? - invalid_properties.push("invalid value for 'to', to cannot be nil.") + invalid_properties.push('invalid value for "to", to cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? return false if @to.nil? - return true + true end # Checks equality by comparing each attribute. @@ -77,6 +95,7 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && + attributes == o.attributes && from == o.from && to == o.to end @@ -88,9 +107,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [from, to].hash + [attributes, from, to].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -98,16 +124,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -129,7 +157,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -150,8 +178,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -173,7 +200,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -185,7 +216,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -195,8 +226,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/graph_management_req.rb b/jcapiv2/lib/jcapiv2/models/graph_management_req.rb deleted file mode 100644 index 2629a33..0000000 --- a/jcapiv2/lib/jcapiv2/models/graph_management_req.rb +++ /dev/null @@ -1,256 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class GraphManagementReq - # The ObjectID of graph object being added or removed as an association. - attr_accessor :id - - # How to modify the graph connection. - attr_accessor :op - - attr_accessor :type - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'id' => :'id', - :'op' => :'op', - :'type' => :'type' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'id' => :'String', - :'op' => :'String', - :'type' => :'GraphType' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'op') - self.op = attributes[:'op'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - if @op.nil? - invalid_properties.push("invalid value for 'op', op cannot be nil.") - end - - if @type.nil? - invalid_properties.push("invalid value for 'type', type cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @id.nil? - return false if @op.nil? - op_validator = EnumAttributeValidator.new('String', ["add", "remove", "update"]) - return false unless op_validator.valid?(@op) - return false if @type.nil? - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] op Object to be assigned - def op=(op) - validator = EnumAttributeValidator.new('String', ["add", "remove", "update"]) - unless validator.valid?(op) - fail ArgumentError, "invalid value for 'op', must be one of #{validator.allowable_values}." - end - @op = op - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - id == o.id && - op == o.op && - type == o.type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [id, op, type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/graph_object.rb b/jcapiv2/lib/jcapiv2/models/graph_object.rb index ca4f654..9c37173 100644 --- a/jcapiv2/lib/jcapiv2/models/graph_object.rb +++ b/jcapiv2/lib/jcapiv2/models/graph_object.rb @@ -1,59 +1,76 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class GraphObject + attr_accessor :attributes + # The ObjectID of the graph object. attr_accessor :id # The type of graph object. attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'attributes' => :'attributes', :'id' => :'id', :'type' => :'type' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'id' => :'String', - :'type' => :'String' + :'attributes' => :'Object', + :'id' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphObject` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphObject`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? @@ -61,14 +78,14 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") + invalid_properties.push('invalid value for "id", id cannot be nil.') end if @type.nil? - invalid_properties.push("invalid value for 'type', type cannot be nil.") + invalid_properties.push('invalid value for "type", type cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid @@ -76,7 +93,7 @@ def list_invalid_properties def valid? return false if @id.nil? return false if @type.nil? - return true + true end # Checks equality by comparing each attribute. @@ -84,6 +101,7 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && + attributes == o.attributes && id == o.id && type == o.type end @@ -95,9 +113,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [id, type].hash + [attributes, id, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -105,16 +130,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -136,7 +163,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -157,8 +184,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -180,7 +206,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -192,7 +222,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -202,8 +232,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/graph_object_with_paths.rb b/jcapiv2/lib/jcapiv2/models/graph_object_with_paths.rb index d28b79b..6e3db79 100644 --- a/jcapiv2/lib/jcapiv2/models/graph_object_with_paths.rb +++ b/jcapiv2/lib/jcapiv2/models/graph_object_with_paths.rb @@ -1,20 +1,20 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class GraphObjectWithPaths + attr_accessor :compiled_attributes + # Object ID of this graph object. attr_accessor :id @@ -23,10 +23,10 @@ class GraphObjectWithPaths attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'compiled_attributes' => :'compiledAttributes', :'id' => :'id', :'paths' => :'paths', :'type' => :'type' @@ -34,36 +34,53 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'id' => :'String', - :'paths' => :'Array>', - :'type' => :'GraphType' + :'compiled_attributes' => :'Object', + :'id' => :'Object', + :'paths' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphObjectWithPaths` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphObjectWithPaths`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'compiled_attributes') + self.compiled_attributes = attributes[:'compiled_attributes'] + end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'paths') + if attributes.key?(:'paths') if (value = attributes[:'paths']).is_a?(Array) self.paths = value end end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? @@ -71,18 +88,18 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") + invalid_properties.push('invalid value for "id", id cannot be nil.') end if @paths.nil? - invalid_properties.push("invalid value for 'paths', paths cannot be nil.") + invalid_properties.push('invalid value for "paths", paths cannot be nil.') end if @type.nil? - invalid_properties.push("invalid value for 'type', type cannot be nil.") + invalid_properties.push('invalid value for "type", type cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid @@ -91,7 +108,7 @@ def valid? return false if @id.nil? return false if @paths.nil? return false if @type.nil? - return true + true end # Checks equality by comparing each attribute. @@ -99,6 +116,7 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && + compiled_attributes == o.compiled_attributes && id == o.id && paths == o.paths && type == o.type @@ -111,9 +129,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [id, paths, type].hash + [compiled_attributes, id, paths, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -121,16 +146,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -152,7 +179,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -173,8 +200,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -196,7 +222,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -208,7 +238,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -218,8 +248,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation.rb b/jcapiv2/lib/jcapiv2/models/graph_operation.rb new file mode 100644 index 0000000..acf04de --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation.rb @@ -0,0 +1,261 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperation + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'op' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperation` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperation`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('Object', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('Object', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_active_directory.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_active_directory.rb new file mode 100644 index 0000000..646a031 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_active_directory.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationActiveDirectory + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"active_directory\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationActiveDirectory` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationActiveDirectory`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['user', 'user_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['user', 'user_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_application.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_application.rb new file mode 100644 index 0000000..44807ad --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_application.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationApplication + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"application\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationApplication` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationApplication`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['user', 'user_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['user', 'user_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_command.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_command.rb new file mode 100644 index 0000000..9c1f9ae --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_command.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationCommand + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"command\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationCommand` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationCommand`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['system', 'system_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['system', 'system_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_g_suite.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_g_suite.rb new file mode 100644 index 0000000..ddd46d8 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_g_suite.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationGSuite + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"g_suite\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationGSuite` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationGSuite`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['user', 'user_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['user', 'user_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_ldap_server.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_ldap_server.rb new file mode 100644 index 0000000..c851522 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_ldap_server.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationLdapServer + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"ldap_server\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationLdapServer` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationLdapServer`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['user', 'user_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['user', 'user_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_office365.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_office365.rb new file mode 100644 index 0000000..d13d0bf --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_office365.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationOffice365 + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"office_365\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationOffice365` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationOffice365`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['user', 'user_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['user', 'user_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_policy.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_policy.rb new file mode 100644 index 0000000..5347c05 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_policy.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationPolicy + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"policy\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationPolicy` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationPolicy`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['system', 'system_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['system', 'system_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_policy_group.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_policy_group.rb new file mode 100644 index 0000000..739c600 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_policy_group.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationPolicyGroup + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"policy_group\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationPolicyGroup` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationPolicyGroup`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['system', 'system_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['system', 'system_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_policy_group_member.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_policy_group_member.rb new file mode 100644 index 0000000..c0ec847 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_policy_group_member.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationPolicyGroupMember + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # The member type. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationPolicyGroupMember` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationPolicyGroupMember`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['policy']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['policy']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_radius_server.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_radius_server.rb new file mode 100644 index 0000000..920fbf3 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_radius_server.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationRadiusServer + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"radius_server\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationRadiusServer` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationRadiusServer`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['user', 'user_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['user', 'user_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_software_app.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_software_app.rb new file mode 100644 index 0000000..8acef13 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_software_app.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationSoftwareApp + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"software_app\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationSoftwareApp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationSoftwareApp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['system', 'system_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['system', 'system_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_system.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_system.rb new file mode 100644 index 0000000..1a6e265 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_system.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationSystem + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"system\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationSystem` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationSystem`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['command', 'policy', 'policy_group', 'user', 'user_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['command', 'policy', 'policy_group', 'user', 'user_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_system_group.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_system_group.rb new file mode 100644 index 0000000..a0b6808 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_system_group.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationSystemGroup + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"system_group\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationSystemGroup` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationSystemGroup`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['command', 'policy', 'policy_group', 'user', 'user_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['command', 'policy', 'policy_group', 'user', 'user_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_system_group_member.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_system_group_member.rb new file mode 100644 index 0000000..6923891 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_system_group_member.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationSystemGroupMember + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # The member type. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationSystemGroupMember` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationSystemGroupMember`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['system']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['system']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_user.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_user.rb new file mode 100644 index 0000000..90e615d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_user.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationUser + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"user\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationUser` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationUser`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['active_directory', 'application', 'g_suite', 'ldap_server', 'office_365', 'radius_server', 'system', 'system_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['active_directory', 'application', 'g_suite', 'ldap_server', 'office_365', 'radius_server', 'system', 'system_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_user_group.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_user_group.rb new file mode 100644 index 0000000..196d835 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_user_group.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationUserGroup + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # Targets which a \"user_group\" can be associated to. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationUserGroup` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationUserGroup`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['active_directory', 'application', 'g_suite', 'ldap_server', 'office_365', 'radius_server', 'system', 'system_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['active_directory', 'application', 'g_suite', 'ldap_server', 'office_365', 'radius_server', 'system', 'system_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_operation_user_group_member.rb b/jcapiv2/lib/jcapiv2/models/graph_operation_user_group_member.rb new file mode 100644 index 0000000..af73f7f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/graph_operation_user_group_member.rb @@ -0,0 +1,301 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GraphOperationUserGroupMember + # The ObjectID of graph object being added or removed as an association. + attr_accessor :id + + # How to modify the graph connection. + attr_accessor :op + + attr_accessor :attributes + + # The member type. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'op' => :'op', + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'', + :'op' => :'', + :'attributes' => :'', + :'type' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GraphOperationUserGroupMember` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GraphOperationUserGroupMember`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @op.nil? + invalid_properties.push('invalid value for "op", op cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @op.nil? + op_validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + return false unless op_validator.valid?(@op) + return false if @type.nil? + type_validator = EnumAttributeValidator.new('', ['user']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('', ['add', 'remove', 'update']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('', ['user']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + op == o.op && + attributes == o.attributes && + type == o.type && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, op, attributes, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/graph_type.rb b/jcapiv2/lib/jcapiv2/models/graph_type.rb index 0e5dfca..1d6d49e 100644 --- a/jcapiv2/lib/jcapiv2/models/graph_type.rb +++ b/jcapiv2/lib/jcapiv2/models/graph_type.rb @@ -1,41 +1,39 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 class GraphType - - ACTIVE_DIRECTORY = "active_directory".freeze - APPLICATION = "application".freeze - COMMAND = "command".freeze - G_SUITE = "g_suite".freeze - LDAP_SERVER = "ldap_server".freeze - OFFICE_365 = "office_365".freeze - POLICY = "policy".freeze - RADIUS_SERVER = "radius_server".freeze - SYSTEM = "system".freeze - SYSTEM_GROUP = "system_group".freeze - USER = "user".freeze - USER_GROUP = "user_group".freeze + ACTIVE_DIRECTORY = 'active_directory'.freeze + APPLICATION = 'application'.freeze + COMMAND = 'command'.freeze + G_SUITE = 'g_suite'.freeze + LDAP_SERVER = 'ldap_server'.freeze + OFFICE_365 = 'office_365'.freeze + POLICY = 'policy'.freeze + POLICY_GROUP = 'policy_group'.freeze + RADIUS_SERVER = 'radius_server'.freeze + SYSTEM = 'system'.freeze + SYSTEM_GROUP = 'system_group'.freeze + USER = 'user'.freeze + USER_GROUP = 'user_group'.freeze # Builds the enum from string # @param [String] The enum value in the form of the string # @return [String] The enum value def build_from_hash(value) - constantValues = GraphType.constants.select{|c| GraphType::const_get(c) == value} + constantValues = GraphType.constants.select { |c| GraphType::const_get(c) == value } raise "Invalid ENUM value #{value} for class #GraphType" if constantValues.empty? value end end - end diff --git a/jcapiv2/lib/jcapiv2/models/group.rb b/jcapiv2/lib/jcapiv2/models/group.rb index 15d72ab..8a5c676 100644 --- a/jcapiv2/lib/jcapiv2/models/group.rb +++ b/jcapiv2/lib/jcapiv2/models/group.rb @@ -1,20 +1,26 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class Group + attr_accessor :attributes + + # Description of a Group + attr_accessor :description + + # E-mail address associated with a Group + attr_accessor :email + # ObjectId uniquely identifying a Group. attr_accessor :id @@ -23,10 +29,12 @@ class Group attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'attributes' => :'attributes', + :'description' => :'description', + :'email' => :'email', :'id' => :'id', :'name' => :'name', :'type' => :'type' @@ -34,47 +42,74 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'id' => :'String', - :'name' => :'String', - :'type' => :'GroupType' + :'attributes' => :'Object', + :'description' => :'Object', + :'email' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Group` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Group`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end - if attributes.has_key?(:'id') + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -82,6 +117,9 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && + attributes == o.attributes && + description == o.description && + email == o.email && id == o.id && name == o.name && type == o.type @@ -94,9 +132,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [id, name, type].hash + [attributes, description, email, id, name, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -104,16 +149,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -135,7 +182,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -156,8 +203,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -179,7 +225,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -191,7 +241,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -201,8 +251,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/group_attributes_user_group.rb b/jcapiv2/lib/jcapiv2/models/group_attributes_user_group.rb new file mode 100644 index 0000000..311bfa7 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/group_attributes_user_group.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # The graph attributes for a UserGroup. + class GroupAttributesUserGroup + attr_accessor :sudo + + attr_accessor :ldap_groups + + attr_accessor :posix_groups + + attr_accessor :radius + + attr_accessor :samba_enabled + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'sudo' => :'sudo', + :'ldap_groups' => :'ldapGroups', + :'posix_groups' => :'posixGroups', + :'radius' => :'radius', + :'samba_enabled' => :'sambaEnabled' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'sudo' => :'', + :'ldap_groups' => :'', + :'posix_groups' => :'', + :'radius' => :'', + :'samba_enabled' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GroupAttributesUserGroup` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GroupAttributesUserGroup`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'sudo') + self.sudo = attributes[:'sudo'] + end + + if attributes.key?(:'ldap_groups') + if (value = attributes[:'ldap_groups']).is_a?(Array) + self.ldap_groups = value + end + end + + if attributes.key?(:'posix_groups') + if (value = attributes[:'posix_groups']).is_a?(Array) + self.posix_groups = value + end + end + + if attributes.key?(:'radius') + self.radius = attributes[:'radius'] + end + + if attributes.key?(:'samba_enabled') + self.samba_enabled = attributes[:'samba_enabled'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + sudo == o.sudo && + ldap_groups == o.ldap_groups && + posix_groups == o.posix_groups && + radius == o.radius && + samba_enabled == o.samba_enabled && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [sudo, ldap_groups, posix_groups, radius, samba_enabled].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/group_id_suggestions_body.rb b/jcapiv2/lib/jcapiv2/models/group_id_suggestions_body.rb new file mode 100644 index 0000000..02b435f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/group_id_suggestions_body.rb @@ -0,0 +1,208 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GroupIdSuggestionsBody + attr_accessor :object_ids + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'object_ids' => :'object_ids' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'object_ids' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GroupIdSuggestionsBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GroupIdSuggestionsBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'object_ids') + if (value = attributes[:'object_ids']).is_a?(Array) + self.object_ids = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + object_ids == o.object_ids + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [object_ids].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/group_id_suggestions_body_1.rb b/jcapiv2/lib/jcapiv2/models/group_id_suggestions_body_1.rb new file mode 100644 index 0000000..a62c0ec --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/group_id_suggestions_body_1.rb @@ -0,0 +1,208 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GroupIdSuggestionsBody1 + attr_accessor :user_ids + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'user_ids' => :'user_ids' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'user_ids' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GroupIdSuggestionsBody1` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GroupIdSuggestionsBody1`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'user_ids') + if (value = attributes[:'user_ids']).is_a?(Array) + self.user_ids = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + user_ids == o.user_ids + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [user_ids].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/group_membership_method_type.rb b/jcapiv2/lib/jcapiv2/models/group_membership_method_type.rb new file mode 100644 index 0000000..fe07625 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/group_membership_method_type.rb @@ -0,0 +1,30 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GroupMembershipMethodType + NOTSET = 'NOTSET'.freeze + STATIC = 'STATIC'.freeze + DYNAMIC_REVIEW_REQUIRED = 'DYNAMIC_REVIEW_REQUIRED'.freeze + DYNAMIC_AUTOMATED = 'DYNAMIC_AUTOMATED'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = GroupMembershipMethodType.constants.select { |c| GroupMembershipMethodType::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #GroupMembershipMethodType" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/group_pwm.rb b/jcapiv2/lib/jcapiv2/models/group_pwm.rb new file mode 100644 index 0000000..6339029 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/group_pwm.rb @@ -0,0 +1,280 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GroupPwm + attr_accessor :access_level_id + + attr_accessor :access_level_name + + attr_accessor :description + + attr_accessor :external_id + + attr_accessor :id + + attr_accessor :name + + attr_accessor :users_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'access_level_id' => :'accessLevelId', + :'access_level_name' => :'accessLevelName', + :'description' => :'description', + :'external_id' => :'externalId', + :'id' => :'id', + :'name' => :'name', + :'users_count' => :'usersCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'access_level_id' => :'Object', + :'access_level_name' => :'Object', + :'description' => :'Object', + :'external_id' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'users_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GroupPwm` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GroupPwm`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'access_level_id') + self.access_level_id = attributes[:'access_level_id'] + end + + if attributes.key?(:'access_level_name') + self.access_level_name = attributes[:'access_level_name'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'external_id') + self.external_id = attributes[:'external_id'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'users_count') + self.users_count = attributes[:'users_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @access_level_id.nil? + invalid_properties.push('invalid value for "access_level_id", access_level_id cannot be nil.') + end + + if @access_level_name.nil? + invalid_properties.push('invalid value for "access_level_name", access_level_name cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @access_level_id.nil? + return false if @access_level_name.nil? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + access_level_id == o.access_level_id && + access_level_name == o.access_level_name && + description == o.description && + external_id == o.external_id && + id == o.id && + name == o.name && + users_count == o.users_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [access_level_id, access_level_name, description, external_id, id, name, users_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/group_type.rb b/jcapiv2/lib/jcapiv2/models/group_type.rb index 720cb5b..2154d79 100644 --- a/jcapiv2/lib/jcapiv2/models/group_type.rb +++ b/jcapiv2/lib/jcapiv2/models/group_type.rb @@ -1,31 +1,29 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 class GroupType - - SYSTEM_GROUP = "system_group".freeze - USER_GROUP = "user_group".freeze + POLICY_GROUP = 'policy_group'.freeze + SYSTEM_GROUP = 'system_group'.freeze + USER_GROUP = 'user_group'.freeze # Builds the enum from string # @param [String] The enum value in the form of the string # @return [String] The enum value def build_from_hash(value) - constantValues = GroupType.constants.select{|c| GroupType::const_get(c) == value} + constantValues = GroupType.constants.select { |c| GroupType::const_get(c) == value } raise "Invalid ENUM value #{value} for class #GroupType" if constantValues.empty? value end end - end diff --git a/jcapiv2/lib/jcapiv2/models/groups.rb b/jcapiv2/lib/jcapiv2/models/groups.rb new file mode 100644 index 0000000..9a1548e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/groups.rb @@ -0,0 +1,201 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class Groups + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Groups` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Groups`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/groups_inner.rb b/jcapiv2/lib/jcapiv2/models/groups_inner.rb new file mode 100644 index 0000000..983764e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/groups_inner.rb @@ -0,0 +1,225 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class GroupsInner + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::GroupsInner` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::GroupsInner`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/gsuite.rb b/jcapiv2/lib/jcapiv2/models/gsuite.rb new file mode 100644 index 0000000..342d370 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/gsuite.rb @@ -0,0 +1,297 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class Gsuite + attr_accessor :default_domain + + attr_accessor :groups_enabled + + attr_accessor :id + + attr_accessor :name + + attr_accessor :user_lockout_action + + attr_accessor :user_password_expiration_action + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'default_domain' => :'defaultDomain', + :'groups_enabled' => :'groupsEnabled', + :'id' => :'id', + :'name' => :'name', + :'user_lockout_action' => :'userLockoutAction', + :'user_password_expiration_action' => :'userPasswordExpirationAction' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'default_domain' => :'Object', + :'groups_enabled' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'user_lockout_action' => :'Object', + :'user_password_expiration_action' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Gsuite` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Gsuite`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'default_domain') + self.default_domain = attributes[:'default_domain'] + end + + if attributes.key?(:'groups_enabled') + self.groups_enabled = attributes[:'groups_enabled'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'user_lockout_action') + self.user_lockout_action = attributes[:'user_lockout_action'] + end + + if attributes.key?(:'user_password_expiration_action') + self.user_password_expiration_action = attributes[:'user_password_expiration_action'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + user_lockout_action_validator = EnumAttributeValidator.new('Object', ['suspend', 'maintain']) + return false unless user_lockout_action_validator.valid?(@user_lockout_action) + user_password_expiration_action_validator = EnumAttributeValidator.new('Object', ['suspend', 'maintain', 'remove_access']) + return false unless user_password_expiration_action_validator.valid?(@user_password_expiration_action) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] user_lockout_action Object to be assigned + def user_lockout_action=(user_lockout_action) + validator = EnumAttributeValidator.new('Object', ['suspend', 'maintain']) + unless validator.valid?(user_lockout_action) + fail ArgumentError, "invalid value for \"user_lockout_action\", must be one of #{validator.allowable_values}." + end + @user_lockout_action = user_lockout_action + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] user_password_expiration_action Object to be assigned + def user_password_expiration_action=(user_password_expiration_action) + validator = EnumAttributeValidator.new('Object', ['suspend', 'maintain', 'remove_access']) + unless validator.valid?(user_password_expiration_action) + fail ArgumentError, "invalid value for \"user_password_expiration_action\", must be one of #{validator.allowable_values}." + end + @user_password_expiration_action = user_password_expiration_action + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + default_domain == o.default_domain && + groups_enabled == o.groups_enabled && + id == o.id && + name == o.name && + user_lockout_action == o.user_lockout_action && + user_password_expiration_action == o.user_password_expiration_action + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [default_domain, groups_enabled, id, name, user_lockout_action, user_password_expiration_action].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/gsuite_output.rb b/jcapiv2/lib/jcapiv2/models/gsuite_output.rb deleted file mode 100644 index 1d68c77..0000000 --- a/jcapiv2/lib/jcapiv2/models/gsuite_output.rb +++ /dev/null @@ -1,251 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class GsuiteOutput - attr_accessor :id - - attr_accessor :user_lockout_action - - attr_accessor :user_password_expiration_action - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'id' => :'id', - :'user_lockout_action' => :'userLockoutAction', - :'user_password_expiration_action' => :'userPasswordExpirationAction' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'id' => :'String', - :'user_lockout_action' => :'String', - :'user_password_expiration_action' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'userLockoutAction') - self.user_lockout_action = attributes[:'userLockoutAction'] - end - - if attributes.has_key?(:'userPasswordExpirationAction') - self.user_password_expiration_action = attributes[:'userPasswordExpirationAction'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - user_lockout_action_validator = EnumAttributeValidator.new('String', ["suspend", "maintain"]) - return false unless user_lockout_action_validator.valid?(@user_lockout_action) - user_password_expiration_action_validator = EnumAttributeValidator.new('String', ["suspend", "maintain"]) - return false unless user_password_expiration_action_validator.valid?(@user_password_expiration_action) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] user_lockout_action Object to be assigned - def user_lockout_action=(user_lockout_action) - validator = EnumAttributeValidator.new('String', ["suspend", "maintain"]) - unless validator.valid?(user_lockout_action) - fail ArgumentError, "invalid value for 'user_lockout_action', must be one of #{validator.allowable_values}." - end - @user_lockout_action = user_lockout_action - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] user_password_expiration_action Object to be assigned - def user_password_expiration_action=(user_password_expiration_action) - validator = EnumAttributeValidator.new('String', ["suspend", "maintain"]) - unless validator.valid?(user_password_expiration_action) - fail ArgumentError, "invalid value for 'user_password_expiration_action', must be one of #{validator.allowable_values}." - end - @user_password_expiration_action = user_password_expiration_action - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - id == o.id && - user_lockout_action == o.user_lockout_action && - user_password_expiration_action == o.user_password_expiration_action - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [id, user_lockout_action, user_password_expiration_action].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/gsuite_patch_input.rb b/jcapiv2/lib/jcapiv2/models/gsuite_patch_input.rb deleted file mode 100644 index 16e02eb..0000000 --- a/jcapiv2/lib/jcapiv2/models/gsuite_patch_input.rb +++ /dev/null @@ -1,242 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class GsuitePatchInput - attr_accessor :user_lockout_action - - attr_accessor :user_password_expiration_action - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'user_lockout_action' => :'userLockoutAction', - :'user_password_expiration_action' => :'userPasswordExpirationAction' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'user_lockout_action' => :'String', - :'user_password_expiration_action' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'userLockoutAction') - self.user_lockout_action = attributes[:'userLockoutAction'] - end - - if attributes.has_key?(:'userPasswordExpirationAction') - self.user_password_expiration_action = attributes[:'userPasswordExpirationAction'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - user_lockout_action_validator = EnumAttributeValidator.new('String', ["suspend", "maintain"]) - return false unless user_lockout_action_validator.valid?(@user_lockout_action) - user_password_expiration_action_validator = EnumAttributeValidator.new('String', ["suspend", "maintain"]) - return false unless user_password_expiration_action_validator.valid?(@user_password_expiration_action) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] user_lockout_action Object to be assigned - def user_lockout_action=(user_lockout_action) - validator = EnumAttributeValidator.new('String', ["suspend", "maintain"]) - unless validator.valid?(user_lockout_action) - fail ArgumentError, "invalid value for 'user_lockout_action', must be one of #{validator.allowable_values}." - end - @user_lockout_action = user_lockout_action - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] user_password_expiration_action Object to be assigned - def user_password_expiration_action=(user_password_expiration_action) - validator = EnumAttributeValidator.new('String', ["suspend", "maintain"]) - unless validator.valid?(user_password_expiration_action) - fail ArgumentError, "invalid value for 'user_password_expiration_action', must be one of #{validator.allowable_values}." - end - @user_password_expiration_action = user_password_expiration_action - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - user_lockout_action == o.user_lockout_action && - user_password_expiration_action == o.user_password_expiration_action - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [user_lockout_action, user_password_expiration_action].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/import_operation.rb b/jcapiv2/lib/jcapiv2/models/import_operation.rb new file mode 100644 index 0000000..3a17f68 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/import_operation.rb @@ -0,0 +1,28 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ImportOperation + CREATE = 'users.create'.freeze + UPDATE = 'users.update'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = ImportOperation.constants.select { |c| ImportOperation::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #ImportOperation" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/import_user.rb b/jcapiv2/lib/jcapiv2/models/import_user.rb new file mode 100644 index 0000000..7177304 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/import_user.rb @@ -0,0 +1,363 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ImportUser + attr_accessor :addresses + + attr_accessor :alternate_email + + attr_accessor :company + + attr_accessor :cost_center + + attr_accessor :department + + attr_accessor :displayname + + attr_accessor :email + + attr_accessor :employee_identifier + + attr_accessor :employee_type + + attr_accessor :firstname + + attr_accessor :id + + attr_accessor :job_title + + attr_accessor :lastname + + attr_accessor :location + + attr_accessor :manager + + attr_accessor :middlename + + attr_accessor :phone_numbers + + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'addresses' => :'addresses', + :'alternate_email' => :'alternateEmail', + :'company' => :'company', + :'cost_center' => :'costCenter', + :'department' => :'department', + :'displayname' => :'displayname', + :'email' => :'email', + :'employee_identifier' => :'employeeIdentifier', + :'employee_type' => :'employeeType', + :'firstname' => :'firstname', + :'id' => :'id', + :'job_title' => :'jobTitle', + :'lastname' => :'lastname', + :'location' => :'location', + :'manager' => :'manager', + :'middlename' => :'middlename', + :'phone_numbers' => :'phoneNumbers', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'addresses' => :'Object', + :'alternate_email' => :'Object', + :'company' => :'Object', + :'cost_center' => :'Object', + :'department' => :'Object', + :'displayname' => :'Object', + :'email' => :'Object', + :'employee_identifier' => :'Object', + :'employee_type' => :'Object', + :'firstname' => :'Object', + :'id' => :'Object', + :'job_title' => :'Object', + :'lastname' => :'Object', + :'location' => :'Object', + :'manager' => :'Object', + :'middlename' => :'Object', + :'phone_numbers' => :'Object', + :'username' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ImportUser` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ImportUser`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'addresses') + if (value = attributes[:'addresses']).is_a?(Array) + self.addresses = value + end + end + + if attributes.key?(:'alternate_email') + self.alternate_email = attributes[:'alternate_email'] + end + + if attributes.key?(:'company') + self.company = attributes[:'company'] + end + + if attributes.key?(:'cost_center') + self.cost_center = attributes[:'cost_center'] + end + + if attributes.key?(:'department') + self.department = attributes[:'department'] + end + + if attributes.key?(:'displayname') + self.displayname = attributes[:'displayname'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'employee_identifier') + self.employee_identifier = attributes[:'employee_identifier'] + end + + if attributes.key?(:'employee_type') + self.employee_type = attributes[:'employee_type'] + end + + if attributes.key?(:'firstname') + self.firstname = attributes[:'firstname'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'job_title') + self.job_title = attributes[:'job_title'] + end + + if attributes.key?(:'lastname') + self.lastname = attributes[:'lastname'] + end + + if attributes.key?(:'location') + self.location = attributes[:'location'] + end + + if attributes.key?(:'manager') + self.manager = attributes[:'manager'] + end + + if attributes.key?(:'middlename') + self.middlename = attributes[:'middlename'] + end + + if attributes.key?(:'phone_numbers') + if (value = attributes[:'phone_numbers']).is_a?(Array) + self.phone_numbers = value + end + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + addresses == o.addresses && + alternate_email == o.alternate_email && + company == o.company && + cost_center == o.cost_center && + department == o.department && + displayname == o.displayname && + email == o.email && + employee_identifier == o.employee_identifier && + employee_type == o.employee_type && + firstname == o.firstname && + id == o.id && + job_title == o.job_title && + lastname == o.lastname && + location == o.location && + manager == o.manager && + middlename == o.middlename && + phone_numbers == o.phone_numbers && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [addresses, alternate_email, company, cost_center, department, displayname, email, employee_identifier, employee_type, firstname, id, job_title, lastname, location, manager, middlename, phone_numbers, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/import_user_address.rb b/jcapiv2/lib/jcapiv2/models/import_user_address.rb new file mode 100644 index 0000000..f72a75b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/import_user_address.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ImportUserAddress + attr_accessor :country + + attr_accessor :locality + + attr_accessor :postal_code + + attr_accessor :region + + attr_accessor :street_address + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'country' => :'country', + :'locality' => :'locality', + :'postal_code' => :'postalCode', + :'region' => :'region', + :'street_address' => :'streetAddress', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'country' => :'Object', + :'locality' => :'Object', + :'postal_code' => :'Object', + :'region' => :'Object', + :'street_address' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ImportUserAddress` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ImportUserAddress`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'country') + self.country = attributes[:'country'] + end + + if attributes.key?(:'locality') + self.locality = attributes[:'locality'] + end + + if attributes.key?(:'postal_code') + self.postal_code = attributes[:'postal_code'] + end + + if attributes.key?(:'region') + self.region = attributes[:'region'] + end + + if attributes.key?(:'street_address') + self.street_address = attributes[:'street_address'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + country == o.country && + locality == o.locality && + postal_code == o.postal_code && + region == o.region && + street_address == o.street_address && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [country, locality, postal_code, region, street_address, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/import_user_phone_number.rb b/jcapiv2/lib/jcapiv2/models/import_user_phone_number.rb new file mode 100644 index 0000000..eaf61c6 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/import_user_phone_number.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ImportUserPhoneNumber + attr_accessor :type + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'type' => :'type', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'type' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ImportUserPhoneNumber` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ImportUserPhoneNumber`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + type == o.type && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [type, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/import_users_request.rb b/jcapiv2/lib/jcapiv2/models/import_users_request.rb new file mode 100644 index 0000000..4831739 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/import_users_request.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ImportUsersRequest + # A boolean value to allow the reactivation of suspended users + attr_accessor :allow_user_reactivation + + # Operations to be performed on the user list returned from the application + attr_accessor :operations + + # Query string to filter and sort the user list returned from the application. The supported filtering and sorting varies by application. If no value is sent, all users are returned. **Example:** \"location=Chicago&department=IT\"Query string used to retrieve users from service + attr_accessor :query_string + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'allow_user_reactivation' => :'allowUserReactivation', + :'operations' => :'operations', + :'query_string' => :'queryString' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'allow_user_reactivation' => :'Object', + :'operations' => :'Object', + :'query_string' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ImportUsersRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ImportUsersRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'allow_user_reactivation') + self.allow_user_reactivation = attributes[:'allow_user_reactivation'] + else + self.allow_user_reactivation = true + end + + if attributes.key?(:'operations') + if (value = attributes[:'operations']).is_a?(Array) + self.operations = value + end + end + + if attributes.key?(:'query_string') + self.query_string = attributes[:'query_string'] + else + self.query_string = '' + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + allow_user_reactivation == o.allow_user_reactivation && + operations == o.operations && + query_string == o.query_string + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [allow_user_reactivation, operations, query_string].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/import_users_response.rb b/jcapiv2/lib/jcapiv2/models/import_users_response.rb new file mode 100644 index 0000000..9d06bd1 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/import_users_response.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ImportUsersResponse + attr_accessor :total_count + + attr_accessor :users + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'total_count' => :'total_count', + :'users' => :'users' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'total_count' => :'Object', + :'users' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ImportUsersResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ImportUsersResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + + if attributes.key?(:'users') + if (value = attributes[:'users']).is_a?(Array) + self.users = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + total_count == o.total_count && + users == o.users + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [total_count, users].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200.rb index a33fdde..f388889 100644 --- a/jcapiv2/lib/jcapiv2/models/inline_response_200.rb +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200.rb @@ -1,86 +1,82 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class InlineResponse200 - attr_accessor :id - - attr_accessor :name - - attr_accessor :user_lockout_action - - attr_accessor :user_password_expiration_action + # The total number of ACTIVATED and SUSPENDED events to a max depth of 1 for all of the users in the query. A value larger than the limit specified on the query indicates that additional calls are needed, using a skip greater than 0, to retrieve the full set of results. + attr_accessor :events_count + attr_accessor :results # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { - :'id' => :'id', - :'name' => :'name', - :'user_lockout_action' => :'userLockoutAction', - :'user_password_expiration_action' => :'userPasswordExpirationAction' + :'events_count' => :'events_count', + :'results' => :'results' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'id' => :'String', - :'name' => :'String', - :'user_lockout_action' => :'LdapServerAction', - :'user_password_expiration_action' => :'LdapServerAction' + :'events_count' => :'Object', + :'results' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse200` initialize method" end - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse200`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'userLockoutAction') - self.user_lockout_action = attributes[:'userLockoutAction'] + if attributes.key?(:'events_count') + self.events_count = attributes[:'events_count'] end - if attributes.has_key?(:'userPasswordExpirationAction') - self.user_password_expiration_action = attributes[:'userPasswordExpirationAction'] + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -88,10 +84,8 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && - id == o.id && - name == o.name && - user_lockout_action == o.user_lockout_action && - user_password_expiration_action == o.user_password_expiration_action + events_count == o.events_count && + results == o.results end # @see the `==` method @@ -101,9 +95,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [id, name, user_lockout_action, user_password_expiration_action].hash + [events_count, results].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -111,16 +112,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -142,7 +145,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -163,8 +166,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -186,7 +188,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -198,7 +204,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -208,8 +214,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_1.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_1.rb index 5f203f3..2f23e2a 100644 --- a/jcapiv2/lib/jcapiv2/models/inline_response_200_1.rb +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_1.rb @@ -1,72 +1,81 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class InlineResponse2001 - attr_accessor :results - - attr_accessor :total_count + attr_accessor :next_page_token + attr_accessor :users # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { - :'results' => :'results', - :'total_count' => :'totalCount' + :'next_page_token' => :'nextPageToken', + :'users' => :'users' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'results' => :'Array', - :'total_count' => :'Integer' + :'next_page_token' => :'Object', + :'users' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse2001` initialize method" + end - if attributes.has_key?(:'results') - if (value = attributes[:'results']).is_a?(Array) - self.results = value + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse2001`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect end - end + h[k.to_sym] = v + } - if attributes.has_key?(:'totalCount') - self.total_count = attributes[:'totalCount'] + if attributes.key?(:'next_page_token') + self.next_page_token = attributes[:'next_page_token'] end + if attributes.key?(:'users') + if (value = attributes[:'users']).is_a?(Array) + self.users = value + end + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -74,8 +83,8 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && - results == o.results && - total_count == o.total_count + next_page_token == o.next_page_token && + users == o.users end # @see the `==` method @@ -85,9 +94,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [results, total_count].hash + [next_page_token, users].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -95,16 +111,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -126,7 +144,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -147,8 +165,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -170,7 +187,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -182,7 +203,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -192,8 +213,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_10.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_10.rb new file mode 100644 index 0000000..3c09731 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_10.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse20010 + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse20010` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse20010`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_11.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_11.rb new file mode 100644 index 0000000..eb2e726 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_11.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse20011 + attr_accessor :id + + attr_accessor :name + + attr_accessor :user_lockout_action + + attr_accessor :user_password_expiration_action + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name', + :'user_lockout_action' => :'userLockoutAction', + :'user_password_expiration_action' => :'userPasswordExpirationAction' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object', + :'user_lockout_action' => :'Object', + :'user_password_expiration_action' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse20011` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse20011`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'user_lockout_action') + self.user_lockout_action = attributes[:'user_lockout_action'] + end + + if attributes.key?(:'user_password_expiration_action') + self.user_password_expiration_action = attributes[:'user_password_expiration_action'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name && + user_lockout_action == o.user_lockout_action && + user_password_expiration_action == o.user_password_expiration_action + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name, user_lockout_action, user_password_expiration_action].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_12.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_12.rb new file mode 100644 index 0000000..62eb7ab --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_12.rb @@ -0,0 +1,226 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse20012 + attr_accessor :skip_token + + attr_accessor :top + + attr_accessor :users + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'skip_token' => :'skipToken', + :'top' => :'top', + :'users' => :'users' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'skip_token' => :'Object', + :'top' => :'Object', + :'users' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse20012` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse20012`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'skip_token') + self.skip_token = attributes[:'skip_token'] + end + + if attributes.key?(:'top') + self.top = attributes[:'top'] + end + + if attributes.key?(:'users') + if (value = attributes[:'users']).is_a?(Array) + self.users = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + skip_token == o.skip_token && + top == o.top && + users == o.users + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [skip_token, top, users].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_12_users.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_12_users.rb new file mode 100644 index 0000000..59b8345 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_12_users.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse20012Users + attr_accessor :given_name + + attr_accessor :id + + attr_accessor :surname + + attr_accessor :user_principal_name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'given_name' => :'givenName', + :'id' => :'id', + :'surname' => :'surname', + :'user_principal_name' => :'userPrincipalName' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'given_name' => :'Object', + :'id' => :'Object', + :'surname' => :'Object', + :'user_principal_name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse20012Users` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse20012Users`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'given_name') + self.given_name = attributes[:'given_name'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'surname') + self.surname = attributes[:'surname'] + end + + if attributes.key?(:'user_principal_name') + self.user_principal_name = attributes[:'user_principal_name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + given_name == o.given_name && + id == o.id && + surname == o.surname && + user_principal_name == o.user_principal_name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [given_name, id, surname, user_principal_name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_13.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_13.rb new file mode 100644 index 0000000..9ccd538 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_13.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse20013 + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse20013` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse20013`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_14.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_14.rb new file mode 100644 index 0000000..9258615 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_14.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse20014 + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse20014` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse20014`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + self.records = attributes[:'records'] + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_15.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_15.rb new file mode 100644 index 0000000..cc0dcf6 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_15.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse20015 + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse20015` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse20015`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_2.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_2.rb new file mode 100644 index 0000000..077cbb7 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_2.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse2002 + attr_accessor :next_page_token + + attr_accessor :users + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'next_page_token' => :'nextPageToken', + :'users' => :'users' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'next_page_token' => :'Object', + :'users' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse2002` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse2002`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'next_page_token') + self.next_page_token = attributes[:'next_page_token'] + end + + if attributes.key?(:'users') + if (value = attributes[:'users']).is_a?(Array) + self.users = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + next_page_token == o.next_page_token && + users == o.users + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [next_page_token, users].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_2_users.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_2_users.rb new file mode 100644 index 0000000..9ef4d7d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_2_users.rb @@ -0,0 +1,242 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse2002Users + attr_accessor :family_name + + attr_accessor :given_name + + attr_accessor :id + + attr_accessor :primary_email + + attr_accessor :thumbnail_photo_url + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'family_name' => :'familyName', + :'given_name' => :'givenName', + :'id' => :'id', + :'primary_email' => :'primaryEmail', + :'thumbnail_photo_url' => :'thumbnailPhotoUrl' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'family_name' => :'Object', + :'given_name' => :'Object', + :'id' => :'Object', + :'primary_email' => :'Object', + :'thumbnail_photo_url' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse2002Users` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse2002Users`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'family_name') + self.family_name = attributes[:'family_name'] + end + + if attributes.key?(:'given_name') + self.given_name = attributes[:'given_name'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'primary_email') + self.primary_email = attributes[:'primary_email'] + end + + if attributes.key?(:'thumbnail_photo_url') + self.thumbnail_photo_url = attributes[:'thumbnail_photo_url'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + family_name == o.family_name && + given_name == o.given_name && + id == o.id && + primary_email == o.primary_email && + thumbnail_photo_url == o.thumbnail_photo_url + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [family_name, given_name, id, primary_email, thumbnail_photo_url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_3.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_3.rb new file mode 100644 index 0000000..afe2fc2 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_3.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse2003 + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse2003` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse2003`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_4.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_4.rb new file mode 100644 index 0000000..392d270 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_4.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse2004 + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse2004` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse2004`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_5.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_5.rb new file mode 100644 index 0000000..d4e7519 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_5.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse2005 + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse2005` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse2005`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_6.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_6.rb new file mode 100644 index 0000000..87893b6 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_6.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse2006 + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse2006` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse2006`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_7.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_7.rb new file mode 100644 index 0000000..347235d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_7.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse2007 + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse2007` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse2007`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_8.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_8.rb new file mode 100644 index 0000000..1caa7dc --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_8.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse2008 + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse2008` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse2008`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_200_9.rb b/jcapiv2/lib/jcapiv2/models/inline_response_200_9.rb new file mode 100644 index 0000000..fc86086 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/inline_response_200_9.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InlineResponse2009 + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse2009` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse2009`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_201.rb b/jcapiv2/lib/jcapiv2/models/inline_response_201.rb index 6d47734..578540d 100644 --- a/jcapiv2/lib/jcapiv2/models/inline_response_201.rb +++ b/jcapiv2/lib/jcapiv2/models/inline_response_201.rb @@ -1,70 +1,77 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class InlineResponse201 - attr_accessor :apple_mdm - - attr_accessor :signed_csr_plist - + # The identifier of the created integration + attr_accessor :integration_id # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { - :'apple_mdm' => :'appleMdm', - :'signed_csr_plist' => :'signedCsrPlist' + :'integration_id' => :'integrationId' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'apple_mdm' => :'AppleMDM', - :'signed_csr_plist' => :'String' + :'integration_id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'appleMdm') - self.apple_mdm = attributes[:'appleMdm'] + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse201` initialize method" end - if attributes.has_key?(:'signedCsrPlist') - self.signed_csr_plist = attributes[:'signedCsrPlist'] - end + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse201`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + if attributes.key?(:'integration_id') + self.integration_id = attributes[:'integration_id'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + if @integration_id.nil? + invalid_properties.push('invalid value for "integration_id", integration_id cannot be nil.') + end + + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + return false if @integration_id.nil? + true end # Checks equality by comparing each attribute. @@ -72,8 +79,7 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && - apple_mdm == o.apple_mdm && - signed_csr_plist == o.signed_csr_plist + integration_id == o.integration_id end # @see the `==` method @@ -83,9 +89,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [apple_mdm, signed_csr_plist].hash + [integration_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -93,16 +106,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +139,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +160,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -168,7 +182,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +198,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +208,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/inline_response_400.rb b/jcapiv2/lib/jcapiv2/models/inline_response_400.rb index d16ecfa..f4a17bc 100644 --- a/jcapiv2/lib/jcapiv2/models/inline_response_400.rb +++ b/jcapiv2/lib/jcapiv2/models/inline_response_400.rb @@ -1,23 +1,20 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class InlineResponse400 attr_accessor :message - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -26,37 +23,49 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'message' => :'String' + :'message' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::InlineResponse400` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::InlineResponse400`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'message') + if attributes.key?(:'message') self.message = attributes[:'message'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -74,26 +83,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [message].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -115,7 +133,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -136,8 +154,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -159,7 +176,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -171,7 +192,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -181,8 +202,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/install_action_type.rb b/jcapiv2/lib/jcapiv2/models/install_action_type.rb new file mode 100644 index 0000000..0d602c0 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/install_action_type.rb @@ -0,0 +1,30 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class InstallActionType + DOWNLOAD_ONLY = 'DOWNLOAD_ONLY'.freeze + INSTALL_LATER = 'INSTALL_LATER'.freeze + INSTALL_ASAP = 'INSTALL_ASAP'.freeze + INSTALL_FORCE_RESTART = 'INSTALL_FORCE_RESTART'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = InstallActionType.constants.select { |c| InstallActionType::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #InstallActionType" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/integration.rb b/jcapiv2/lib/jcapiv2/models/integration.rb new file mode 100644 index 0000000..96aa0c3 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/integration.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # An integration. + class Integration + # Unique identifier for this integration + attr_accessor :integration_id + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'integration_id' => :'integrationId', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'integration_id' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Integration` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Integration`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'integration_id') + self.integration_id = attributes[:'integration_id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + integration_id == o.integration_id && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [integration_id, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/integration_sync_error.rb b/jcapiv2/lib/jcapiv2/models/integration_sync_error.rb new file mode 100644 index 0000000..959ec21 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/integration_sync_error.rb @@ -0,0 +1,254 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Integration sync error details + class IntegrationSyncError + attr_accessor :error_type + + attr_accessor :message + + attr_accessor :org_id + + attr_accessor :timestamp + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'error_type' => :'errorType', + :'message' => :'message', + :'org_id' => :'orgId', + :'timestamp' => :'timestamp' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'error_type' => :'Object', + :'message' => :'Object', + :'org_id' => :'Object', + :'timestamp' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::IntegrationSyncError` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::IntegrationSyncError`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'error_type') + self.error_type = attributes[:'error_type'] + end + + if attributes.key?(:'message') + self.message = attributes[:'message'] + end + + if attributes.key?(:'org_id') + self.org_id = attributes[:'org_id'] + end + + if attributes.key?(:'timestamp') + self.timestamp = attributes[:'timestamp'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @error_type.nil? + invalid_properties.push('invalid value for "error_type", error_type cannot be nil.') + end + + if @message.nil? + invalid_properties.push('invalid value for "message", message cannot be nil.') + end + + if @org_id.nil? + invalid_properties.push('invalid value for "org_id", org_id cannot be nil.') + end + + if @timestamp.nil? + invalid_properties.push('invalid value for "timestamp", timestamp cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @error_type.nil? + return false if @message.nil? + return false if @org_id.nil? + return false if @timestamp.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + error_type == o.error_type && + message == o.message && + org_id == o.org_id && + timestamp == o.timestamp + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [error_type, message, org_id, timestamp].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/integration_sync_error_resp.rb b/jcapiv2/lib/jcapiv2/models/integration_sync_error_resp.rb new file mode 100644 index 0000000..c61a74e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/integration_sync_error_resp.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Response for retrieving integrations sync errors + class IntegrationSyncErrorResp + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::IntegrationSyncErrorResp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::IntegrationSyncErrorResp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/integration_type.rb b/jcapiv2/lib/jcapiv2/models/integration_type.rb new file mode 100644 index 0000000..ace6ea6 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/integration_type.rb @@ -0,0 +1,29 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class IntegrationType + AUTOTASK = 'autotask'.freeze + CONNECTWISE = 'connectwise'.freeze + SYNCRO = 'syncro'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = IntegrationType.constants.select { |c| IntegrationType::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #IntegrationType" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/integrations_response.rb b/jcapiv2/lib/jcapiv2/models/integrations_response.rb new file mode 100644 index 0000000..87bcb4c --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/integrations_response.rb @@ -0,0 +1,218 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Response for retrieving integrations. + class IntegrationsResponse + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::IntegrationsResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::IntegrationsResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/ip_list.rb b/jcapiv2/lib/jcapiv2/models/ip_list.rb new file mode 100644 index 0000000..a14cb82 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/ip_list.rb @@ -0,0 +1,235 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class IPList + attr_accessor :description + + attr_accessor :id + + attr_accessor :ips + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'description' => :'description', + :'id' => :'id', + :'ips' => :'ips', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'description' => :'Object', + :'id' => :'Object', + :'ips' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::IPList` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::IPList`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'ips') + if (value = attributes[:'ips']).is_a?(Array) + self.ips = value + end + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + description == o.description && + id == o.id && + ips == o.ips && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [description, id, ips, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/ip_list_request.rb b/jcapiv2/lib/jcapiv2/models/ip_list_request.rb new file mode 100644 index 0000000..7596d69 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/ip_list_request.rb @@ -0,0 +1,226 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class IPListRequest + attr_accessor :description + + attr_accessor :ips + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'description' => :'description', + :'ips' => :'ips', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'description' => :'Object', + :'ips' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::IPListRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::IPListRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'ips') + if (value = attributes[:'ips']).is_a?(Array) + self.ips = value + end + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + description == o.description && + ips == o.ips && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [description, ips, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jc_enrollment_profile.rb b/jcapiv2/lib/jcapiv2/models/jc_enrollment_profile.rb deleted file mode 100644 index cc0a444..0000000 --- a/jcapiv2/lib/jcapiv2/models/jc_enrollment_profile.rb +++ /dev/null @@ -1,228 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class JcEnrollmentProfile - attr_accessor :groups - - attr_accessor :id - - attr_accessor :name - - attr_accessor :organization - - attr_accessor :users - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'groups' => :'groups', - :'id' => :'id', - :'name' => :'name', - :'organization' => :'organization', - :'users' => :'users' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'groups' => :'Array', - :'id' => :'String', - :'name' => :'String', - :'organization' => :'String', - :'users' => :'Array' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'groups') - if (value = attributes[:'groups']).is_a?(Array) - self.groups = value - end - end - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'organization') - self.organization = attributes[:'organization'] - end - - if attributes.has_key?(:'users') - if (value = attributes[:'users']).is_a?(Array) - self.users = value - end - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - groups == o.groups && - id == o.id && - name == o.name && - organization == o.organization && - users == o.users - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [groups, id, name, organization, users].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/job_details.rb b/jcapiv2/lib/jcapiv2/models/job_details.rb deleted file mode 100644 index 9169332..0000000 --- a/jcapiv2/lib/jcapiv2/models/job_details.rb +++ /dev/null @@ -1,253 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class JobDetails - attr_accessor :admin_id - - attr_accessor :id - - attr_accessor :meta - - attr_accessor :name - - attr_accessor :persisted_fields - - attr_accessor :status - - attr_accessor :updated_at - - attr_accessor :work_units_count - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'admin_id' => :'adminId', - :'id' => :'id', - :'meta' => :'meta', - :'name' => :'name', - :'persisted_fields' => :'persistedFields', - :'status' => :'status', - :'updated_at' => :'updatedAt', - :'work_units_count' => :'workUnitsCount' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'admin_id' => :'String', - :'id' => :'String', - :'meta' => :'Object', - :'name' => :'String', - :'persisted_fields' => :'Array', - :'status' => :'String', - :'updated_at' => :'String', - :'work_units_count' => :'Integer' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'adminId') - self.admin_id = attributes[:'adminId'] - end - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'meta') - self.meta = attributes[:'meta'] - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'persistedFields') - if (value = attributes[:'persistedFields']).is_a?(Array) - self.persisted_fields = value - end - end - - if attributes.has_key?(:'status') - self.status = attributes[:'status'] - end - - if attributes.has_key?(:'updatedAt') - self.updated_at = attributes[:'updatedAt'] - end - - if attributes.has_key?(:'workUnitsCount') - self.work_units_count = attributes[:'workUnitsCount'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - admin_id == o.admin_id && - id == o.id && - meta == o.meta && - name == o.name && - persisted_fields == o.persisted_fields && - status == o.status && - updated_at == o.updated_at && - work_units_count == o.work_units_count - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [admin_id, id, meta, name, persisted_fields, status, updated_at, work_units_count].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/job_id.rb b/jcapiv2/lib/jcapiv2/models/job_id.rb index 067dc8c..15ed4c5 100644 --- a/jcapiv2/lib/jcapiv2/models/job_id.rb +++ b/jcapiv2/lib/jcapiv2/models/job_id.rb @@ -1,23 +1,20 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class JobId attr_accessor :job_id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -26,37 +23,49 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'job_id' => :'String' + :'job_id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JobId` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JobId`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'jobId') - self.job_id = attributes[:'jobId'] + if attributes.key?(:'job_id') + self.job_id = attributes[:'job_id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -74,26 +83,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [job_id].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -115,7 +133,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -136,8 +154,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -159,7 +176,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -171,7 +192,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -181,8 +202,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/job_workresult.rb b/jcapiv2/lib/jcapiv2/models/job_workresult.rb index 89d52e6..dce5daa 100644 --- a/jcapiv2/lib/jcapiv2/models/job_workresult.rb +++ b/jcapiv2/lib/jcapiv2/models/job_workresult.rb @@ -1,62 +1,119 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class JobWorkresult + attr_accessor :created_at + + attr_accessor :id + attr_accessor :meta + attr_accessor :persisted_fields + + attr_accessor :status + + attr_accessor :status_msg + + attr_accessor :updated_at # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { - :'meta' => :'meta' + :'created_at' => :'createdAt', + :'id' => :'id', + :'meta' => :'meta', + :'persisted_fields' => :'persistedFields', + :'status' => :'status', + :'status_msg' => :'statusMsg', + :'updated_at' => :'updatedAt' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'meta' => :'Object' + :'created_at' => :'Object', + :'id' => :'Object', + :'meta' => :'Object', + :'persisted_fields' => :'Object', + :'status' => :'Object', + :'status_msg' => :'Object', + :'updated_at' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JobWorkresult` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JobWorkresult`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'created_at') + self.created_at = attributes[:'created_at'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end - if attributes.has_key?(:'meta') + if attributes.key?(:'meta') self.meta = attributes[:'meta'] end + if attributes.key?(:'persisted_fields') + self.persisted_fields = attributes[:'persisted_fields'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'status_msg') + self.status_msg = attributes[:'status_msg'] + end + + if attributes.key?(:'updated_at') + self.updated_at = attributes[:'updated_at'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -64,7 +121,13 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && - meta == o.meta + created_at == o.created_at && + id == o.id && + meta == o.meta && + persisted_fields == o.persisted_fields && + status == o.status && + status_msg == o.status_msg && + updated_at == o.updated_at end # @see the `==` method @@ -74,9 +137,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [meta].hash + [created_at, id, meta, persisted_fields, status, status_msg, updated_at].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -84,16 +154,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -115,7 +187,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -136,8 +208,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -159,7 +230,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -171,7 +246,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -181,8 +256,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain.rb new file mode 100644 index 0000000..3f6989a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain.rb @@ -0,0 +1,237 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGappsDomain + # Unique identifier of the GSuite. + attr_accessor :account_object_id + + # Suggests if the domain is default + attr_accessor :default + + # name of the domain + attr_accessor :domain + + # Unique identifier of the Domain. + attr_accessor :object_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'account_object_id' => :'accountObjectId', + :'default' => :'default', + :'domain' => :'domain', + :'object_id' => :'objectId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'account_object_id' => :'Object', + :'default' => :'Object', + :'domain' => :'Object', + :'object_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGappsDomain` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGappsDomain`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'account_object_id') + self.account_object_id = attributes[:'account_object_id'] + end + + if attributes.key?(:'default') + self.default = attributes[:'default'] + end + + if attributes.key?(:'domain') + self.domain = attributes[:'domain'] + end + + if attributes.key?(:'object_id') + self.object_id = attributes[:'object_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + account_object_id == o.account_object_id && + default == o.default && + domain == o.domain && + object_id == o.object_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [account_object_id, default, domain, object_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain_list_response.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain_list_response.rb new file mode 100644 index 0000000..8553de3 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain_list_response.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGappsDomainListResponse + attr_accessor :domains + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'domains' => :'domains', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'domains' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGappsDomainListResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGappsDomainListResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'domains') + if (value = attributes[:'domains']).is_a?(Array) + self.domains = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + domains == o.domains && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [domains, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain_response.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain_response.rb new file mode 100644 index 0000000..d7e9092 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_gapps_domain_response.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGappsDomainResponse + attr_accessor :domain + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'domain' => :'domain' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'domain' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGappsDomainResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGappsDomainResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'domain') + self.domain = attributes[:'domain'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + domain == o.domain + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [domain].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_allow_personal_usage.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_allow_personal_usage.rb new file mode 100644 index 0000000..e63cecb --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_allow_personal_usage.rb @@ -0,0 +1,29 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmAllowPersonalUsage + PERSONAL_USAGE_ALLOWED = 'PERSONAL_USAGE_ALLOWED'.freeze + PERSONAL_USAGE_DISALLOWED = 'PERSONAL_USAGE_DISALLOWED'.freeze + DEDICATED_DEVICE = 'DEDICATED_DEVICE'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = JumpcloudGoogleEmmAllowPersonalUsage.constants.select { |c| JumpcloudGoogleEmmAllowPersonalUsage::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #JumpcloudGoogleEmmAllowPersonalUsage" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_command_response.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_command_response.rb new file mode 100644 index 0000000..88e0313 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_command_response.rb @@ -0,0 +1,197 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmCommandResponse + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + } + end + + # Attribute type mapping. + def self.openapi_types + { + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmCommandResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmCommandResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_common_criteria_mode_info.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_common_criteria_mode_info.rb new file mode 100644 index 0000000..c2e5d25 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_common_criteria_mode_info.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmCommonCriteriaModeInfo + attr_accessor :common_criteria_mode_status + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'common_criteria_mode_status' => :'commonCriteriaModeStatus' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'common_criteria_mode_status' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmCommonCriteriaModeInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmCommonCriteriaModeInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'common_criteria_mode_status') + self.common_criteria_mode_status = attributes[:'common_criteria_mode_status'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + common_criteria_mode_status == o.common_criteria_mode_status + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [common_criteria_mode_status].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_connection_status.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_connection_status.rb new file mode 100644 index 0000000..015537d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_connection_status.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmConnectionStatus + attr_accessor :enterprise_id + + attr_accessor :is_connected + + attr_accessor :organization_object_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'enterprise_id' => :'enterpriseId', + :'is_connected' => :'isConnected', + :'organization_object_id' => :'organizationObjectId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'enterprise_id' => :'Object', + :'is_connected' => :'Object', + :'organization_object_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmConnectionStatus` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmConnectionStatus`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'enterprise_id') + self.enterprise_id = attributes[:'enterprise_id'] + end + + if attributes.key?(:'is_connected') + self.is_connected = attributes[:'is_connected'] + end + + if attributes.key?(:'organization_object_id') + self.organization_object_id = attributes[:'organization_object_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enterprise_id == o.enterprise_id && + is_connected == o.is_connected && + organization_object_id == o.organization_object_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [enterprise_id, is_connected, organization_object_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enrollment_token_request.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enrollment_token_request.rb new file mode 100644 index 0000000..c8c9c40 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enrollment_token_request.rb @@ -0,0 +1,242 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmCreateEnrollmentTokenRequest + attr_accessor :allow_personal_usage + + attr_accessor :enterprise_object_id + + attr_accessor :one_time_only + + attr_accessor :user_object_id + + attr_accessor :zero_touch + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'allow_personal_usage' => :'allowPersonalUsage', + :'enterprise_object_id' => :'enterpriseObjectId', + :'one_time_only' => :'oneTimeOnly', + :'user_object_id' => :'userObjectId', + :'zero_touch' => :'zeroTouch' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'allow_personal_usage' => :'Object', + :'enterprise_object_id' => :'Object', + :'one_time_only' => :'Object', + :'user_object_id' => :'Object', + :'zero_touch' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'allow_personal_usage') + self.allow_personal_usage = attributes[:'allow_personal_usage'] + end + + if attributes.key?(:'enterprise_object_id') + self.enterprise_object_id = attributes[:'enterprise_object_id'] + end + + if attributes.key?(:'one_time_only') + self.one_time_only = attributes[:'one_time_only'] + end + + if attributes.key?(:'user_object_id') + self.user_object_id = attributes[:'user_object_id'] + end + + if attributes.key?(:'zero_touch') + self.zero_touch = attributes[:'zero_touch'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + allow_personal_usage == o.allow_personal_usage && + enterprise_object_id == o.enterprise_object_id && + one_time_only == o.one_time_only && + user_object_id == o.user_object_id && + zero_touch == o.zero_touch + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [allow_personal_usage, enterprise_object_id, one_time_only, user_object_id, zero_touch].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enrollment_token_response.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enrollment_token_response.rb new file mode 100644 index 0000000..33da975 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enrollment_token_response.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmCreateEnrollmentTokenResponse + attr_accessor :enrollment_link + + attr_accessor :expiration_time + + attr_accessor :metadata + + attr_accessor :name + + attr_accessor :qr_code_image + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'enrollment_link' => :'enrollmentLink', + :'expiration_time' => :'expirationTime', + :'metadata' => :'metadata', + :'name' => :'name', + :'qr_code_image' => :'qrCodeImage', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'enrollment_link' => :'Object', + :'expiration_time' => :'Object', + :'metadata' => :'Object', + :'name' => :'Object', + :'qr_code_image' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'enrollment_link') + self.enrollment_link = attributes[:'enrollment_link'] + end + + if attributes.key?(:'expiration_time') + self.expiration_time = attributes[:'expiration_time'] + end + + if attributes.key?(:'metadata') + self.metadata = attributes[:'metadata'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'qr_code_image') + self.qr_code_image = attributes[:'qr_code_image'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enrollment_link == o.enrollment_link && + expiration_time == o.expiration_time && + metadata == o.metadata && + name == o.name && + qr_code_image == o.qr_code_image && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [enrollment_link, expiration_time, metadata, name, qr_code_image, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enterprise_request.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enterprise_request.rb new file mode 100644 index 0000000..3ad8788 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_enterprise_request.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmCreateEnterpriseRequest + attr_accessor :enrollment_token + + attr_accessor :signup_url_name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'enrollment_token' => :'enrollmentToken', + :'signup_url_name' => :'signupUrlName' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'enrollment_token' => :'Object', + :'signup_url_name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmCreateEnterpriseRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmCreateEnterpriseRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'enrollment_token') + self.enrollment_token = attributes[:'enrollment_token'] + end + + if attributes.key?(:'signup_url_name') + self.signup_url_name = attributes[:'signup_url_name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enrollment_token == o.enrollment_token && + signup_url_name == o.signup_url_name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [enrollment_token, signup_url_name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_web_token_request.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_web_token_request.rb new file mode 100644 index 0000000..4ecf5c8 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_create_web_token_request.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmCreateWebTokenRequest + attr_accessor :enterprise_object_id + + attr_accessor :iframe_feature + + attr_accessor :parent_frame_url + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'enterprise_object_id' => :'enterpriseObjectId', + :'iframe_feature' => :'iframeFeature', + :'parent_frame_url' => :'parentFrameUrl' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'enterprise_object_id' => :'Object', + :'iframe_feature' => :'Object', + :'parent_frame_url' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmCreateWebTokenRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmCreateWebTokenRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'enterprise_object_id') + self.enterprise_object_id = attributes[:'enterprise_object_id'] + end + + if attributes.key?(:'iframe_feature') + self.iframe_feature = attributes[:'iframe_feature'] + end + + if attributes.key?(:'parent_frame_url') + self.parent_frame_url = attributes[:'parent_frame_url'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enterprise_object_id == o.enterprise_object_id && + iframe_feature == o.iframe_feature && + parent_frame_url == o.parent_frame_url + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [enterprise_object_id, iframe_feature, parent_frame_url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device.rb new file mode 100644 index 0000000..bc50813 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmDevice + attr_accessor :device_id + + attr_accessor :device_information + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'device_id' => :'deviceId', + :'device_information' => :'deviceInformation', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'device_id' => :'Object', + :'device_information' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmDevice` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmDevice`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'device_id') + self.device_id = attributes[:'device_id'] + end + + if attributes.key?(:'device_information') + self.device_information = attributes[:'device_information'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + device_id == o.device_id && + device_information == o.device_information && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [device_id, device_information, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_android_policy.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_android_policy.rb new file mode 100644 index 0000000..9f54b6b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_android_policy.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmDeviceAndroidPolicy + attr_accessor :policy + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'policy' => :'policy' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'policy' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmDeviceAndroidPolicy` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmDeviceAndroidPolicy`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'policy') + self.policy = attributes[:'policy'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + policy == o.policy + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [policy].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_data.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_data.rb new file mode 100644 index 0000000..cc56158 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_data.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmDeviceData + attr_accessor :device_id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'device_id' => :'deviceId', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'device_id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmDeviceData` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmDeviceData`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'device_id') + self.device_id = attributes[:'device_id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + device_id == o.device_id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [device_id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_information.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_information.rb new file mode 100644 index 0000000..44e3407 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_information.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmDeviceInformation + attr_accessor :device_state_info + + attr_accessor :emm_enrollment_info + + attr_accessor :hardware_info + + attr_accessor :memory_info + + attr_accessor :network_info + + attr_accessor :software_info + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'device_state_info' => :'deviceStateInfo', + :'emm_enrollment_info' => :'emmEnrollmentInfo', + :'hardware_info' => :'hardwareInfo', + :'memory_info' => :'memoryInfo', + :'network_info' => :'networkInfo', + :'software_info' => :'softwareInfo' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'device_state_info' => :'Object', + :'emm_enrollment_info' => :'Object', + :'hardware_info' => :'Object', + :'memory_info' => :'Object', + :'network_info' => :'Object', + :'software_info' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmDeviceInformation` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmDeviceInformation`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'device_state_info') + self.device_state_info = attributes[:'device_state_info'] + end + + if attributes.key?(:'emm_enrollment_info') + self.emm_enrollment_info = attributes[:'emm_enrollment_info'] + end + + if attributes.key?(:'hardware_info') + self.hardware_info = attributes[:'hardware_info'] + end + + if attributes.key?(:'memory_info') + self.memory_info = attributes[:'memory_info'] + end + + if attributes.key?(:'network_info') + self.network_info = attributes[:'network_info'] + end + + if attributes.key?(:'software_info') + self.software_info = attributes[:'software_info'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + device_state_info == o.device_state_info && + emm_enrollment_info == o.emm_enrollment_info && + hardware_info == o.hardware_info && + memory_info == o.memory_info && + network_info == o.network_info && + software_info == o.software_info + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [device_state_info, emm_enrollment_info, hardware_info, memory_info, network_info, software_info].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_settings.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_settings.rb new file mode 100644 index 0000000..b1460f5 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_settings.rb @@ -0,0 +1,260 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmDeviceSettings + attr_accessor :adb_enabled + + attr_accessor :development_settings_enabled + + attr_accessor :encryption_status + + attr_accessor :is_device_secure + + attr_accessor :is_encrypted + + attr_accessor :unknown_sources_enabled + + attr_accessor :verify_apps_enabled + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'adb_enabled' => :'adbEnabled', + :'development_settings_enabled' => :'developmentSettingsEnabled', + :'encryption_status' => :'encryptionStatus', + :'is_device_secure' => :'isDeviceSecure', + :'is_encrypted' => :'isEncrypted', + :'unknown_sources_enabled' => :'unknownSourcesEnabled', + :'verify_apps_enabled' => :'verifyAppsEnabled' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'adb_enabled' => :'Object', + :'development_settings_enabled' => :'Object', + :'encryption_status' => :'Object', + :'is_device_secure' => :'Object', + :'is_encrypted' => :'Object', + :'unknown_sources_enabled' => :'Object', + :'verify_apps_enabled' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmDeviceSettings` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmDeviceSettings`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'adb_enabled') + self.adb_enabled = attributes[:'adb_enabled'] + end + + if attributes.key?(:'development_settings_enabled') + self.development_settings_enabled = attributes[:'development_settings_enabled'] + end + + if attributes.key?(:'encryption_status') + self.encryption_status = attributes[:'encryption_status'] + end + + if attributes.key?(:'is_device_secure') + self.is_device_secure = attributes[:'is_device_secure'] + end + + if attributes.key?(:'is_encrypted') + self.is_encrypted = attributes[:'is_encrypted'] + end + + if attributes.key?(:'unknown_sources_enabled') + self.unknown_sources_enabled = attributes[:'unknown_sources_enabled'] + end + + if attributes.key?(:'verify_apps_enabled') + self.verify_apps_enabled = attributes[:'verify_apps_enabled'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + adb_enabled == o.adb_enabled && + development_settings_enabled == o.development_settings_enabled && + encryption_status == o.encryption_status && + is_device_secure == o.is_device_secure && + is_encrypted == o.is_encrypted && + unknown_sources_enabled == o.unknown_sources_enabled && + verify_apps_enabled == o.verify_apps_enabled + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [adb_enabled, development_settings_enabled, encryption_status, is_device_secure, is_encrypted, unknown_sources_enabled, verify_apps_enabled].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_state_info.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_state_info.rb new file mode 100644 index 0000000..0a21361 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_device_state_info.rb @@ -0,0 +1,278 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmDeviceStateInfo + attr_accessor :applied_device_state + + attr_accessor :common_criteria_mode_info + + attr_accessor :device_settings + + attr_accessor :device_state + + attr_accessor :disabled_reason + + attr_accessor :last_policy_sync_time + + attr_accessor :last_status_report_time + + attr_accessor :policy_compliant + + attr_accessor :security_posture + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'applied_device_state' => :'appliedDeviceState', + :'common_criteria_mode_info' => :'commonCriteriaModeInfo', + :'device_settings' => :'deviceSettings', + :'device_state' => :'deviceState', + :'disabled_reason' => :'disabledReason', + :'last_policy_sync_time' => :'lastPolicySyncTime', + :'last_status_report_time' => :'lastStatusReportTime', + :'policy_compliant' => :'policyCompliant', + :'security_posture' => :'securityPosture' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'applied_device_state' => :'Object', + :'common_criteria_mode_info' => :'Object', + :'device_settings' => :'Object', + :'device_state' => :'Object', + :'disabled_reason' => :'Object', + :'last_policy_sync_time' => :'Object', + :'last_status_report_time' => :'Object', + :'policy_compliant' => :'Object', + :'security_posture' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmDeviceStateInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmDeviceStateInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'applied_device_state') + self.applied_device_state = attributes[:'applied_device_state'] + end + + if attributes.key?(:'common_criteria_mode_info') + self.common_criteria_mode_info = attributes[:'common_criteria_mode_info'] + end + + if attributes.key?(:'device_settings') + self.device_settings = attributes[:'device_settings'] + end + + if attributes.key?(:'device_state') + self.device_state = attributes[:'device_state'] + end + + if attributes.key?(:'disabled_reason') + self.disabled_reason = attributes[:'disabled_reason'] + end + + if attributes.key?(:'last_policy_sync_time') + self.last_policy_sync_time = attributes[:'last_policy_sync_time'] + end + + if attributes.key?(:'last_status_report_time') + self.last_status_report_time = attributes[:'last_status_report_time'] + end + + if attributes.key?(:'policy_compliant') + self.policy_compliant = attributes[:'policy_compliant'] + end + + if attributes.key?(:'security_posture') + self.security_posture = attributes[:'security_posture'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + applied_device_state == o.applied_device_state && + common_criteria_mode_info == o.common_criteria_mode_info && + device_settings == o.device_settings && + device_state == o.device_state && + disabled_reason == o.disabled_reason && + last_policy_sync_time == o.last_policy_sync_time && + last_status_report_time == o.last_status_report_time && + policy_compliant == o.policy_compliant && + security_posture == o.security_posture + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [applied_device_state, common_criteria_mode_info, device_settings, device_state, disabled_reason, last_policy_sync_time, last_status_report_time, policy_compliant, security_posture].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_emm_enrollment_info.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_emm_enrollment_info.rb new file mode 100644 index 0000000..f0eb5d3 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_emm_enrollment_info.rb @@ -0,0 +1,260 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmEMMEnrollmentInfo + attr_accessor :applied_policy_name + + attr_accessor :applied_policy_version + + attr_accessor :enrollment_time + + attr_accessor :enrollment_type + + attr_accessor :management_mode + + attr_accessor :ownership + + attr_accessor :policy_name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'applied_policy_name' => :'appliedPolicyName', + :'applied_policy_version' => :'appliedPolicyVersion', + :'enrollment_time' => :'enrollmentTime', + :'enrollment_type' => :'enrollmentType', + :'management_mode' => :'managementMode', + :'ownership' => :'ownership', + :'policy_name' => :'policyName' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'applied_policy_name' => :'Object', + :'applied_policy_version' => :'Object', + :'enrollment_time' => :'Object', + :'enrollment_type' => :'Object', + :'management_mode' => :'Object', + :'ownership' => :'Object', + :'policy_name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmEMMEnrollmentInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmEMMEnrollmentInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'applied_policy_name') + self.applied_policy_name = attributes[:'applied_policy_name'] + end + + if attributes.key?(:'applied_policy_version') + self.applied_policy_version = attributes[:'applied_policy_version'] + end + + if attributes.key?(:'enrollment_time') + self.enrollment_time = attributes[:'enrollment_time'] + end + + if attributes.key?(:'enrollment_type') + self.enrollment_type = attributes[:'enrollment_type'] + end + + if attributes.key?(:'management_mode') + self.management_mode = attributes[:'management_mode'] + end + + if attributes.key?(:'ownership') + self.ownership = attributes[:'ownership'] + end + + if attributes.key?(:'policy_name') + self.policy_name = attributes[:'policy_name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + applied_policy_name == o.applied_policy_name && + applied_policy_version == o.applied_policy_version && + enrollment_time == o.enrollment_time && + enrollment_type == o.enrollment_type && + management_mode == o.management_mode && + ownership == o.ownership && + policy_name == o.policy_name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [applied_policy_name, applied_policy_version, enrollment_time, enrollment_type, management_mode, ownership, policy_name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_enterprise.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_enterprise.rb new file mode 100644 index 0000000..8083fc9 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_enterprise.rb @@ -0,0 +1,270 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmEnterprise + attr_accessor :allow_device_enrollment + + # not logging because it contains PII non-sensitive information. + attr_accessor :contact_email + + attr_accessor :created_at + + attr_accessor :device_group_id + + attr_accessor :display_name + + attr_accessor :name + + attr_accessor :object_id + + attr_accessor :organization_object_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'allow_device_enrollment' => :'allowDeviceEnrollment', + :'contact_email' => :'contactEmail', + :'created_at' => :'createdAt', + :'device_group_id' => :'deviceGroupId', + :'display_name' => :'displayName', + :'name' => :'name', + :'object_id' => :'objectId', + :'organization_object_id' => :'organizationObjectId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'allow_device_enrollment' => :'Object', + :'contact_email' => :'Object', + :'created_at' => :'Object', + :'device_group_id' => :'Object', + :'display_name' => :'Object', + :'name' => :'Object', + :'object_id' => :'Object', + :'organization_object_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmEnterprise` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmEnterprise`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'allow_device_enrollment') + self.allow_device_enrollment = attributes[:'allow_device_enrollment'] + end + + if attributes.key?(:'contact_email') + self.contact_email = attributes[:'contact_email'] + end + + if attributes.key?(:'created_at') + self.created_at = attributes[:'created_at'] + end + + if attributes.key?(:'device_group_id') + self.device_group_id = attributes[:'device_group_id'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'object_id') + self.object_id = attributes[:'object_id'] + end + + if attributes.key?(:'organization_object_id') + self.organization_object_id = attributes[:'organization_object_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + allow_device_enrollment == o.allow_device_enrollment && + contact_email == o.contact_email && + created_at == o.created_at && + device_group_id == o.device_group_id && + display_name == o.display_name && + name == o.name && + object_id == o.object_id && + organization_object_id == o.organization_object_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [allow_device_enrollment, contact_email, created_at, device_group_id, display_name, name, object_id, organization_object_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_feature.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_feature.rb new file mode 100644 index 0000000..9e0a3e5 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_feature.rb @@ -0,0 +1,28 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmFeature + SOFTWARE_MANAGEMENT = 'SOFTWARE_MANAGEMENT'.freeze + ZERO_TOUCH_CUSTOMER_MANAGEMENT = 'ZERO_TOUCH_CUSTOMER_MANAGEMENT'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = JumpcloudGoogleEmmFeature.constants.select { |c| JumpcloudGoogleEmmFeature::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #JumpcloudGoogleEmmFeature" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_hardware_info.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_hardware_info.rb new file mode 100644 index 0000000..9b726b9 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_hardware_info.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmHardwareInfo + attr_accessor :brand + + attr_accessor :device_base_band_version + + attr_accessor :hardware + + attr_accessor :manufacturer + + attr_accessor :model + + attr_accessor :serial_number + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'brand' => :'brand', + :'device_base_band_version' => :'deviceBaseBandVersion', + :'hardware' => :'hardware', + :'manufacturer' => :'manufacturer', + :'model' => :'model', + :'serial_number' => :'serialNumber' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'brand' => :'Object', + :'device_base_band_version' => :'Object', + :'hardware' => :'Object', + :'manufacturer' => :'Object', + :'model' => :'Object', + :'serial_number' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmHardwareInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmHardwareInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'brand') + self.brand = attributes[:'brand'] + end + + if attributes.key?(:'device_base_band_version') + self.device_base_band_version = attributes[:'device_base_band_version'] + end + + if attributes.key?(:'hardware') + self.hardware = attributes[:'hardware'] + end + + if attributes.key?(:'manufacturer') + self.manufacturer = attributes[:'manufacturer'] + end + + if attributes.key?(:'model') + self.model = attributes[:'model'] + end + + if attributes.key?(:'serial_number') + self.serial_number = attributes[:'serial_number'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + brand == o.brand && + device_base_band_version == o.device_base_band_version && + hardware == o.hardware && + manufacturer == o.manufacturer && + model == o.model && + serial_number == o.serial_number + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [brand, device_base_band_version, hardware, manufacturer, model, serial_number].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_list_devices_response.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_list_devices_response.rb new file mode 100644 index 0000000..48d82eb --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_list_devices_response.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmListDevicesResponse + attr_accessor :count + + attr_accessor :devices + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'count' => :'count', + :'devices' => :'devices' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'count' => :'Object', + :'devices' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmListDevicesResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmListDevicesResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'count') + self.count = attributes[:'count'] + end + + if attributes.key?(:'devices') + if (value = attributes[:'devices']).is_a?(Array) + self.devices = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + count == o.count && + devices == o.devices + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [count, devices].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_list_enterprises_response.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_list_enterprises_response.rb new file mode 100644 index 0000000..81031f1 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_list_enterprises_response.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmListEnterprisesResponse + attr_accessor :count + + attr_accessor :enterprises + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'count' => :'count', + :'enterprises' => :'enterprises' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'count' => :'Object', + :'enterprises' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmListEnterprisesResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmListEnterprisesResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'count') + self.count = attributes[:'count'] + end + + if attributes.key?(:'enterprises') + if (value = attributes[:'enterprises']).is_a?(Array) + self.enterprises = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + count == o.count && + enterprises == o.enterprises + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [count, enterprises].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_memory_info.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_memory_info.rb new file mode 100644 index 0000000..1b1fab7 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_memory_info.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmMemoryInfo + attr_accessor :total_internal_storage + + attr_accessor :total_ram + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'total_internal_storage' => :'totalInternalStorage', + :'total_ram' => :'totalRam' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'total_internal_storage' => :'Object', + :'total_ram' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmMemoryInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmMemoryInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'total_internal_storage') + self.total_internal_storage = attributes[:'total_internal_storage'] + end + + if attributes.key?(:'total_ram') + self.total_ram = attributes[:'total_ram'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + total_internal_storage == o.total_internal_storage && + total_ram == o.total_ram + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [total_internal_storage, total_ram].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_network_info.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_network_info.rb new file mode 100644 index 0000000..db80e06 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_network_info.rb @@ -0,0 +1,238 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmNetworkInfo + # Not logging as it contains sensitive information. + attr_accessor :imei + + # Not logging as it contains sensitive information. + attr_accessor :meid + + attr_accessor :telephony_info + + # Not logging as it contains sensitive information. + attr_accessor :wifi_mac_address + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'imei' => :'imei', + :'meid' => :'meid', + :'telephony_info' => :'telephonyInfo', + :'wifi_mac_address' => :'wifiMacAddress' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'imei' => :'Object', + :'meid' => :'Object', + :'telephony_info' => :'Object', + :'wifi_mac_address' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmNetworkInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmNetworkInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'imei') + self.imei = attributes[:'imei'] + end + + if attributes.key?(:'meid') + self.meid = attributes[:'meid'] + end + + if attributes.key?(:'telephony_info') + if (value = attributes[:'telephony_info']).is_a?(Array) + self.telephony_info = value + end + end + + if attributes.key?(:'wifi_mac_address') + self.wifi_mac_address = attributes[:'wifi_mac_address'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + imei == o.imei && + meid == o.meid && + telephony_info == o.telephony_info && + wifi_mac_address == o.wifi_mac_address + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [imei, meid, telephony_info, wifi_mac_address].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_security_posture.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_security_posture.rb new file mode 100644 index 0000000..c2b2cb1 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_security_posture.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmSecurityPosture + attr_accessor :device_posture + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'device_posture' => :'devicePosture' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'device_posture' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmSecurityPosture` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmSecurityPosture`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'device_posture') + self.device_posture = attributes[:'device_posture'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + device_posture == o.device_posture + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [device_posture].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_signup_url.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_signup_url.rb new file mode 100644 index 0000000..9c74659 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_signup_url.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmSignupURL + attr_accessor :name + + attr_accessor :url + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'url' => :'url' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'url' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmSignupURL` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmSignupURL`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'url') + self.url = attributes[:'url'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + url == o.url + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_software_info.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_software_info.rb new file mode 100644 index 0000000..cb2d189 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_software_info.rb @@ -0,0 +1,287 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmSoftwareInfo + attr_accessor :android_build_number + + attr_accessor :android_build_time + + attr_accessor :android_device_policy_version_code + + attr_accessor :android_version + + attr_accessor :bootloader_version + + attr_accessor :device_build_signature + + attr_accessor :device_kernel_version + + attr_accessor :primary_language_code + + attr_accessor :security_patch_level + + attr_accessor :system_update_info + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'android_build_number' => :'androidBuildNumber', + :'android_build_time' => :'androidBuildTime', + :'android_device_policy_version_code' => :'androidDevicePolicyVersionCode', + :'android_version' => :'androidVersion', + :'bootloader_version' => :'bootloaderVersion', + :'device_build_signature' => :'deviceBuildSignature', + :'device_kernel_version' => :'deviceKernelVersion', + :'primary_language_code' => :'primaryLanguageCode', + :'security_patch_level' => :'securityPatchLevel', + :'system_update_info' => :'systemUpdateInfo' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'android_build_number' => :'Object', + :'android_build_time' => :'Object', + :'android_device_policy_version_code' => :'Object', + :'android_version' => :'Object', + :'bootloader_version' => :'Object', + :'device_build_signature' => :'Object', + :'device_kernel_version' => :'Object', + :'primary_language_code' => :'Object', + :'security_patch_level' => :'Object', + :'system_update_info' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmSoftwareInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmSoftwareInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'android_build_number') + self.android_build_number = attributes[:'android_build_number'] + end + + if attributes.key?(:'android_build_time') + self.android_build_time = attributes[:'android_build_time'] + end + + if attributes.key?(:'android_device_policy_version_code') + self.android_device_policy_version_code = attributes[:'android_device_policy_version_code'] + end + + if attributes.key?(:'android_version') + self.android_version = attributes[:'android_version'] + end + + if attributes.key?(:'bootloader_version') + self.bootloader_version = attributes[:'bootloader_version'] + end + + if attributes.key?(:'device_build_signature') + self.device_build_signature = attributes[:'device_build_signature'] + end + + if attributes.key?(:'device_kernel_version') + self.device_kernel_version = attributes[:'device_kernel_version'] + end + + if attributes.key?(:'primary_language_code') + self.primary_language_code = attributes[:'primary_language_code'] + end + + if attributes.key?(:'security_patch_level') + self.security_patch_level = attributes[:'security_patch_level'] + end + + if attributes.key?(:'system_update_info') + self.system_update_info = attributes[:'system_update_info'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + android_build_number == o.android_build_number && + android_build_time == o.android_build_time && + android_device_policy_version_code == o.android_device_policy_version_code && + android_version == o.android_version && + bootloader_version == o.bootloader_version && + device_build_signature == o.device_build_signature && + device_kernel_version == o.device_kernel_version && + primary_language_code == o.primary_language_code && + security_patch_level == o.security_patch_level && + system_update_info == o.system_update_info + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [android_build_number, android_build_time, android_device_policy_version_code, android_version, bootloader_version, device_build_signature, device_kernel_version, primary_language_code, security_patch_level, system_update_info].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_system_update_info.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_system_update_info.rb new file mode 100644 index 0000000..41b7cd5 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_system_update_info.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmSystemUpdateInfo + attr_accessor :update_received_time + + attr_accessor :update_status + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'update_received_time' => :'updateReceivedTime', + :'update_status' => :'updateStatus' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'update_received_time' => :'Object', + :'update_status' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmSystemUpdateInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmSystemUpdateInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'update_received_time') + self.update_received_time = attributes[:'update_received_time'] + end + + if attributes.key?(:'update_status') + self.update_status = attributes[:'update_status'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + update_received_time == o.update_received_time && + update_status == o.update_status + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [update_received_time, update_status].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_telephony_info.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_telephony_info.rb new file mode 100644 index 0000000..cf99ebb --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_telephony_info.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmTelephonyInfo + # Not logging as it contains sensitive information. + attr_accessor :carrier_name + + # Not logging as it contains sensitive information. + attr_accessor :phone_number + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'carrier_name' => :'carrierName', + :'phone_number' => :'phoneNumber' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'carrier_name' => :'Object', + :'phone_number' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmTelephonyInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmTelephonyInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'carrier_name') + self.carrier_name = attributes[:'carrier_name'] + end + + if attributes.key?(:'phone_number') + self.phone_number = attributes[:'phone_number'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + carrier_name == o.carrier_name && + phone_number == o.phone_number + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [carrier_name, phone_number].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_web_token.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_web_token.rb new file mode 100644 index 0000000..cd5930d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_google_emm_web_token.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudGoogleEmmWebToken + attr_accessor :name + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudGoogleEmmWebToken` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudGoogleEmmWebToken`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_msp_get_details_response.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_msp_get_details_response.rb new file mode 100644 index 0000000..9cd3395 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_msp_get_details_response.rb @@ -0,0 +1,235 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudMspGetDetailsResponse + attr_accessor :assigned_licenses + + attr_accessor :contract_type + + attr_accessor :has_contract + + attr_accessor :products + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'assigned_licenses' => :'assignedLicenses', + :'contract_type' => :'contractType', + :'has_contract' => :'hasContract', + :'products' => :'products' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'assigned_licenses' => :'Object', + :'contract_type' => :'Object', + :'has_contract' => :'Object', + :'products' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudMspGetDetailsResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudMspGetDetailsResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'assigned_licenses') + self.assigned_licenses = attributes[:'assigned_licenses'] + end + + if attributes.key?(:'contract_type') + self.contract_type = attributes[:'contract_type'] + end + + if attributes.key?(:'has_contract') + self.has_contract = attributes[:'has_contract'] + end + + if attributes.key?(:'products') + if (value = attributes[:'products']).is_a?(Array) + self.products = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + assigned_licenses == o.assigned_licenses && + contract_type == o.contract_type && + has_contract == o.has_contract && + products == o.products + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [assigned_licenses, contract_type, has_contract, products].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_msp_product.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_msp_product.rb new file mode 100644 index 0000000..f47a637 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_msp_product.rb @@ -0,0 +1,235 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudMspProduct + attr_accessor :capabilities + + attr_accessor :included_licenses + + attr_accessor :name + + attr_accessor :purchased_licenses + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'capabilities' => :'capabilities', + :'included_licenses' => :'includedLicenses', + :'name' => :'name', + :'purchased_licenses' => :'purchasedLicenses' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'capabilities' => :'Object', + :'included_licenses' => :'Object', + :'name' => :'Object', + :'purchased_licenses' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudMspProduct` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudMspProduct`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'capabilities') + if (value = attributes[:'capabilities']).is_a?(Array) + self.capabilities = value + end + end + + if attributes.key?(:'included_licenses') + self.included_licenses = attributes[:'included_licenses'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'purchased_licenses') + self.purchased_licenses = attributes[:'purchased_licenses'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + capabilities == o.capabilities && + included_licenses == o.included_licenses && + name == o.name && + purchased_licenses == o.purchased_licenses + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [capabilities, included_licenses, name, purchased_licenses].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_apple_package_details.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_apple_package_details.rb new file mode 100644 index 0000000..f090c35 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_apple_package_details.rb @@ -0,0 +1,280 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudPackageValidatorApplePackageDetails + attr_accessor :asset_kind + + attr_accessor :asset_sha256_size + + attr_accessor :asset_sha256_strings + + attr_accessor :asset_url + + attr_accessor :bundle_identifier + + attr_accessor :bundle_version + + attr_accessor :package_kind + + attr_accessor :subtitle + + attr_accessor :title + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'asset_kind' => :'assetKind', + :'asset_sha256_size' => :'assetSha256Size', + :'asset_sha256_strings' => :'assetSha256Strings', + :'asset_url' => :'assetUrl', + :'bundle_identifier' => :'bundleIdentifier', + :'bundle_version' => :'bundleVersion', + :'package_kind' => :'packageKind', + :'subtitle' => :'subtitle', + :'title' => :'title' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'asset_kind' => :'Object', + :'asset_sha256_size' => :'Object', + :'asset_sha256_strings' => :'Object', + :'asset_url' => :'Object', + :'bundle_identifier' => :'Object', + :'bundle_version' => :'Object', + :'package_kind' => :'Object', + :'subtitle' => :'Object', + :'title' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudPackageValidatorApplePackageDetails` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudPackageValidatorApplePackageDetails`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'asset_kind') + self.asset_kind = attributes[:'asset_kind'] + end + + if attributes.key?(:'asset_sha256_size') + self.asset_sha256_size = attributes[:'asset_sha256_size'] + end + + if attributes.key?(:'asset_sha256_strings') + if (value = attributes[:'asset_sha256_strings']).is_a?(Array) + self.asset_sha256_strings = value + end + end + + if attributes.key?(:'asset_url') + self.asset_url = attributes[:'asset_url'] + end + + if attributes.key?(:'bundle_identifier') + self.bundle_identifier = attributes[:'bundle_identifier'] + end + + if attributes.key?(:'bundle_version') + self.bundle_version = attributes[:'bundle_version'] + end + + if attributes.key?(:'package_kind') + self.package_kind = attributes[:'package_kind'] + end + + if attributes.key?(:'subtitle') + self.subtitle = attributes[:'subtitle'] + end + + if attributes.key?(:'title') + self.title = attributes[:'title'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + asset_kind == o.asset_kind && + asset_sha256_size == o.asset_sha256_size && + asset_sha256_strings == o.asset_sha256_strings && + asset_url == o.asset_url && + bundle_identifier == o.bundle_identifier && + bundle_version == o.bundle_version && + package_kind == o.package_kind && + subtitle == o.subtitle && + title == o.title + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [asset_kind, asset_sha256_size, asset_sha256_strings, asset_url, bundle_identifier, bundle_version, package_kind, subtitle, title].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_validate_application_install_package_request.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_validate_application_install_package_request.rb new file mode 100644 index 0000000..170ba1f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_validate_application_install_package_request.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudPackageValidatorValidateApplicationInstallPackageRequest + attr_accessor :url + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'url' => :'url' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'url' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'url') + self.url = attributes[:'url'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + url == o.url + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_validate_application_install_package_response.rb b/jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_validate_application_install_package_response.rb new file mode 100644 index 0000000..83e5f8f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/jumpcloud_package_validator_validate_application_install_package_response.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class JumpcloudPackageValidatorValidateApplicationInstallPackageResponse + attr_accessor :apple_package_details + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'apple_package_details' => :'applePackageDetails' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'apple_package_details' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'apple_package_details') + self.apple_package_details = attributes[:'apple_package_details'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + apple_package_details == o.apple_package_details + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [apple_package_details].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/ldap_group.rb b/jcapiv2/lib/jcapiv2/models/ldap_group.rb new file mode 100644 index 0000000..1967c2c --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/ldap_group.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # An LDAP group object. + class LdapGroup + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::LdapGroup` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::LdapGroup`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/ldap_server.rb b/jcapiv2/lib/jcapiv2/models/ldap_server.rb new file mode 100644 index 0000000..09b9646 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/ldap_server.rb @@ -0,0 +1,283 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class LdapServer + # Unique identifier of this LDAP server + attr_accessor :id + + # The name of this LDAP server + attr_accessor :name + + # action to take; one of 'remove' or 'disable' + attr_accessor :user_lockout_action + + # action to take; one of 'remove' or 'disable' + attr_accessor :user_password_expiration_action + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name', + :'user_lockout_action' => :'userLockoutAction', + :'user_password_expiration_action' => :'userPasswordExpirationAction' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object', + :'user_lockout_action' => :'Object', + :'user_password_expiration_action' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::LdapServer` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::LdapServer`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'user_lockout_action') + self.user_lockout_action = attributes[:'user_lockout_action'] + end + + if attributes.key?(:'user_password_expiration_action') + self.user_password_expiration_action = attributes[:'user_password_expiration_action'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + user_lockout_action_validator = EnumAttributeValidator.new('Object', ['disable', 'remove']) + return false unless user_lockout_action_validator.valid?(@user_lockout_action) + user_password_expiration_action_validator = EnumAttributeValidator.new('Object', ['disable', 'remove']) + return false unless user_password_expiration_action_validator.valid?(@user_password_expiration_action) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] user_lockout_action Object to be assigned + def user_lockout_action=(user_lockout_action) + validator = EnumAttributeValidator.new('Object', ['disable', 'remove']) + unless validator.valid?(user_lockout_action) + fail ArgumentError, "invalid value for \"user_lockout_action\", must be one of #{validator.allowable_values}." + end + @user_lockout_action = user_lockout_action + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] user_password_expiration_action Object to be assigned + def user_password_expiration_action=(user_password_expiration_action) + validator = EnumAttributeValidator.new('Object', ['disable', 'remove']) + unless validator.valid?(user_password_expiration_action) + fail ArgumentError, "invalid value for \"user_password_expiration_action\", must be one of #{validator.allowable_values}." + end + @user_password_expiration_action = user_password_expiration_action + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name && + user_lockout_action == o.user_lockout_action && + user_password_expiration_action == o.user_password_expiration_action + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name, user_lockout_action, user_password_expiration_action].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/ldap_server_action.rb b/jcapiv2/lib/jcapiv2/models/ldap_server_action.rb index 048970e..ca02c4e 100644 --- a/jcapiv2/lib/jcapiv2/models/ldap_server_action.rb +++ b/jcapiv2/lib/jcapiv2/models/ldap_server_action.rb @@ -1,31 +1,28 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 class LdapServerAction - - DISABLE = "disable".freeze - REMOVE = "remove".freeze + DISABLE = 'disable'.freeze + REMOVE = 'remove'.freeze # Builds the enum from string # @param [String] The enum value in the form of the string # @return [String] The enum value def build_from_hash(value) - constantValues = LdapServerAction.constants.select{|c| LdapServerAction::const_get(c) == value} + constantValues = LdapServerAction.constants.select { |c| LdapServerAction::const_get(c) == value } raise "Invalid ENUM value #{value} for class #LdapServerAction" if constantValues.empty? value end end - end diff --git a/jcapiv2/lib/jcapiv2/models/ldap_server_input.rb b/jcapiv2/lib/jcapiv2/models/ldap_server_input.rb deleted file mode 100644 index 6c67b6b..0000000 --- a/jcapiv2/lib/jcapiv2/models/ldap_server_input.rb +++ /dev/null @@ -1,254 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class LdapServerInput - # The name of this LDAP server - attr_accessor :name - - # action to take; one of 'remove' or 'disable' - attr_accessor :user_lockout_action - - # action to take; one of 'remove' or 'disable' - attr_accessor :user_password_expiration_action - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'name' => :'name', - :'user_lockout_action' => :'userLockoutAction', - :'user_password_expiration_action' => :'userPasswordExpirationAction' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'name' => :'String', - :'user_lockout_action' => :'String', - :'user_password_expiration_action' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'userLockoutAction') - self.user_lockout_action = attributes[:'userLockoutAction'] - end - - if attributes.has_key?(:'userPasswordExpirationAction') - self.user_password_expiration_action = attributes[:'userPasswordExpirationAction'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - user_lockout_action_validator = EnumAttributeValidator.new('String', ["disable", "remove"]) - return false unless user_lockout_action_validator.valid?(@user_lockout_action) - user_password_expiration_action_validator = EnumAttributeValidator.new('String', ["disable", "remove"]) - return false unless user_password_expiration_action_validator.valid?(@user_password_expiration_action) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] user_lockout_action Object to be assigned - def user_lockout_action=(user_lockout_action) - validator = EnumAttributeValidator.new('String', ["disable", "remove"]) - unless validator.valid?(user_lockout_action) - fail ArgumentError, "invalid value for 'user_lockout_action', must be one of #{validator.allowable_values}." - end - @user_lockout_action = user_lockout_action - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] user_password_expiration_action Object to be assigned - def user_password_expiration_action=(user_password_expiration_action) - validator = EnumAttributeValidator.new('String', ["disable", "remove"]) - unless validator.valid?(user_password_expiration_action) - fail ArgumentError, "invalid value for 'user_password_expiration_action', must be one of #{validator.allowable_values}." - end - @user_password_expiration_action = user_password_expiration_action - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - name == o.name && - user_lockout_action == o.user_lockout_action && - user_password_expiration_action == o.user_password_expiration_action - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [name, user_lockout_action, user_password_expiration_action].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/ldap_server_output.rb b/jcapiv2/lib/jcapiv2/models/ldap_server_output.rb deleted file mode 100644 index 3e24fc9..0000000 --- a/jcapiv2/lib/jcapiv2/models/ldap_server_output.rb +++ /dev/null @@ -1,269 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class LdapServerOutput - # The name of this LDAP server - attr_accessor :name - - # action to take; one of 'remove' or 'disable' - attr_accessor :user_lockout_action - - # action to take; one of 'remove' or 'disable' - attr_accessor :user_password_expiration_action - - # Unique identifier of this LDAP server - attr_accessor :id - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'name' => :'name', - :'user_lockout_action' => :'userLockoutAction', - :'user_password_expiration_action' => :'userPasswordExpirationAction', - :'id' => :'id' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'name' => :'String', - :'user_lockout_action' => :'String', - :'user_password_expiration_action' => :'String', - :'id' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'userLockoutAction') - self.user_lockout_action = attributes[:'userLockoutAction'] - end - - if attributes.has_key?(:'userPasswordExpirationAction') - self.user_password_expiration_action = attributes[:'userPasswordExpirationAction'] - end - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - user_lockout_action_validator = EnumAttributeValidator.new('String', ["disable", "remove"]) - return false unless user_lockout_action_validator.valid?(@user_lockout_action) - user_password_expiration_action_validator = EnumAttributeValidator.new('String', ["disable", "remove"]) - return false unless user_password_expiration_action_validator.valid?(@user_password_expiration_action) - return false if @id.nil? - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] user_lockout_action Object to be assigned - def user_lockout_action=(user_lockout_action) - validator = EnumAttributeValidator.new('String', ["disable", "remove"]) - unless validator.valid?(user_lockout_action) - fail ArgumentError, "invalid value for 'user_lockout_action', must be one of #{validator.allowable_values}." - end - @user_lockout_action = user_lockout_action - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] user_password_expiration_action Object to be assigned - def user_password_expiration_action=(user_password_expiration_action) - validator = EnumAttributeValidator.new('String', ["disable", "remove"]) - unless validator.valid?(user_password_expiration_action) - fail ArgumentError, "invalid value for 'user_password_expiration_action', must be one of #{validator.allowable_values}." - end - @user_password_expiration_action = user_password_expiration_action - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - name == o.name && - user_lockout_action == o.user_lockout_action && - user_password_expiration_action == o.user_password_expiration_action && - id == o.id - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [name, user_lockout_action, user_password_expiration_action, id].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/ldapservers_id_body.rb b/jcapiv2/lib/jcapiv2/models/ldapservers_id_body.rb new file mode 100644 index 0000000..15e3268 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/ldapservers_id_body.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class LdapserversIdBody + attr_accessor :id + + attr_accessor :user_lockout_action + + attr_accessor :user_password_expiration_action + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'user_lockout_action' => :'userLockoutAction', + :'user_password_expiration_action' => :'userPasswordExpirationAction' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'user_lockout_action' => :'Object', + :'user_password_expiration_action' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::LdapserversIdBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::LdapserversIdBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'user_lockout_action') + self.user_lockout_action = attributes[:'user_lockout_action'] + end + + if attributes.key?(:'user_password_expiration_action') + self.user_password_expiration_action = attributes[:'user_password_expiration_action'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + user_lockout_action == o.user_lockout_action && + user_password_expiration_action == o.user_password_expiration_action + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, user_lockout_action, user_password_expiration_action].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/member_suggestion.rb b/jcapiv2/lib/jcapiv2/models/member_suggestion.rb new file mode 100644 index 0000000..6defe45 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/member_suggestion.rb @@ -0,0 +1,250 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class MemberSuggestion + attr_accessor :object + + # How to modify group membership. + attr_accessor :op + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'object' => :'object', + :'op' => :'op' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'object' => :'Object', + :'op' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::MemberSuggestion` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::MemberSuggestion`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'object') + self.object = attributes[:'object'] + end + + if attributes.key?(:'op') + self.op = attributes[:'op'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + op_validator = EnumAttributeValidator.new('Object', ['add', 'remove']) + return false unless op_validator.valid?(@op) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] op Object to be assigned + def op=(op) + validator = EnumAttributeValidator.new('Object', ['add', 'remove']) + unless validator.valid?(op) + fail ArgumentError, "invalid value for \"op\", must be one of #{validator.allowable_values}." + end + @op = op + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + object == o.object && + op == o.op + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [object, op].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/member_suggestions_post_result.rb b/jcapiv2/lib/jcapiv2/models/member_suggestions_post_result.rb new file mode 100644 index 0000000..bc519e2 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/member_suggestions_post_result.rb @@ -0,0 +1,219 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class MemberSuggestionsPostResult + attr_accessor :suggestions_found + + attr_accessor :suggestions_not_found + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'suggestions_found' => :'suggestions_found', + :'suggestions_not_found' => :'suggestions_not_found' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'suggestions_found' => :'Object', + :'suggestions_not_found' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::MemberSuggestionsPostResult` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::MemberSuggestionsPostResult`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'suggestions_found') + if (value = attributes[:'suggestions_found']).is_a?(Array) + self.suggestions_found = value + end + end + + if attributes.key?(:'suggestions_not_found') + if (value = attributes[:'suggestions_not_found']).is_a?(Array) + self.suggestions_not_found = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + suggestions_found == o.suggestions_found && + suggestions_not_found == o.suggestions_not_found + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [suggestions_found, suggestions_not_found].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/mfa.rb b/jcapiv2/lib/jcapiv2/models/mfa.rb deleted file mode 100644 index d1a5d12..0000000 --- a/jcapiv2/lib/jcapiv2/models/mfa.rb +++ /dev/null @@ -1,206 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class Mfa - attr_accessor :configured - - attr_accessor :exclusion - - attr_accessor :exclusion_until - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'configured' => :'configured', - :'exclusion' => :'exclusion', - :'exclusion_until' => :'exclusionUntil' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'configured' => :'BOOLEAN', - :'exclusion' => :'BOOLEAN', - :'exclusion_until' => :'DateTime' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'configured') - self.configured = attributes[:'configured'] - end - - if attributes.has_key?(:'exclusion') - self.exclusion = attributes[:'exclusion'] - end - - if attributes.has_key?(:'exclusionUntil') - self.exclusion_until = attributes[:'exclusionUntil'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - configured == o.configured && - exclusion == o.exclusion && - exclusion_until == o.exclusion_until - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [configured, exclusion, exclusion_until].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/mobileconfig.rb b/jcapiv2/lib/jcapiv2/models/mobileconfig.rb index 9f20530..049cb3e 100644 --- a/jcapiv2/lib/jcapiv2/models/mobileconfig.rb +++ b/jcapiv2/lib/jcapiv2/models/mobileconfig.rb @@ -1,21 +1,18 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class Mobileconfig - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -23,32 +20,44 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Mobileconfig` initialize method" + end + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Mobileconfig`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -65,26 +74,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -106,7 +124,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -127,8 +145,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -150,7 +167,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -162,7 +183,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -172,8 +193,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/model_case.rb b/jcapiv2/lib/jcapiv2/models/model_case.rb new file mode 100644 index 0000000..0622b99 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/model_case.rb @@ -0,0 +1,279 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Details of the case (support/feature request) + class ModelCase + attr_accessor :case_number + + attr_accessor :date + + attr_accessor :description + + attr_accessor :label + + attr_accessor :organization + + attr_accessor :reporter + + attr_accessor :reporter_email + + attr_accessor :status + + attr_accessor :subject + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'case_number' => :'caseNumber', + :'date' => :'date', + :'description' => :'description', + :'label' => :'label', + :'organization' => :'organization', + :'reporter' => :'reporter', + :'reporter_email' => :'reporterEmail', + :'status' => :'status', + :'subject' => :'subject' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'case_number' => :'Object', + :'date' => :'Object', + :'description' => :'Object', + :'label' => :'Object', + :'organization' => :'Object', + :'reporter' => :'Object', + :'reporter_email' => :'Object', + :'status' => :'Object', + :'subject' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ModelCase` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ModelCase`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'case_number') + self.case_number = attributes[:'case_number'] + end + + if attributes.key?(:'date') + self.date = attributes[:'date'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'label') + self.label = attributes[:'label'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + + if attributes.key?(:'reporter') + self.reporter = attributes[:'reporter'] + end + + if attributes.key?(:'reporter_email') + self.reporter_email = attributes[:'reporter_email'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'subject') + self.subject = attributes[:'subject'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + case_number == o.case_number && + date == o.date && + description == o.description && + label == o.label && + organization == o.organization && + reporter == o.reporter && + reporter_email == o.reporter_email && + status == o.status && + subject == o.subject + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [case_number, date, description, label, organization, reporter, reporter_email, status, subject].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/o365_domain.rb b/jcapiv2/lib/jcapiv2/models/o365_domain.rb new file mode 100644 index 0000000..722b2de --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/o365_domain.rb @@ -0,0 +1,234 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class O365Domain + attr_accessor :default + + attr_accessor :domain + + attr_accessor :object_id + + # ObjectID of the Office 365 suite. + attr_accessor :resource_object_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'default' => :'default', + :'domain' => :'domain', + :'object_id' => :'objectId', + :'resource_object_id' => :'resourceObjectId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'default' => :'Object', + :'domain' => :'Object', + :'object_id' => :'Object', + :'resource_object_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::O365Domain` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::O365Domain`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'default') + self.default = attributes[:'default'] + end + + if attributes.key?(:'domain') + self.domain = attributes[:'domain'] + end + + if attributes.key?(:'object_id') + self.object_id = attributes[:'object_id'] + end + + if attributes.key?(:'resource_object_id') + self.resource_object_id = attributes[:'resource_object_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + default == o.default && + domain == o.domain && + object_id == o.object_id && + resource_object_id == o.resource_object_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [default, domain, object_id, resource_object_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/o365_domain_response.rb b/jcapiv2/lib/jcapiv2/models/o365_domain_response.rb new file mode 100644 index 0000000..6566dd7 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/o365_domain_response.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class O365DomainResponse + attr_accessor :domain + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'domain' => :'domain' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'domain' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::O365DomainResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::O365DomainResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'domain') + self.domain = attributes[:'domain'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + domain == o.domain + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [domain].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/o365_domains_list_response.rb b/jcapiv2/lib/jcapiv2/models/o365_domains_list_response.rb new file mode 100644 index 0000000..97acc52 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/o365_domains_list_response.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class O365DomainsListResponse + attr_accessor :domains + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'domains' => :'domains', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'domains' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::O365DomainsListResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::O365DomainsListResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'domains') + if (value = attributes[:'domains']).is_a?(Array) + self.domains = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + domains == o.domains && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [domains, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/oauth_code_input.rb b/jcapiv2/lib/jcapiv2/models/oauth_code_input.rb deleted file mode 100644 index 813482a..0000000 --- a/jcapiv2/lib/jcapiv2/models/oauth_code_input.rb +++ /dev/null @@ -1,188 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class OauthCodeInput - attr_accessor :code - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'code' => :'code' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'code' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'code') - self.code = attributes[:'code'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - code == o.code - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [code].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/object_storage_item.rb b/jcapiv2/lib/jcapiv2/models/object_storage_item.rb new file mode 100644 index 0000000..1a9d70f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/object_storage_item.rb @@ -0,0 +1,218 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Object storage item information. + class ObjectStorageItem + attr_accessor :object_id + + attr_accessor :versions + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'object_id' => :'objectId', + :'versions' => :'versions' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'object_id' => :'Object', + :'versions' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ObjectStorageItem` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ObjectStorageItem`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'object_id') + self.object_id = attributes[:'object_id'] + end + + if attributes.key?(:'versions') + if (value = attributes[:'versions']).is_a?(Array) + self.versions = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + object_id == o.object_id && + versions == o.versions + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [object_id, versions].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/object_storage_version.rb b/jcapiv2/lib/jcapiv2/models/object_storage_version.rb new file mode 100644 index 0000000..ec59bc0 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/object_storage_version.rb @@ -0,0 +1,261 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Object storage version information. + class ObjectStorageVersion + attr_accessor :metadata + + attr_accessor :name + + attr_accessor :rejected_reason + + attr_accessor :sha256sum + + attr_accessor :size + + attr_accessor :status + + attr_accessor :version + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'metadata' => :'metadata', + :'name' => :'name', + :'rejected_reason' => :'rejectedReason', + :'sha256sum' => :'sha256sum', + :'size' => :'size', + :'status' => :'status', + :'version' => :'version' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'metadata' => :'Object', + :'name' => :'Object', + :'rejected_reason' => :'Object', + :'sha256sum' => :'Object', + :'size' => :'Object', + :'status' => :'Object', + :'version' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ObjectStorageVersion` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ObjectStorageVersion`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'metadata') + self.metadata = attributes[:'metadata'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'rejected_reason') + self.rejected_reason = attributes[:'rejected_reason'] + end + + if attributes.key?(:'sha256sum') + self.sha256sum = attributes[:'sha256sum'] + end + + if attributes.key?(:'size') + self.size = attributes[:'size'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + metadata == o.metadata && + name == o.name && + rejected_reason == o.rejected_reason && + sha256sum == o.sha256sum && + size == o.size && + status == o.status && + version == o.version + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [metadata, name, rejected_reason, sha256sum, size, status, version].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/office365.rb b/jcapiv2/lib/jcapiv2/models/office365.rb new file mode 100644 index 0000000..43f3837 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/office365.rb @@ -0,0 +1,297 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class Office365 + attr_accessor :default_domain + + attr_accessor :groups_enabled + + attr_accessor :id + + attr_accessor :name + + attr_accessor :user_lockout_action + + attr_accessor :user_password_expiration_action + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'default_domain' => :'defaultDomain', + :'groups_enabled' => :'groupsEnabled', + :'id' => :'id', + :'name' => :'name', + :'user_lockout_action' => :'userLockoutAction', + :'user_password_expiration_action' => :'userPasswordExpirationAction' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'default_domain' => :'Object', + :'groups_enabled' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'user_lockout_action' => :'Object', + :'user_password_expiration_action' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Office365` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Office365`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'default_domain') + self.default_domain = attributes[:'default_domain'] + end + + if attributes.key?(:'groups_enabled') + self.groups_enabled = attributes[:'groups_enabled'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'user_lockout_action') + self.user_lockout_action = attributes[:'user_lockout_action'] + end + + if attributes.key?(:'user_password_expiration_action') + self.user_password_expiration_action = attributes[:'user_password_expiration_action'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + user_lockout_action_validator = EnumAttributeValidator.new('Object', ['suspend', 'maintain']) + return false unless user_lockout_action_validator.valid?(@user_lockout_action) + user_password_expiration_action_validator = EnumAttributeValidator.new('Object', ['suspend', 'maintain']) + return false unless user_password_expiration_action_validator.valid?(@user_password_expiration_action) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] user_lockout_action Object to be assigned + def user_lockout_action=(user_lockout_action) + validator = EnumAttributeValidator.new('Object', ['suspend', 'maintain']) + unless validator.valid?(user_lockout_action) + fail ArgumentError, "invalid value for \"user_lockout_action\", must be one of #{validator.allowable_values}." + end + @user_lockout_action = user_lockout_action + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] user_password_expiration_action Object to be assigned + def user_password_expiration_action=(user_password_expiration_action) + validator = EnumAttributeValidator.new('Object', ['suspend', 'maintain']) + unless validator.valid?(user_password_expiration_action) + fail ArgumentError, "invalid value for \"user_password_expiration_action\", must be one of #{validator.allowable_values}." + end + @user_password_expiration_action = user_password_expiration_action + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + default_domain == o.default_domain && + groups_enabled == o.groups_enabled && + id == o.id && + name == o.name && + user_lockout_action == o.user_lockout_action && + user_password_expiration_action == o.user_password_expiration_action + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [default_domain, groups_enabled, id, name, user_lockout_action, user_password_expiration_action].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/office365_builtin_translation.rb b/jcapiv2/lib/jcapiv2/models/office365_builtin_translation.rb index 40306ef..404c059 100644 --- a/jcapiv2/lib/jcapiv2/models/office365_builtin_translation.rb +++ b/jcapiv2/lib/jcapiv2/models/office365_builtin_translation.rb @@ -1,39 +1,39 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 class Office365BuiltinTranslation - - STREET_ADDRESS = "user_street_address".freeze - CITY = "user_city".freeze - STATE = "user_state".freeze - COUNTRY = "user_country".freeze - POSTAL_CODE = "user_postal_code".freeze - BUSINESS_PHONES = "user_business_phones".freeze - MOBILE_PHONE = "user_mobile_phone".freeze - DEPARTMENT = "user_department".freeze - JOB_TITLE = "user_job_title".freeze - OFFICE_LOCATION = "user_office_location".freeze + ALTERNATE_EMAIL = 'user_alternate_email'.freeze + BUSINESS_PHONES = 'user_business_phones'.freeze + CITY = 'user_city'.freeze + COUNTRY = 'user_country'.freeze + DEPARTMENT = 'user_department'.freeze + JOB_TITLE = 'user_job_title'.freeze + MANAGER = 'user_manager'.freeze + MOBILE_PHONE = 'user_mobile_phone'.freeze + OFFICE_LOCATION = 'user_office_location'.freeze + POSTAL_CODE = 'user_postal_code'.freeze + PRINCIPAL_NAME_FROM_ALTERNATE_EMAIL = 'user_principal_name_from_alternate_email'.freeze + STATE = 'user_state'.freeze + STREET_ADDRESS = 'user_street_address'.freeze # Builds the enum from string # @param [String] The enum value in the form of the string # @return [String] The enum value def build_from_hash(value) - constantValues = Office365BuiltinTranslation.constants.select{|c| Office365BuiltinTranslation::const_get(c) == value} + constantValues = Office365BuiltinTranslation.constants.select { |c| Office365BuiltinTranslation::const_get(c) == value } raise "Invalid ENUM value #{value} for class #Office365BuiltinTranslation" if constantValues.empty? value end end - end diff --git a/jcapiv2/lib/jcapiv2/models/office365_direction_translation.rb b/jcapiv2/lib/jcapiv2/models/office365_direction_translation.rb new file mode 100644 index 0000000..1b3e4fc --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/office365_direction_translation.rb @@ -0,0 +1,27 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class Office365DirectionTranslation + EXPORT = 'export'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = Office365DirectionTranslation.constants.select { |c| Office365DirectionTranslation::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #Office365DirectionTranslation" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/office365_id_domains_body.rb b/jcapiv2/lib/jcapiv2/models/office365_id_domains_body.rb new file mode 100644 index 0000000..96940a9 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/office365_id_domains_body.rb @@ -0,0 +1,206 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class Office365IdDomainsBody + attr_accessor :domain + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'domain' => :'domain' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'domain' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Office365IdDomainsBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Office365IdDomainsBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'domain') + self.domain = attributes[:'domain'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + domain == o.domain + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [domain].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/office365_translation_rule.rb b/jcapiv2/lib/jcapiv2/models/office365_translation_rule.rb index fdbe1d0..7007ca6 100644 --- a/jcapiv2/lib/jcapiv2/models/office365_translation_rule.rb +++ b/jcapiv2/lib/jcapiv2/models/office365_translation_rule.rb @@ -1,71 +1,88 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class Office365TranslationRule attr_accessor :built_in + attr_accessor :direction + # ObjectId uniquely identifying a Translation Rule. attr_accessor :id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'built_in' => :'builtIn', + :'direction' => :'direction', :'id' => :'id' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'built_in' => :'Office365BuiltinTranslation', - :'id' => :'String' + :'built_in' => :'Object', + :'direction' => :'Object', + :'id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Office365TranslationRule` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Office365TranslationRule`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'built_in') + self.built_in = attributes[:'built_in'] + end - if attributes.has_key?(:'builtIn') - self.built_in = attributes[:'builtIn'] + if attributes.key?(:'direction') + self.direction = attributes[:'direction'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -74,6 +91,7 @@ def ==(o) return true if self.equal?(o) self.class == o.class && built_in == o.built_in && + direction == o.direction && id == o.id end @@ -84,9 +102,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [built_in, id].hash + [built_in, direction, id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -94,16 +119,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -125,7 +152,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -146,8 +173,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -169,7 +195,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -181,7 +211,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -191,8 +221,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/office365_translation_rule_request.rb b/jcapiv2/lib/jcapiv2/models/office365_translation_rule_request.rb index de4be1f..6bcb06a 100644 --- a/jcapiv2/lib/jcapiv2/models/office365_translation_rule_request.rb +++ b/jcapiv2/lib/jcapiv2/models/office365_translation_rule_request.rb @@ -1,62 +1,79 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class Office365TranslationRuleRequest attr_accessor :built_in + attr_accessor :direction # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { - :'built_in' => :'builtIn' + :'built_in' => :'builtIn', + :'direction' => :'direction' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'built_in' => :'Office365BuiltinTranslation' + :'built_in' => :'Object', + :'direction' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Office365TranslationRuleRequest` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Office365TranslationRuleRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'builtIn') - self.built_in = attributes[:'builtIn'] + if attributes.key?(:'built_in') + self.built_in = attributes[:'built_in'] end + if attributes.key?(:'direction') + self.direction = attributes[:'direction'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -64,7 +81,8 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && - built_in == o.built_in + built_in == o.built_in && + direction == o.direction end # @see the `==` method @@ -74,9 +92,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [built_in].hash + [built_in, direction].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -84,16 +109,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -115,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -136,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -159,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -171,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -181,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/org_crypto_settings.rb b/jcapiv2/lib/jcapiv2/models/org_crypto_settings.rb deleted file mode 100644 index 3488493..0000000 --- a/jcapiv2/lib/jcapiv2/models/org_crypto_settings.rb +++ /dev/null @@ -1,188 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class OrgCryptoSettings - attr_accessor :ssh_keys - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'ssh_keys' => :'sshKeys' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'ssh_keys' => :'OrgcryptosettingsSshKeys' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'sshKeys') - self.ssh_keys = attributes[:'sshKeys'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - ssh_keys == o.ssh_keys - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [ssh_keys].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/organization.rb b/jcapiv2/lib/jcapiv2/models/organization.rb new file mode 100644 index 0000000..1a3b14a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/organization.rb @@ -0,0 +1,225 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class Organization + attr_accessor :id + + # The maximum number of users allowed in this organization. Requires organizations.billing scope to modify. + attr_accessor :max_system_users + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'max_system_users' => :'maxSystemUsers', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'max_system_users' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Organization` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Organization`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'max_system_users') + self.max_system_users = attributes[:'max_system_users'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + max_system_users == o.max_system_users && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, max_system_users, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/orgcryptosettings_ssh_keys.rb b/jcapiv2/lib/jcapiv2/models/orgcryptosettings_ssh_keys.rb deleted file mode 100644 index 056510d..0000000 --- a/jcapiv2/lib/jcapiv2/models/orgcryptosettings_ssh_keys.rb +++ /dev/null @@ -1,206 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class OrgcryptosettingsSshKeys - attr_accessor :key_size - - attr_accessor :validate - - attr_accessor :validate_key_size - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'key_size' => :'keySize', - :'validate' => :'validate', - :'validate_key_size' => :'validateKeySize' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'key_size' => :'Integer', - :'validate' => :'BOOLEAN', - :'validate_key_size' => :'BOOLEAN' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'keySize') - self.key_size = attributes[:'keySize'] - end - - if attributes.has_key?(:'validate') - self.validate = attributes[:'validate'] - end - - if attributes.has_key?(:'validateKeySize') - self.validate_key_size = attributes[:'validateKeySize'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - key_size == o.key_size && - validate == o.validate && - validate_key_size == o.validate_key_size - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [key_size, validate, validate_key_size].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/os_restriction.rb b/jcapiv2/lib/jcapiv2/models/os_restriction.rb new file mode 100644 index 0000000..a5de649 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/os_restriction.rb @@ -0,0 +1,271 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Contains OS properties to restrict the application of policies to devices based on the device's OS + class OSRestriction + attr_accessor :apple_restrictions + + # The version of the OS in which the policy was deprecated + attr_accessor :deprecated_version + + # The earliest version of the OS in which the policy can be applied + attr_accessor :earliest_version + + # The name of the OS in which this restriction applies + attr_accessor :os_name + + # This field is deprecated and will be ignored. Use appleRestrictions.supportedEnrollmentTypes instead + attr_accessor :supported_enrollment_types + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'apple_restrictions' => :'appleRestrictions', + :'deprecated_version' => :'deprecatedVersion', + :'earliest_version' => :'earliestVersion', + :'os_name' => :'osName', + :'supported_enrollment_types' => :'supportedEnrollmentTypes' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'apple_restrictions' => :'Object', + :'deprecated_version' => :'Object', + :'earliest_version' => :'Object', + :'os_name' => :'Object', + :'supported_enrollment_types' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::OSRestriction` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::OSRestriction`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'apple_restrictions') + self.apple_restrictions = attributes[:'apple_restrictions'] + end + + if attributes.key?(:'deprecated_version') + self.deprecated_version = attributes[:'deprecated_version'] + end + + if attributes.key?(:'earliest_version') + self.earliest_version = attributes[:'earliest_version'] + end + + if attributes.key?(:'os_name') + self.os_name = attributes[:'os_name'] + end + + if attributes.key?(:'supported_enrollment_types') + if (value = attributes[:'supported_enrollment_types']).is_a?(Array) + self.supported_enrollment_types = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + apple_restrictions == o.apple_restrictions && + deprecated_version == o.deprecated_version && + earliest_version == o.earliest_version && + os_name == o.os_name && + supported_enrollment_types == o.supported_enrollment_types + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [apple_restrictions, deprecated_version, earliest_version, os_name, supported_enrollment_types].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/os_restriction_apple_restrictions.rb b/jcapiv2/lib/jcapiv2/models/os_restriction_apple_restrictions.rb new file mode 100644 index 0000000..b306770 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/os_restriction_apple_restrictions.rb @@ -0,0 +1,242 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # The Apple specific restricitons for this policy, if there are any + class OSRestrictionAppleRestrictions + # Boolean representing if the policy requires the Apple devices to be MDM supervised + attr_accessor :requires_supervision + + # The supported Apple enrollment types for this policy + attr_accessor :supported_enrollment_types + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'requires_supervision' => :'requiresSupervision', + :'supported_enrollment_types' => :'supportedEnrollmentTypes' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'requires_supervision' => :'Object', + :'supported_enrollment_types' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::OSRestrictionAppleRestrictions` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::OSRestrictionAppleRestrictions`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'requires_supervision') + self.requires_supervision = attributes[:'requires_supervision'] + end + + if attributes.key?(:'supported_enrollment_types') + if (value = attributes[:'supported_enrollment_types']).is_a?(Array) + self.supported_enrollment_types = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + requires_supervision == o.requires_supervision && + supported_enrollment_types == o.supported_enrollment_types + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [requires_supervision, supported_enrollment_types].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/passwords_security.rb b/jcapiv2/lib/jcapiv2/models/passwords_security.rb new file mode 100644 index 0000000..24d598b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/passwords_security.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PasswordsSecurity + attr_accessor :compromised_passwords + + attr_accessor :old_passwords + + attr_accessor :reused_passwords + + attr_accessor :weak_passwords + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'compromised_passwords' => :'compromisedPasswords', + :'old_passwords' => :'oldPasswords', + :'reused_passwords' => :'reusedPasswords', + :'weak_passwords' => :'weakPasswords' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'compromised_passwords' => :'Object', + :'old_passwords' => :'Object', + :'reused_passwords' => :'Object', + :'weak_passwords' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PasswordsSecurity` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PasswordsSecurity`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'compromised_passwords') + self.compromised_passwords = attributes[:'compromised_passwords'] + end + + if attributes.key?(:'old_passwords') + self.old_passwords = attributes[:'old_passwords'] + end + + if attributes.key?(:'reused_passwords') + self.reused_passwords = attributes[:'reused_passwords'] + end + + if attributes.key?(:'weak_passwords') + self.weak_passwords = attributes[:'weak_passwords'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + compromised_passwords == o.compromised_passwords && + old_passwords == o.old_passwords && + reused_passwords == o.reused_passwords && + weak_passwords == o.weak_passwords + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [compromised_passwords, old_passwords, reused_passwords, weak_passwords].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/phone_number.rb b/jcapiv2/lib/jcapiv2/models/phone_number.rb new file mode 100644 index 0000000..3180582 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/phone_number.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PhoneNumber + attr_accessor :id + + attr_accessor :number + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'number' => :'number', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'number' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PhoneNumber` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PhoneNumber`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'number') + self.number = attributes[:'number'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + number == o.number && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, number, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/policy.rb b/jcapiv2/lib/jcapiv2/models/policy.rb index 24cfbbd..1cbfd8f 100644 --- a/jcapiv2/lib/jcapiv2/models/policy.rb +++ b/jcapiv2/lib/jcapiv2/models/policy.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' @@ -23,7 +22,6 @@ class Policy attr_accessor :template - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -34,47 +32,59 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'id' => :'String', - :'name' => :'String', - :'template' => :'PolicyTemplate' + :'id' => :'Object', + :'name' => :'Object', + :'template' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Policy` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Policy`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'template') + if attributes.key?(:'template') self.template = attributes[:'template'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -94,26 +104,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [id, name, template].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -135,7 +154,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -156,8 +175,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -179,7 +197,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -191,7 +213,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -201,8 +223,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/policy_group.rb b/jcapiv2/lib/jcapiv2/models/policy_group.rb new file mode 100644 index 0000000..e56ef60 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/policy_group.rb @@ -0,0 +1,290 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PolicyGroup + attr_accessor :attributes + + # Description of a Policy Group + attr_accessor :description + + # E-mail address associated with a Policy Group + attr_accessor :email + + # ObjectId uniquely identifying a Policy Group. + attr_accessor :id + + # Display name of a Policy Group. + attr_accessor :name + + # The type of the group; always 'policy' for a Policy Group. + attr_accessor :type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'attributes' => :'attributes', + :'description' => :'description', + :'email' => :'email', + :'id' => :'id', + :'name' => :'name', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'attributes' => :'Object', + :'description' => :'Object', + :'email' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyGroup` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyGroup`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + type_validator = EnumAttributeValidator.new('Object', ['policy_group']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('Object', ['policy_group']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + description == o.description && + email == o.email && + id == o.id && + name == o.name && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [attributes, description, email, id, name, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/policy_group_data.rb b/jcapiv2/lib/jcapiv2/models/policy_group_data.rb new file mode 100644 index 0000000..b2121ad --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/policy_group_data.rb @@ -0,0 +1,212 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PolicyGroupData + # Display name of a Policy Group. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyGroupData` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyGroupData`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/policy_group_template.rb b/jcapiv2/lib/jcapiv2/models/policy_group_template.rb new file mode 100644 index 0000000..840d782 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/policy_group_template.rb @@ -0,0 +1,235 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PolicyGroupTemplate + attr_accessor :description + + attr_accessor :id + + attr_accessor :members + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'description' => :'description', + :'id' => :'id', + :'members' => :'members', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'description' => :'Object', + :'id' => :'Object', + :'members' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyGroupTemplate` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyGroupTemplate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'members') + if (value = attributes[:'members']).is_a?(Array) + self.members = value + end + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + description == o.description && + id == o.id && + members == o.members && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [description, id, members, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/policy_group_template_member.rb b/jcapiv2/lib/jcapiv2/models/policy_group_template_member.rb new file mode 100644 index 0000000..60ae5cc --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/policy_group_template_member.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PolicyGroupTemplateMember + attr_accessor :id + + attr_accessor :name + + attr_accessor :policy_template_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name', + :'policy_template_id' => :'policyTemplateId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object', + :'policy_template_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyGroupTemplateMember` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyGroupTemplateMember`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'policy_template_id') + self.policy_template_id = attributes[:'policy_template_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name && + policy_template_id == o.policy_template_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name, policy_template_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/policy_group_template_members.rb b/jcapiv2/lib/jcapiv2/models/policy_group_template_members.rb new file mode 100644 index 0000000..9e781cc --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/policy_group_template_members.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PolicyGroupTemplateMembers + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyGroupTemplateMembers` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyGroupTemplateMembers`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/policy_group_templates.rb b/jcapiv2/lib/jcapiv2/models/policy_group_templates.rb new file mode 100644 index 0000000..248d882 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/policy_group_templates.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PolicyGroupTemplates + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyGroupTemplates` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyGroupTemplates`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/policy_request.rb b/jcapiv2/lib/jcapiv2/models/policy_request.rb index 4cbaf3e..99bdc2b 100644 --- a/jcapiv2/lib/jcapiv2/models/policy_request.rb +++ b/jcapiv2/lib/jcapiv2/models/policy_request.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' @@ -18,51 +17,71 @@ class PolicyRequest # The description for this specific Policy. attr_accessor :name + # The notes for this specific Policy. + attr_accessor :notes + attr_accessor :template attr_accessor :values - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'name' => :'name', + :'notes' => :'notes', :'template' => :'template', :'values' => :'values' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'name' => :'String', - :'template' => :'PolicyRequestTemplate', - :'values' => :'Array' + :'name' => :'Object', + :'notes' => :'Object', + :'template' => :'Object', + :'values' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyRequest` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'template') + if attributes.key?(:'notes') + self.notes = attributes[:'notes'] + end + + if attributes.key?(:'template') self.template = attributes[:'template'] end - if attributes.has_key?(:'values') + if attributes.key?(:'values') if (value = attributes[:'values']).is_a?(Array) self.values = value end end - end # Show invalid properties with the reasons. Usually used together with valid? @@ -70,17 +89,17 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") + invalid_properties.push('invalid value for "name", name cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? return false if @name.nil? - return true + true end # Checks equality by comparing each attribute. @@ -89,6 +108,7 @@ def ==(o) return true if self.equal?(o) self.class == o.class && name == o.name && + notes == o.notes && template == o.template && values == o.values end @@ -100,9 +120,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [name, template, values].hash + [name, notes, template, values].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -110,16 +137,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -141,7 +170,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -162,8 +191,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -185,7 +213,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -197,7 +229,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -207,8 +239,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/policy_request_template.rb b/jcapiv2/lib/jcapiv2/models/policy_request_template.rb index e071569..73cd50d 100644 --- a/jcapiv2/lib/jcapiv2/models/policy_request_template.rb +++ b/jcapiv2/lib/jcapiv2/models/policy_request_template.rb @@ -1,24 +1,21 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class PolicyRequestTemplate # ObjectId uniquely identifying a Policy instance; only allowed on POST requests. attr_accessor :id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -27,37 +24,49 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'id' => :'String' + :'id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyRequestTemplate` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyRequestTemplate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -75,26 +84,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [id].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -116,7 +134,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -137,8 +155,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -160,7 +177,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -172,7 +193,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -182,8 +203,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/policy_result.rb b/jcapiv2/lib/jcapiv2/models/policy_result.rb index d065915..8908278 100644 --- a/jcapiv2/lib/jcapiv2/models/policy_result.rb +++ b/jcapiv2/lib/jcapiv2/models/policy_result.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class PolicyResult # Details pertaining to the policy result. attr_accessor :detail @@ -48,7 +46,6 @@ class PolicyResult # ObjectId uniquely identifying the parent System. attr_accessor :system_id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -67,87 +64,99 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'detail' => :'String', - :'ended_at' => :'DateTime', - :'exit_status' => :'Integer', - :'id' => :'String', - :'policy_id' => :'String', - :'started_at' => :'DateTime', - :'state' => :'String', - :'std_err' => :'String', - :'std_out' => :'String', - :'success' => :'BOOLEAN', - :'system_id' => :'String' + :'detail' => :'Object', + :'ended_at' => :'Object', + :'exit_status' => :'Object', + :'id' => :'Object', + :'policy_id' => :'Object', + :'started_at' => :'Object', + :'state' => :'Object', + :'std_err' => :'Object', + :'std_out' => :'Object', + :'success' => :'Object', + :'system_id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyResult` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyResult`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'detail') + if attributes.key?(:'detail') self.detail = attributes[:'detail'] end - if attributes.has_key?(:'endedAt') - self.ended_at = attributes[:'endedAt'] + if attributes.key?(:'ended_at') + self.ended_at = attributes[:'ended_at'] end - if attributes.has_key?(:'exitStatus') - self.exit_status = attributes[:'exitStatus'] + if attributes.key?(:'exit_status') + self.exit_status = attributes[:'exit_status'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'policyID') - self.policy_id = attributes[:'policyID'] + if attributes.key?(:'policy_id') + self.policy_id = attributes[:'policy_id'] end - if attributes.has_key?(:'startedAt') - self.started_at = attributes[:'startedAt'] + if attributes.key?(:'started_at') + self.started_at = attributes[:'started_at'] end - if attributes.has_key?(:'state') + if attributes.key?(:'state') self.state = attributes[:'state'] end - if attributes.has_key?(:'stdErr') - self.std_err = attributes[:'stdErr'] + if attributes.key?(:'std_err') + self.std_err = attributes[:'std_err'] end - if attributes.has_key?(:'stdOut') - self.std_out = attributes[:'stdOut'] + if attributes.key?(:'std_out') + self.std_out = attributes[:'std_out'] end - if attributes.has_key?(:'success') + if attributes.key?(:'success') self.success = attributes[:'success'] end - if attributes.has_key?(:'systemID') - self.system_id = attributes[:'systemID'] + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -175,26 +184,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [detail, ended_at, exit_status, id, policy_id, started_at, state, std_err, std_out, success, system_id].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -216,7 +234,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -237,8 +255,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -260,7 +277,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -272,7 +293,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -282,8 +303,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/policy_template.rb b/jcapiv2/lib/jcapiv2/models/policy_template.rb index c5652c5..95bb7bf 100644 --- a/jcapiv2/lib/jcapiv2/models/policy_template.rb +++ b/jcapiv2/lib/jcapiv2/models/policy_template.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' @@ -18,9 +17,15 @@ class PolicyTemplate # Requirements before the policy can be activated. attr_accessor :activation + # Text to describe any risk associated with this policy. + attr_accessor :alert + # Specifics about the behavior of the policy. attr_accessor :behavior + # The supported delivery mechanisms for this policy template. + attr_accessor :delivery_types + # The default description for the Policy. attr_accessor :description @@ -35,6 +40,11 @@ class PolicyTemplate attr_accessor :os_meta_family + attr_accessor :os_restrictions + + # URL to visit for further information. + attr_accessor :reference + # String describing the release status of the policy template. attr_accessor :state @@ -64,95 +74,135 @@ def valid?(value) def self.attribute_map { :'activation' => :'activation', + :'alert' => :'alert', :'behavior' => :'behavior', + :'delivery_types' => :'deliveryTypes', :'description' => :'description', :'display_name' => :'displayName', :'id' => :'id', :'name' => :'name', :'os_meta_family' => :'osMetaFamily', + :'os_restrictions' => :'osRestrictions', + :'reference' => :'reference', :'state' => :'state' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'activation' => :'String', - :'behavior' => :'String', - :'description' => :'String', - :'display_name' => :'String', - :'id' => :'String', - :'name' => :'String', - :'os_meta_family' => :'String', - :'state' => :'String' + :'activation' => :'Object', + :'alert' => :'Object', + :'behavior' => :'Object', + :'delivery_types' => :'Object', + :'description' => :'Object', + :'display_name' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'os_meta_family' => :'Object', + :'os_restrictions' => :'Object', + :'reference' => :'Object', + :'state' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyTemplate` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyTemplate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'activation') + if attributes.key?(:'activation') self.activation = attributes[:'activation'] end - if attributes.has_key?(:'behavior') + if attributes.key?(:'alert') + self.alert = attributes[:'alert'] + end + + if attributes.key?(:'behavior') self.behavior = attributes[:'behavior'] end - if attributes.has_key?(:'description') + if attributes.key?(:'delivery_types') + if (value = attributes[:'delivery_types']).is_a?(Array) + self.delivery_types = value + end + end + + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'displayName') - self.display_name = attributes[:'displayName'] + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'osMetaFamily') - self.os_meta_family = attributes[:'osMetaFamily'] + if attributes.key?(:'os_meta_family') + self.os_meta_family = attributes[:'os_meta_family'] + end + + if attributes.key?(:'os_restrictions') + if (value = attributes[:'os_restrictions']).is_a?(Array) + self.os_restrictions = value + end + end + + if attributes.key?(:'reference') + self.reference = attributes[:'reference'] end - if attributes.has_key?(:'state') + if attributes.key?(:'state') self.state = attributes[:'state'] else - self.state = "" + self.state = '' end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - os_meta_family_validator = EnumAttributeValidator.new('String', ["linux", "darwin", "windows"]) + os_meta_family_validator = EnumAttributeValidator.new('Object', ['linux', 'darwin', 'windows', 'ios', 'universal', 'android']) return false unless os_meta_family_validator.valid?(@os_meta_family) - return true + true end # Custom attribute writer method checking allowed values (enum). # @param [Object] os_meta_family Object to be assigned def os_meta_family=(os_meta_family) - validator = EnumAttributeValidator.new('String', ["linux", "darwin", "windows"]) + validator = EnumAttributeValidator.new('Object', ['linux', 'darwin', 'windows', 'ios', 'universal', 'android']) unless validator.valid?(os_meta_family) - fail ArgumentError, "invalid value for 'os_meta_family', must be one of #{validator.allowable_values}." + fail ArgumentError, "invalid value for \"os_meta_family\", must be one of #{validator.allowable_values}." end @os_meta_family = os_meta_family end @@ -163,12 +213,16 @@ def ==(o) return true if self.equal?(o) self.class == o.class && activation == o.activation && + alert == o.alert && behavior == o.behavior && + delivery_types == o.delivery_types && description == o.description && display_name == o.display_name && id == o.id && name == o.name && os_meta_family == o.os_meta_family && + os_restrictions == o.os_restrictions && + reference == o.reference && state == o.state end @@ -179,9 +233,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [activation, behavior, description, display_name, id, name, os_meta_family, state].hash + [activation, alert, behavior, delivery_types, description, display_name, id, name, os_meta_family, os_restrictions, reference, state].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -189,16 +250,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -220,7 +283,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -241,8 +304,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -264,7 +326,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -276,7 +342,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -286,8 +352,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/policy_template_config_field.rb b/jcapiv2/lib/jcapiv2/models/policy_template_config_field.rb index f60ea0b..32c618f 100644 --- a/jcapiv2/lib/jcapiv2/models/policy_template_config_field.rb +++ b/jcapiv2/lib/jcapiv2/models/policy_template_config_field.rb @@ -1,20 +1,24 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class PolicyTemplateConfigField + # The default value for this field. + attr_accessor :default_value + + # The options that correspond to the display_type. + attr_accessor :display_options + # The default rendering for this field. attr_accessor :display_type @@ -36,8 +40,14 @@ class PolicyTemplateConfigField # If this field is required for this field. attr_accessor :required + # Defines if the policy template config field is sensitive or not. + attr_accessor :sensitive + attr_accessor :tooltip + # Descriptors to perform extended assertions on the supplied config field value. + attr_accessor :validators + class EnumAttributeValidator attr_reader :datatype attr_reader :allowable_values @@ -63,6 +73,8 @@ def valid?(value) # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'default_value' => :'defaultValue', + :'display_options' => :'displayOptions', :'display_type' => :'displayType', :'id' => :'id', :'label' => :'label', @@ -70,64 +82,98 @@ def self.attribute_map :'position' => :'position', :'read_only' => :'readOnly', :'required' => :'required', - :'tooltip' => :'tooltip' + :'sensitive' => :'sensitive', + :'tooltip' => :'tooltip', + :'validators' => :'validators' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'display_type' => :'String', - :'id' => :'String', - :'label' => :'String', - :'name' => :'String', - :'position' => :'Float', - :'read_only' => :'BOOLEAN', - :'required' => :'BOOLEAN', - :'tooltip' => :'PolicyTemplateConfigFieldTooltip' + :'default_value' => :'Object', + :'display_options' => :'Object', + :'display_type' => :'Object', + :'id' => :'Object', + :'label' => :'Object', + :'name' => :'Object', + :'position' => :'Object', + :'read_only' => :'Object', + :'required' => :'Object', + :'sensitive' => :'Object', + :'tooltip' => :'Object', + :'validators' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyTemplateConfigField` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyTemplateConfigField`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'default_value') + self.default_value = attributes[:'default_value'] + end + + if attributes.key?(:'display_options') + self.display_options = attributes[:'display_options'] + end - if attributes.has_key?(:'displayType') - self.display_type = attributes[:'displayType'] + if attributes.key?(:'display_type') + self.display_type = attributes[:'display_type'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'label') + if attributes.key?(:'label') self.label = attributes[:'label'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'position') + if attributes.key?(:'position') self.position = attributes[:'position'] end - if attributes.has_key?(:'readOnly') - self.read_only = attributes[:'readOnly'] + if attributes.key?(:'read_only') + self.read_only = attributes[:'read_only'] end - if attributes.has_key?(:'required') + if attributes.key?(:'required') self.required = attributes[:'required'] end - if attributes.has_key?(:'tooltip') + if attributes.key?(:'sensitive') + self.sensitive = attributes[:'sensitive'] + end + + if attributes.key?(:'tooltip') self.tooltip = attributes[:'tooltip'] end + if attributes.key?(:'validators') + self.validators = attributes[:'validators'] + end end # Show invalid properties with the reasons. Usually used together with valid? @@ -135,32 +181,32 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") + invalid_properties.push('invalid value for "id", id cannot be nil.') end if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") + invalid_properties.push('invalid value for "name", name cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - display_type_validator = EnumAttributeValidator.new('String', ["checkbox", "date", "email", "number", "select", "text", "textarea"]) + display_type_validator = EnumAttributeValidator.new('Object', ['checkbox', 'date', 'email', 'file', 'number', 'select', 'text', 'textarea', 'singlelistbox', 'doublelistbox', 'table', 'segmentedbutton', 'radio', 'copywell', 'timeinput', 'datepickerrange', 'multilist']) return false unless display_type_validator.valid?(@display_type) return false if @id.nil? return false if @name.nil? - return true + true end # Custom attribute writer method checking allowed values (enum). # @param [Object] display_type Object to be assigned def display_type=(display_type) - validator = EnumAttributeValidator.new('String', ["checkbox", "date", "email", "number", "select", "text", "textarea"]) + validator = EnumAttributeValidator.new('Object', ['checkbox', 'date', 'email', 'file', 'number', 'select', 'text', 'textarea', 'singlelistbox', 'doublelistbox', 'table', 'segmentedbutton', 'radio', 'copywell', 'timeinput', 'datepickerrange', 'multilist']) unless validator.valid?(display_type) - fail ArgumentError, "invalid value for 'display_type', must be one of #{validator.allowable_values}." + fail ArgumentError, "invalid value for \"display_type\", must be one of #{validator.allowable_values}." end @display_type = display_type end @@ -170,6 +216,8 @@ def display_type=(display_type) def ==(o) return true if self.equal?(o) self.class == o.class && + default_value == o.default_value && + display_options == o.display_options && display_type == o.display_type && id == o.id && label == o.label && @@ -177,7 +225,9 @@ def ==(o) position == o.position && read_only == o.read_only && required == o.required && - tooltip == o.tooltip + sensitive == o.sensitive && + tooltip == o.tooltip && + validators == o.validators end # @see the `==` method @@ -187,9 +237,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [display_type, id, label, name, position, read_only, required, tooltip].hash + [default_value, display_options, display_type, id, label, name, position, read_only, required, sensitive, tooltip, validators].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -197,16 +254,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -228,7 +287,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -249,8 +308,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -272,7 +330,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -284,7 +346,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -294,8 +356,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/policy_template_config_field_tooltip.rb b/jcapiv2/lib/jcapiv2/models/policy_template_config_field_tooltip.rb index 4691ec3..559faee 100644 --- a/jcapiv2/lib/jcapiv2/models/policy_template_config_field_tooltip.rb +++ b/jcapiv2/lib/jcapiv2/models/policy_template_config_field_tooltip.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class PolicyTemplateConfigFieldTooltip attr_accessor :template attr_accessor :variables - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'template' => :'String', - :'variables' => :'PolicyTemplateConfigFieldTooltipVariables' + :'template' => :'Object', + :'variables' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyTemplateConfigFieldTooltip` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyTemplateConfigFieldTooltip`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'template') + if attributes.key?(:'template') self.template = attributes[:'template'] end - if attributes.has_key?(:'variables') + if attributes.key?(:'variables') self.variables = attributes[:'variables'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [template, variables].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/policy_template_config_field_tooltip_variables.rb b/jcapiv2/lib/jcapiv2/models/policy_template_config_field_tooltip_variables.rb index b37c68d..e5814a7 100644 --- a/jcapiv2/lib/jcapiv2/models/policy_template_config_field_tooltip_variables.rb +++ b/jcapiv2/lib/jcapiv2/models/policy_template_config_field_tooltip_variables.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class PolicyTemplateConfigFieldTooltipVariables attr_accessor :icon attr_accessor :message - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'icon' => :'String', - :'message' => :'String' + :'icon' => :'Object', + :'message' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyTemplateConfigFieldTooltipVariables` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyTemplateConfigFieldTooltipVariables`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'icon') + if attributes.key?(:'icon') self.icon = attributes[:'icon'] end - if attributes.has_key?(:'message') + if attributes.key?(:'message') self.message = attributes[:'message'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [icon, message].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/policy_template_with_details.rb b/jcapiv2/lib/jcapiv2/models/policy_template_with_details.rb index 52ec632..43cb69c 100644 --- a/jcapiv2/lib/jcapiv2/models/policy_template_with_details.rb +++ b/jcapiv2/lib/jcapiv2/models/policy_template_with_details.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' @@ -38,6 +37,8 @@ class PolicyTemplateWithDetails attr_accessor :os_meta_family + attr_accessor :os_restrictions + class EnumAttributeValidator attr_reader :datatype attr_reader :allowable_values @@ -70,89 +71,109 @@ def self.attribute_map :'display_name' => :'displayName', :'id' => :'id', :'name' => :'name', - :'os_meta_family' => :'osMetaFamily' + :'os_meta_family' => :'osMetaFamily', + :'os_restrictions' => :'osRestrictions' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'activation' => :'String', - :'behavior' => :'String', - :'config_fields' => :'Array', - :'description' => :'String', - :'display_name' => :'String', - :'id' => :'String', - :'name' => :'String', - :'os_meta_family' => :'String' + :'activation' => :'Object', + :'behavior' => :'Object', + :'config_fields' => :'Object', + :'description' => :'Object', + :'display_name' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'os_meta_family' => :'Object', + :'os_restrictions' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyTemplateWithDetails` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyTemplateWithDetails`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'activation') + if attributes.key?(:'activation') self.activation = attributes[:'activation'] end - if attributes.has_key?(:'behavior') + if attributes.key?(:'behavior') self.behavior = attributes[:'behavior'] end - if attributes.has_key?(:'configFields') - if (value = attributes[:'configFields']).is_a?(Array) + if attributes.key?(:'config_fields') + if (value = attributes[:'config_fields']).is_a?(Array) self.config_fields = value end end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'displayName') - self.display_name = attributes[:'displayName'] + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'osMetaFamily') - self.os_meta_family = attributes[:'osMetaFamily'] + if attributes.key?(:'os_meta_family') + self.os_meta_family = attributes[:'os_meta_family'] end + if attributes.key?(:'os_restrictions') + if (value = attributes[:'os_restrictions']).is_a?(Array) + self.os_restrictions = value + end + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - os_meta_family_validator = EnumAttributeValidator.new('String', ["linux", "darwin", "windows"]) + os_meta_family_validator = EnumAttributeValidator.new('Object', ['linux', 'darwin', 'windows', 'ios', 'universal', 'android']) return false unless os_meta_family_validator.valid?(@os_meta_family) - return true + true end # Custom attribute writer method checking allowed values (enum). # @param [Object] os_meta_family Object to be assigned def os_meta_family=(os_meta_family) - validator = EnumAttributeValidator.new('String', ["linux", "darwin", "windows"]) + validator = EnumAttributeValidator.new('Object', ['linux', 'darwin', 'windows', 'ios', 'universal', 'android']) unless validator.valid?(os_meta_family) - fail ArgumentError, "invalid value for 'os_meta_family', must be one of #{validator.allowable_values}." + fail ArgumentError, "invalid value for \"os_meta_family\", must be one of #{validator.allowable_values}." end @os_meta_family = os_meta_family end @@ -169,7 +190,8 @@ def ==(o) display_name == o.display_name && id == o.id && name == o.name && - os_meta_family == o.os_meta_family + os_meta_family == o.os_meta_family && + os_restrictions == o.os_restrictions end # @see the `==` method @@ -179,9 +201,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [activation, behavior, config_fields, description, display_name, id, name, os_meta_family].hash + [activation, behavior, config_fields, description, display_name, id, name, os_meta_family, os_restrictions].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -189,16 +218,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -220,7 +251,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -241,8 +272,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -264,7 +294,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -276,7 +310,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -286,8 +320,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/policy_value.rb b/jcapiv2/lib/jcapiv2/models/policy_value.rb index 3f5f2d4..80233c2 100644 --- a/jcapiv2/lib/jcapiv2/models/policy_value.rb +++ b/jcapiv2/lib/jcapiv2/models/policy_value.rb @@ -1,63 +1,90 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class PolicyValue # The ObjectId of the corresponding Policy Template configuration field. attr_accessor :config_field_id + # Defines if the value is sensitive or not. + attr_accessor :sensitive + + # The value for the configuration field for this Policy instance. + attr_accessor :value # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { - :'config_field_id' => :'configFieldID' + :'config_field_id' => :'configFieldID', + :'sensitive' => :'sensitive', + :'value' => :'value' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'config_field_id' => :'String' + :'config_field_id' => :'Object', + :'sensitive' => :'Object', + :'value' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyValue` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyValue`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'configFieldID') - self.config_field_id = attributes[:'configFieldID'] + if attributes.key?(:'config_field_id') + self.config_field_id = attributes[:'config_field_id'] end + if attributes.key?(:'sensitive') + self.sensitive = attributes[:'sensitive'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -65,7 +92,9 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && - config_field_id == o.config_field_id + config_field_id == o.config_field_id && + sensitive == o.sensitive && + value == o.value end # @see the `==` method @@ -75,9 +104,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [config_field_id].hash + [config_field_id, sensitive, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -85,16 +121,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -116,7 +154,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -137,8 +175,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -160,7 +197,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -172,7 +213,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -182,8 +223,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/policy_with_details.rb b/jcapiv2/lib/jcapiv2/models/policy_with_details.rb index ccf1748..593e903 100644 --- a/jcapiv2/lib/jcapiv2/models/policy_with_details.rb +++ b/jcapiv2/lib/jcapiv2/models/policy_with_details.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' @@ -23,78 +22,98 @@ class PolicyWithDetails # The description for this specific Policy. attr_accessor :name + # The notes for this specific Policy. + attr_accessor :notes + attr_accessor :template attr_accessor :values - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'config_fields' => :'configFields', :'id' => :'id', :'name' => :'name', + :'notes' => :'notes', :'template' => :'template', :'values' => :'values' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'config_fields' => :'Array', - :'id' => :'String', - :'name' => :'String', - :'template' => :'PolicyTemplate', - :'values' => :'Array' + :'config_fields' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'notes' => :'Object', + :'template' => :'Object', + :'values' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PolicyWithDetails` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PolicyWithDetails`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'configFields') - if (value = attributes[:'configFields']).is_a?(Array) + if attributes.key?(:'config_fields') + if (value = attributes[:'config_fields']).is_a?(Array) self.config_fields = value end end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'template') + if attributes.key?(:'notes') + self.notes = attributes[:'notes'] + end + + if attributes.key?(:'template') self.template = attributes[:'template'] end - if attributes.has_key?(:'values') + if attributes.key?(:'values') if (value = attributes[:'values']).is_a?(Array) self.values = value end end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -105,6 +124,7 @@ def ==(o) config_fields == o.config_fields && id == o.id && name == o.name && + notes == o.notes && template == o.template && values == o.values end @@ -116,9 +136,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [config_fields, id, name, template, values].hash + [config_fields, id, name, notes, template, values].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -126,16 +153,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -157,7 +186,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -178,8 +207,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -201,7 +229,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -213,7 +245,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -223,8 +255,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/provider.rb b/jcapiv2/lib/jcapiv2/models/provider.rb index 7d14a0d..6ac11b3 100644 --- a/jcapiv2/lib/jcapiv2/models/provider.rb +++ b/jcapiv2/lib/jcapiv2/models/provider.rb @@ -1,70 +1,79 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class Provider - attr_accessor :contact - - attr_accessor :name + attr_accessor :disallow_org_creation + attr_accessor :id # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { - :'contact' => :'contact', - :'name' => :'name' + :'disallow_org_creation' => :'disallowOrgCreation', + :'id' => :'id' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'contact' => :'ProviderContact', - :'name' => :'String' + :'disallow_org_creation' => :'Object', + :'id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Provider` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Provider`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'contact') - self.contact = attributes[:'contact'] + if attributes.key?(:'disallow_org_creation') + self.disallow_org_creation = attributes[:'disallow_org_creation'] end - if attributes.has_key?(:'name') - self.name = attributes[:'name'] + if attributes.key?(:'id') + self.id = attributes[:'id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -72,8 +81,8 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && - contact == o.contact && - name == o.name + disallow_org_creation == o.disallow_org_creation && + id == o.id end # @see the `==` method @@ -83,9 +92,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [contact, name].hash + [disallow_org_creation, id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -93,16 +109,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/provider_admin_req.rb b/jcapiv2/lib/jcapiv2/models/provider_admin_req.rb index 9c0b570..68957ad 100644 --- a/jcapiv2/lib/jcapiv2/models/provider_admin_req.rb +++ b/jcapiv2/lib/jcapiv2/models/provider_admin_req.rb @@ -1,20 +1,20 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class ProviderAdminReq + attr_accessor :bind_no_orgs + attr_accessor :email attr_accessor :enable_multi_factor @@ -23,51 +23,86 @@ class ProviderAdminReq attr_accessor :lastname + attr_accessor :role + + attr_accessor :role_name # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'bind_no_orgs' => :'bindNoOrgs', :'email' => :'email', :'enable_multi_factor' => :'enableMultiFactor', :'firstname' => :'firstname', - :'lastname' => :'lastname' + :'lastname' => :'lastname', + :'role' => :'role', + :'role_name' => :'roleName' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'email' => :'String', - :'enable_multi_factor' => :'BOOLEAN', - :'firstname' => :'String', - :'lastname' => :'String' + :'bind_no_orgs' => :'Object', + :'email' => :'Object', + :'enable_multi_factor' => :'Object', + :'firstname' => :'Object', + :'lastname' => :'Object', + :'role' => :'Object', + :'role_name' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ProviderAdminReq` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ProviderAdminReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'bind_no_orgs') + self.bind_no_orgs = attributes[:'bind_no_orgs'] + else + self.bind_no_orgs = false + end - if attributes.has_key?(:'email') + if attributes.key?(:'email') self.email = attributes[:'email'] end - if attributes.has_key?(:'enableMultiFactor') - self.enable_multi_factor = attributes[:'enableMultiFactor'] + if attributes.key?(:'enable_multi_factor') + self.enable_multi_factor = attributes[:'enable_multi_factor'] end - if attributes.has_key?(:'firstname') + if attributes.key?(:'firstname') self.firstname = attributes[:'firstname'] end - if attributes.has_key?(:'lastname') + if attributes.key?(:'lastname') self.lastname = attributes[:'lastname'] end + if attributes.key?(:'role') + self.role = attributes[:'role'] + end + + if attributes.key?(:'role_name') + self.role_name = attributes[:'role_name'] + end end # Show invalid properties with the reasons. Usually used together with valid? @@ -75,17 +110,17 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @email.nil? - invalid_properties.push("invalid value for 'email', email cannot be nil.") + invalid_properties.push('invalid value for "email", email cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? return false if @email.nil? - return true + true end # Checks equality by comparing each attribute. @@ -93,10 +128,13 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && + bind_no_orgs == o.bind_no_orgs && email == o.email && enable_multi_factor == o.enable_multi_factor && firstname == o.firstname && - lastname == o.lastname + lastname == o.lastname && + role == o.role && + role_name == o.role_name end # @see the `==` method @@ -106,9 +144,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [email, enable_multi_factor, firstname, lastname].hash + [bind_no_orgs, email, enable_multi_factor, firstname, lastname, role, role_name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -116,16 +161,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -147,7 +194,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -168,8 +215,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -191,7 +237,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -203,7 +253,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -213,8 +263,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/provider_contact.rb b/jcapiv2/lib/jcapiv2/models/provider_contact.rb deleted file mode 100644 index ce45e33..0000000 --- a/jcapiv2/lib/jcapiv2/models/provider_contact.rb +++ /dev/null @@ -1,197 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class ProviderContact - attr_accessor :email - - attr_accessor :name - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'email' => :'email', - :'name' => :'name' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'email' => :'String', - :'name' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'email') - self.email = attributes[:'email'] - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - email == o.email && - name == o.name - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [email, name].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/provider_invoice.rb b/jcapiv2/lib/jcapiv2/models/provider_invoice.rb new file mode 100644 index 0000000..9fa85a1 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/provider_invoice.rb @@ -0,0 +1,261 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Details of a an invoice + class ProviderInvoice + attr_accessor :amount_billed + + attr_accessor :amount_paid + + attr_accessor :amount_remaining + + attr_accessor :currency + + attr_accessor :due_date + + attr_accessor :id + + attr_accessor :status + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'amount_billed' => :'amountBilled', + :'amount_paid' => :'amountPaid', + :'amount_remaining' => :'amountRemaining', + :'currency' => :'currency', + :'due_date' => :'dueDate', + :'id' => :'id', + :'status' => :'status' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'amount_billed' => :'Object', + :'amount_paid' => :'Object', + :'amount_remaining' => :'Object', + :'currency' => :'Object', + :'due_date' => :'Object', + :'id' => :'Object', + :'status' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ProviderInvoice` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ProviderInvoice`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'amount_billed') + self.amount_billed = attributes[:'amount_billed'] + end + + if attributes.key?(:'amount_paid') + self.amount_paid = attributes[:'amount_paid'] + end + + if attributes.key?(:'amount_remaining') + self.amount_remaining = attributes[:'amount_remaining'] + end + + if attributes.key?(:'currency') + self.currency = attributes[:'currency'] + end + + if attributes.key?(:'due_date') + self.due_date = attributes[:'due_date'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + amount_billed == o.amount_billed && + amount_paid == o.amount_paid && + amount_remaining == o.amount_remaining && + currency == o.currency && + due_date == o.due_date && + id == o.id && + status == o.status + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [amount_billed, amount_paid, amount_remaining, currency, due_date, id, status].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/provider_invoice_response.rb b/jcapiv2/lib/jcapiv2/models/provider_invoice_response.rb new file mode 100644 index 0000000..e43c581 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/provider_invoice_response.rb @@ -0,0 +1,218 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Response for retrieve provider invoices + class ProviderInvoiceResponse + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ProviderInvoiceResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ProviderInvoiceResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/push_endpoint_response.rb b/jcapiv2/lib/jcapiv2/models/push_endpoint_response.rb new file mode 100644 index 0000000..3d4aef7 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/push_endpoint_response.rb @@ -0,0 +1,252 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # A push endpoint response from the auth service. + class PushEndpointResponse + attr_accessor :device + + attr_accessor :enrollment_date + + attr_accessor :id + + attr_accessor :last_used_date + + attr_accessor :name + + attr_accessor :state + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'device' => :'device', + :'enrollment_date' => :'enrollmentDate', + :'id' => :'id', + :'last_used_date' => :'lastUsedDate', + :'name' => :'name', + :'state' => :'state' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'device' => :'Object', + :'enrollment_date' => :'Object', + :'id' => :'Object', + :'last_used_date' => :'Object', + :'name' => :'Object', + :'state' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PushEndpointResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PushEndpointResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'device') + self.device = attributes[:'device'] + end + + if attributes.key?(:'enrollment_date') + self.enrollment_date = attributes[:'enrollment_date'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'last_used_date') + self.last_used_date = attributes[:'last_used_date'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + device == o.device && + enrollment_date == o.enrollment_date && + id == o.id && + last_used_date == o.last_used_date && + name == o.name && + state == o.state + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [device, enrollment_date, id, last_used_date, name, state].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/push_endpoint_response_device.rb b/jcapiv2/lib/jcapiv2/models/push_endpoint_response_device.rb new file mode 100644 index 0000000..211fef6 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/push_endpoint_response_device.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PushEndpointResponseDevice + attr_accessor :app_version + + attr_accessor :make + + attr_accessor :model + + attr_accessor :os + + attr_accessor :os_version + + attr_accessor :uv_enabled + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'app_version' => :'appVersion', + :'make' => :'make', + :'model' => :'model', + :'os' => :'os', + :'os_version' => :'osVersion', + :'uv_enabled' => :'uvEnabled' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'app_version' => :'Object', + :'make' => :'Object', + :'model' => :'Object', + :'os' => :'Object', + :'os_version' => :'Object', + :'uv_enabled' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PushEndpointResponseDevice` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PushEndpointResponseDevice`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'app_version') + self.app_version = attributes[:'app_version'] + end + + if attributes.key?(:'make') + self.make = attributes[:'make'] + end + + if attributes.key?(:'model') + self.model = attributes[:'model'] + end + + if attributes.key?(:'os') + self.os = attributes[:'os'] + end + + if attributes.key?(:'os_version') + self.os_version = attributes[:'os_version'] + end + + if attributes.key?(:'uv_enabled') + self.uv_enabled = attributes[:'uv_enabled'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + app_version == o.app_version && + make == o.make && + model == o.model && + os == o.os && + os_version == o.os_version && + uv_enabled == o.uv_enabled + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [app_version, make, model, os, os_version, uv_enabled].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pushendpoints_push_endpoint_id_body.rb b/jcapiv2/lib/jcapiv2/models/pushendpoints_push_endpoint_id_body.rb new file mode 100644 index 0000000..0cb8e0d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pushendpoints_push_endpoint_id_body.rb @@ -0,0 +1,249 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PushendpointsPushEndpointIdBody + attr_accessor :name + + attr_accessor :state + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'state' => :'state' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'state' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PushendpointsPushEndpointIdBody` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PushendpointsPushEndpointIdBody`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + state_validator = EnumAttributeValidator.new('Object', ['active', 'inactive']) + return false unless state_validator.valid?(@state) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] state Object to be assigned + def state=(state) + validator = EnumAttributeValidator.new('Object', ['active', 'inactive']) + unless validator.valid?(state) + fail ArgumentError, "invalid value for \"state\", must be one of #{validator.allowable_values}." + end + @state = state + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + state == o.state + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, state].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_all_users.rb b/jcapiv2/lib/jcapiv2/models/pwm_all_users.rb new file mode 100644 index 0000000..6e5cfea --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_all_users.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmAllUsers + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmAllUsers` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmAllUsers`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @results.nil? + invalid_properties.push('invalid value for "results", results cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @results.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_cloud_backup_restores.rb b/jcapiv2/lib/jcapiv2/models/pwm_cloud_backup_restores.rb new file mode 100644 index 0000000..de9ec0e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_cloud_backup_restores.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmCloudBackupRestores + attr_accessor :approved + + attr_accessor :requested + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'approved' => :'approved', + :'requested' => :'requested' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'approved' => :'Object', + :'requested' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmCloudBackupRestores` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmCloudBackupRestores`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'approved') + self.approved = attributes[:'approved'] + end + + if attributes.key?(:'requested') + self.requested = attributes[:'requested'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + approved == o.approved && + requested == o.requested + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [approved, requested].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_item_history.rb b/jcapiv2/lib/jcapiv2/models/pwm_item_history.rb new file mode 100644 index 0000000..9fba0e4 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_item_history.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmItemHistory + attr_accessor :created_by + + attr_accessor :date_created + + attr_accessor :date_updated + + attr_accessor :updated_by + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'created_by' => :'createdBy', + :'date_created' => :'dateCreated', + :'date_updated' => :'dateUpdated', + :'updated_by' => :'updatedBy' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'created_by' => :'Object', + :'date_created' => :'Object', + :'date_updated' => :'Object', + :'updated_by' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmItemHistory` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmItemHistory`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'created_by') + self.created_by = attributes[:'created_by'] + end + + if attributes.key?(:'date_created') + self.date_created = attributes[:'date_created'] + end + + if attributes.key?(:'date_updated') + self.date_updated = attributes[:'date_updated'] + end + + if attributes.key?(:'updated_by') + self.updated_by = attributes[:'updated_by'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + created_by == o.created_by && + date_created == o.date_created && + date_updated == o.date_updated && + updated_by == o.updated_by + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [created_by, date_created, date_updated, updated_by].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_items_count_by_type.rb b/jcapiv2/lib/jcapiv2/models/pwm_items_count_by_type.rb new file mode 100644 index 0000000..d53b85c --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_items_count_by_type.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmItemsCountByType + attr_accessor :count + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'count' => :'count', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'count' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmItemsCountByType` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmItemsCountByType`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'count') + self.count = attributes[:'count'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + count == o.count && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [count, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_items_metadata.rb b/jcapiv2/lib/jcapiv2/models/pwm_items_metadata.rb new file mode 100644 index 0000000..c213a59 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_items_metadata.rb @@ -0,0 +1,238 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmItemsMetadata + attr_accessor :items + + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'items' => :'items', + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'items' => :'Object', + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmItemsMetadata` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmItemsMetadata`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'items') + if (value = attributes[:'items']).is_a?(Array) + self.items = value + end + end + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @results.nil? + invalid_properties.push('invalid value for "results", results cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @results.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + items == o.items && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [items, results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_overview_app_versions.rb b/jcapiv2/lib/jcapiv2/models/pwm_overview_app_versions.rb new file mode 100644 index 0000000..0c03c67 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_overview_app_versions.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmOverviewAppVersions + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmOverviewAppVersions` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmOverviewAppVersions`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @results.nil? + invalid_properties.push('invalid value for "results", results cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @results.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_overview_app_versions_results.rb b/jcapiv2/lib/jcapiv2/models/pwm_overview_app_versions_results.rb new file mode 100644 index 0000000..ebd9552 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_overview_app_versions_results.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmOverviewAppVersionsResults + attr_accessor :users_count + + attr_accessor :version + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'users_count' => :'usersCount', + :'version' => :'version' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'users_count' => :'Object', + :'version' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmOverviewAppVersionsResults` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmOverviewAppVersionsResults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'users_count') + self.users_count = attributes[:'users_count'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + users_count == o.users_count && + version == o.version + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [users_count, version].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_overview_main.rb b/jcapiv2/lib/jcapiv2/models/pwm_overview_main.rb new file mode 100644 index 0000000..e7ab8bc --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_overview_main.rb @@ -0,0 +1,309 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmOverviewMain + attr_accessor :compromised_passwords + + attr_accessor :devices + + attr_accessor :enrolled_groups + + attr_accessor :old_passwords + + attr_accessor :passwords_count + + attr_accessor :passwords_score + + attr_accessor :pending_invites + + attr_accessor :shared_folders + + attr_accessor :total_users + + attr_accessor :weak_passwords + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'compromised_passwords' => :'compromisedPasswords', + :'devices' => :'devices', + :'enrolled_groups' => :'enrolledGroups', + :'old_passwords' => :'oldPasswords', + :'passwords_count' => :'passwordsCount', + :'passwords_score' => :'passwordsScore', + :'pending_invites' => :'pendingInvites', + :'shared_folders' => :'sharedFolders', + :'total_users' => :'totalUsers', + :'weak_passwords' => :'weakPasswords' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'compromised_passwords' => :'Object', + :'devices' => :'Object', + :'enrolled_groups' => :'Object', + :'old_passwords' => :'Object', + :'passwords_count' => :'Object', + :'passwords_score' => :'Object', + :'pending_invites' => :'Object', + :'shared_folders' => :'Object', + :'total_users' => :'Object', + :'weak_passwords' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmOverviewMain` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmOverviewMain`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'compromised_passwords') + self.compromised_passwords = attributes[:'compromised_passwords'] + end + + if attributes.key?(:'devices') + if (value = attributes[:'devices']).is_a?(Array) + self.devices = value + end + end + + if attributes.key?(:'enrolled_groups') + self.enrolled_groups = attributes[:'enrolled_groups'] + end + + if attributes.key?(:'old_passwords') + self.old_passwords = attributes[:'old_passwords'] + end + + if attributes.key?(:'passwords_count') + self.passwords_count = attributes[:'passwords_count'] + end + + if attributes.key?(:'passwords_score') + self.passwords_score = attributes[:'passwords_score'] + end + + if attributes.key?(:'pending_invites') + self.pending_invites = attributes[:'pending_invites'] + end + + if attributes.key?(:'shared_folders') + self.shared_folders = attributes[:'shared_folders'] + end + + if attributes.key?(:'total_users') + self.total_users = attributes[:'total_users'] + end + + if attributes.key?(:'weak_passwords') + self.weak_passwords = attributes[:'weak_passwords'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @devices.nil? + invalid_properties.push('invalid value for "devices", devices cannot be nil.') + end + + if @pending_invites.nil? + invalid_properties.push('invalid value for "pending_invites", pending_invites cannot be nil.') + end + + if @shared_folders.nil? + invalid_properties.push('invalid value for "shared_folders", shared_folders cannot be nil.') + end + + if @total_users.nil? + invalid_properties.push('invalid value for "total_users", total_users cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @devices.nil? + return false if @pending_invites.nil? + return false if @shared_folders.nil? + return false if @total_users.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + compromised_passwords == o.compromised_passwords && + devices == o.devices && + enrolled_groups == o.enrolled_groups && + old_passwords == o.old_passwords && + passwords_count == o.passwords_count && + passwords_score == o.passwords_score && + pending_invites == o.pending_invites && + shared_folders == o.shared_folders && + total_users == o.total_users && + weak_passwords == o.weak_passwords + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [compromised_passwords, devices, enrolled_groups, old_passwords, passwords_count, passwords_score, pending_invites, shared_folders, total_users, weak_passwords].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_overview_main_devices.rb b/jcapiv2/lib/jcapiv2/models/pwm_overview_main_devices.rb new file mode 100644 index 0000000..67caa7f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_overview_main_devices.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmOverviewMainDevices + attr_accessor :count + + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'count' => :'count', + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'count' => :'Object', + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmOverviewMainDevices` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmOverviewMainDevices`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'count') + self.count = attributes[:'count'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + count == o.count && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [count, id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_user.rb b/jcapiv2/lib/jcapiv2/models/pwm_user.rb new file mode 100644 index 0000000..0d6288c --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_user.rb @@ -0,0 +1,343 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmUser + attr_accessor :apps + + attr_accessor :cloud_backup_restores + + attr_accessor :email + + attr_accessor :employee_uuid + + attr_accessor :external_id + + attr_accessor :groups + + attr_accessor :id + + attr_accessor :items_count + + attr_accessor :name + + attr_accessor :passwords_count + + attr_accessor :passwords_score + + attr_accessor :score_updated_at + + attr_accessor :status + + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'apps' => :'apps', + :'cloud_backup_restores' => :'cloudBackupRestores', + :'email' => :'email', + :'employee_uuid' => :'employeeUuid', + :'external_id' => :'externalId', + :'groups' => :'groups', + :'id' => :'id', + :'items_count' => :'itemsCount', + :'name' => :'name', + :'passwords_count' => :'passwordsCount', + :'passwords_score' => :'passwordsScore', + :'score_updated_at' => :'scoreUpdatedAt', + :'status' => :'status', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'apps' => :'Object', + :'cloud_backup_restores' => :'Object', + :'email' => :'Object', + :'employee_uuid' => :'Object', + :'external_id' => :'Object', + :'groups' => :'Object', + :'id' => :'Object', + :'items_count' => :'Object', + :'name' => :'Object', + :'passwords_count' => :'Object', + :'passwords_score' => :'Object', + :'score_updated_at' => :'Object', + :'status' => :'Object', + :'username' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmUser` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmUser`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'apps') + self.apps = attributes[:'apps'] + end + + if attributes.key?(:'cloud_backup_restores') + self.cloud_backup_restores = attributes[:'cloud_backup_restores'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'employee_uuid') + self.employee_uuid = attributes[:'employee_uuid'] + end + + if attributes.key?(:'external_id') + self.external_id = attributes[:'external_id'] + end + + if attributes.key?(:'groups') + self.groups = attributes[:'groups'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'items_count') + self.items_count = attributes[:'items_count'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'passwords_count') + self.passwords_count = attributes[:'passwords_count'] + end + + if attributes.key?(:'passwords_score') + self.passwords_score = attributes[:'passwords_score'] + end + + if attributes.key?(:'score_updated_at') + self.score_updated_at = attributes[:'score_updated_at'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @email.nil? + invalid_properties.push('invalid value for "email", email cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @status.nil? + invalid_properties.push('invalid value for "status", status cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @email.nil? + return false if @id.nil? + return false if @name.nil? + return false if @status.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + apps == o.apps && + cloud_backup_restores == o.cloud_backup_restores && + email == o.email && + employee_uuid == o.employee_uuid && + external_id == o.external_id && + groups == o.groups && + id == o.id && + items_count == o.items_count && + name == o.name && + passwords_count == o.passwords_count && + passwords_score == o.passwords_score && + score_updated_at == o.score_updated_at && + status == o.status && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [apps, cloud_backup_restores, email, employee_uuid, external_id, groups, id, items_count, name, passwords_count, passwords_score, score_updated_at, status, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_user_by_id.rb b/jcapiv2/lib/jcapiv2/models/pwm_user_by_id.rb new file mode 100644 index 0000000..ee96a23 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_user_by_id.rb @@ -0,0 +1,383 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmUserById + attr_accessor :compromised_passwords + + attr_accessor :old_passwords + + attr_accessor :reused_passwords + + attr_accessor :weak_passwords + + attr_accessor :apps + + attr_accessor :cloud_backup_restores + + attr_accessor :email + + attr_accessor :employee_uuid + + attr_accessor :external_id + + attr_accessor :groups + + attr_accessor :id + + attr_accessor :items_count + + attr_accessor :name + + attr_accessor :passwords_count + + attr_accessor :passwords_score + + attr_accessor :score_updated_at + + attr_accessor :status + + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'compromised_passwords' => :'compromisedPasswords', + :'old_passwords' => :'oldPasswords', + :'reused_passwords' => :'reusedPasswords', + :'weak_passwords' => :'weakPasswords', + :'apps' => :'apps', + :'cloud_backup_restores' => :'cloudBackupRestores', + :'email' => :'email', + :'employee_uuid' => :'employeeUuid', + :'external_id' => :'externalId', + :'groups' => :'groups', + :'id' => :'id', + :'items_count' => :'itemsCount', + :'name' => :'name', + :'passwords_count' => :'passwordsCount', + :'passwords_score' => :'passwordsScore', + :'score_updated_at' => :'scoreUpdatedAt', + :'status' => :'status', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'compromised_passwords' => :'', + :'old_passwords' => :'', + :'reused_passwords' => :'', + :'weak_passwords' => :'', + :'apps' => :'', + :'cloud_backup_restores' => :'', + :'email' => :'', + :'employee_uuid' => :'', + :'external_id' => :'', + :'groups' => :'', + :'id' => :'', + :'items_count' => :'', + :'name' => :'', + :'passwords_count' => :'', + :'passwords_score' => :'', + :'score_updated_at' => :'', + :'status' => :'', + :'username' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmUserById` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmUserById`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'compromised_passwords') + self.compromised_passwords = attributes[:'compromised_passwords'] + end + + if attributes.key?(:'old_passwords') + self.old_passwords = attributes[:'old_passwords'] + end + + if attributes.key?(:'reused_passwords') + self.reused_passwords = attributes[:'reused_passwords'] + end + + if attributes.key?(:'weak_passwords') + self.weak_passwords = attributes[:'weak_passwords'] + end + + if attributes.key?(:'apps') + self.apps = attributes[:'apps'] + end + + if attributes.key?(:'cloud_backup_restores') + self.cloud_backup_restores = attributes[:'cloud_backup_restores'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'employee_uuid') + self.employee_uuid = attributes[:'employee_uuid'] + end + + if attributes.key?(:'external_id') + self.external_id = attributes[:'external_id'] + end + + if attributes.key?(:'groups') + self.groups = attributes[:'groups'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'items_count') + self.items_count = attributes[:'items_count'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'passwords_count') + self.passwords_count = attributes[:'passwords_count'] + end + + if attributes.key?(:'passwords_score') + self.passwords_score = attributes[:'passwords_score'] + end + + if attributes.key?(:'score_updated_at') + self.score_updated_at = attributes[:'score_updated_at'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @email.nil? + invalid_properties.push('invalid value for "email", email cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @status.nil? + invalid_properties.push('invalid value for "status", status cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @email.nil? + return false if @id.nil? + return false if @name.nil? + return false if @status.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + compromised_passwords == o.compromised_passwords && + old_passwords == o.old_passwords && + reused_passwords == o.reused_passwords && + weak_passwords == o.weak_passwords && + apps == o.apps && + cloud_backup_restores == o.cloud_backup_restores && + email == o.email && + employee_uuid == o.employee_uuid && + external_id == o.external_id && + groups == o.groups && + id == o.id && + items_count == o.items_count && + name == o.name && + passwords_count == o.passwords_count && + passwords_score == o.passwords_score && + score_updated_at == o.score_updated_at && + status == o.status && + username == o.username && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [compromised_passwords, old_passwords, reused_passwords, weak_passwords, apps, cloud_backup_restores, email, employee_uuid, external_id, groups, id, items_count, name, passwords_count, passwords_score, score_updated_at, status, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_user_item.rb b/jcapiv2/lib/jcapiv2/models/pwm_user_item.rb new file mode 100644 index 0000000..3749ec8 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_user_item.rb @@ -0,0 +1,299 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmUserItem + attr_accessor :field1 + + attr_accessor :field2 + + attr_accessor :folder_name + + attr_accessor :folder_uuid + + attr_accessor :id + + attr_accessor :item_uuid + + attr_accessor :nickname + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'field1' => :'field1', + :'field2' => :'field2', + :'folder_name' => :'folderName', + :'folder_uuid' => :'folderUuid', + :'id' => :'id', + :'item_uuid' => :'itemUuid', + :'nickname' => :'nickname', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'field1' => :'Object', + :'field2' => :'Object', + :'folder_name' => :'Object', + :'folder_uuid' => :'Object', + :'id' => :'Object', + :'item_uuid' => :'Object', + :'nickname' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmUserItem` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmUserItem`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'field1') + self.field1 = attributes[:'field1'] + end + + if attributes.key?(:'field2') + self.field2 = attributes[:'field2'] + end + + if attributes.key?(:'folder_name') + self.folder_name = attributes[:'folder_name'] + end + + if attributes.key?(:'folder_uuid') + self.folder_uuid = attributes[:'folder_uuid'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'item_uuid') + self.item_uuid = attributes[:'item_uuid'] + end + + if attributes.key?(:'nickname') + self.nickname = attributes[:'nickname'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @field1.nil? + invalid_properties.push('invalid value for "field1", field1 cannot be nil.') + end + + if @field2.nil? + invalid_properties.push('invalid value for "field2", field2 cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @item_uuid.nil? + invalid_properties.push('invalid value for "item_uuid", item_uuid cannot be nil.') + end + + if @nickname.nil? + invalid_properties.push('invalid value for "nickname", nickname cannot be nil.') + end + + if @type.nil? + invalid_properties.push('invalid value for "type", type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @field1.nil? + return false if @field2.nil? + return false if @id.nil? + return false if @item_uuid.nil? + return false if @nickname.nil? + return false if @type.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + field1 == o.field1 && + field2 == o.field2 && + folder_name == o.folder_name && + folder_uuid == o.folder_uuid && + id == o.id && + item_uuid == o.item_uuid && + nickname == o.nickname && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [field1, field2, folder_name, folder_uuid, id, item_uuid, nickname, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_user_items.rb b/jcapiv2/lib/jcapiv2/models/pwm_user_items.rb new file mode 100644 index 0000000..41f7ac2 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_user_items.rb @@ -0,0 +1,238 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmUserItems + attr_accessor :items + + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'items' => :'items', + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'items' => :'Object', + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmUserItems` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmUserItems`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'items') + if (value = attributes[:'items']).is_a?(Array) + self.items = value + end + end + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @results.nil? + invalid_properties.push('invalid value for "results", results cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @results.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + items == o.items && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [items, results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_user_shared_folders.rb b/jcapiv2/lib/jcapiv2/models/pwm_user_shared_folders.rb new file mode 100644 index 0000000..24e2439 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_user_shared_folders.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmUserSharedFolders + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmUserSharedFolders` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmUserSharedFolders`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @results.nil? + invalid_properties.push('invalid value for "results", results cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @results.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/pwm_user_shared_folders_results.rb b/jcapiv2/lib/jcapiv2/models/pwm_user_shared_folders_results.rb new file mode 100644 index 0000000..755a742 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/pwm_user_shared_folders_results.rb @@ -0,0 +1,303 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class PwmUserSharedFoldersResults + attr_accessor :access_level_id + + attr_accessor :access_level_name + + attr_accessor :created_at + + attr_accessor :id + + attr_accessor :items_in_folder + + attr_accessor :name + + attr_accessor :passwords_score + + attr_accessor :score_updated_at + + attr_accessor :users_with_access + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'access_level_id' => :'accessLevelId', + :'access_level_name' => :'accessLevelName', + :'created_at' => :'createdAt', + :'id' => :'id', + :'items_in_folder' => :'itemsInFolder', + :'name' => :'name', + :'passwords_score' => :'passwordsScore', + :'score_updated_at' => :'scoreUpdatedAt', + :'users_with_access' => :'usersWithAccess' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'access_level_id' => :'Object', + :'access_level_name' => :'Object', + :'created_at' => :'Object', + :'id' => :'Object', + :'items_in_folder' => :'Object', + :'name' => :'Object', + :'passwords_score' => :'Object', + :'score_updated_at' => :'Object', + :'users_with_access' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::PwmUserSharedFoldersResults` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::PwmUserSharedFoldersResults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'access_level_id') + self.access_level_id = attributes[:'access_level_id'] + end + + if attributes.key?(:'access_level_name') + self.access_level_name = attributes[:'access_level_name'] + end + + if attributes.key?(:'created_at') + self.created_at = attributes[:'created_at'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'items_in_folder') + self.items_in_folder = attributes[:'items_in_folder'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'passwords_score') + self.passwords_score = attributes[:'passwords_score'] + end + + if attributes.key?(:'score_updated_at') + self.score_updated_at = attributes[:'score_updated_at'] + end + + if attributes.key?(:'users_with_access') + self.users_with_access = attributes[:'users_with_access'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @created_at.nil? + invalid_properties.push('invalid value for "created_at", created_at cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @items_in_folder.nil? + invalid_properties.push('invalid value for "items_in_folder", items_in_folder cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @users_with_access.nil? + invalid_properties.push('invalid value for "users_with_access", users_with_access cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @created_at.nil? + return false if @id.nil? + return false if @items_in_folder.nil? + return false if @name.nil? + return false if @users_with_access.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + access_level_id == o.access_level_id && + access_level_name == o.access_level_name && + created_at == o.created_at && + id == o.id && + items_in_folder == o.items_in_folder && + name == o.name && + passwords_score == o.passwords_score && + score_updated_at == o.score_updated_at && + users_with_access == o.users_with_access + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [access_level_id, access_level_name, created_at, id, items_in_folder, name, passwords_score, score_updated_at, users_with_access].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/query.rb b/jcapiv2/lib/jcapiv2/models/query.rb new file mode 100644 index 0000000..7125aed --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/query.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Basic query. + class Query + attr_accessor :query_type + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'query_type' => :'queryType' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'query_type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # discriminator's property name in OpenAPI v3 + def self.openapi_discriminator_name + :'query_type' + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Query` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Query`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'query_type') + self.query_type = attributes[:'query_type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @query_type.nil? + invalid_properties.push('invalid value for "query_type", query_type cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @query_type.nil? + query_type_validator = EnumAttributeValidator.new('Object', ['FilterQuery']) + return false unless query_type_validator.valid?(@query_type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] query_type Object to be assigned + def query_type=(query_type) + validator = EnumAttributeValidator.new('Object', ['FilterQuery']) + unless validator.valid?(query_type) + fail ArgumentError, "invalid value for \"query_type\", must be one of #{validator.allowable_values}." + end + @query_type = query_type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + query_type == o.query_type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [query_type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/queued_command_list.rb b/jcapiv2/lib/jcapiv2/models/queued_command_list.rb new file mode 100644 index 0000000..f14a4eb --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/queued_command_list.rb @@ -0,0 +1,219 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # List of queued commands + class QueuedCommandList + attr_accessor :results + + # The total number of queued command results. + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::QueuedCommandList` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::QueuedCommandList`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/queued_command_list_results.rb b/jcapiv2/lib/jcapiv2/models/queued_command_list_results.rb new file mode 100644 index 0000000..298e172 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/queued_command_list_results.rb @@ -0,0 +1,237 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class QueuedCommandListResults + # The ID of the command, from savedAgentCommands. + attr_accessor :command + + # The workflowInstanceId. + attr_accessor :id + + # The number of devices that still haven't received the directive. + attr_accessor :pending_count + + # The ID of the device the command is bound to. + attr_accessor :system + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'command' => :'command', + :'id' => :'id', + :'pending_count' => :'pendingCount', + :'system' => :'system' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'command' => :'Object', + :'id' => :'Object', + :'pending_count' => :'Object', + :'system' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::QueuedCommandListResults` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::QueuedCommandListResults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'command') + self.command = attributes[:'command'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'pending_count') + self.pending_count = attributes[:'pending_count'] + end + + if attributes.key?(:'system') + self.system = attributes[:'system'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + command == o.command && + id == o.id && + pending_count == o.pending_count && + system == o.system + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [command, id, pending_count, system].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/salesforce_knowledge_list_output.rb b/jcapiv2/lib/jcapiv2/models/salesforce_knowledge_list_output.rb deleted file mode 100644 index 06ac896..0000000 --- a/jcapiv2/lib/jcapiv2/models/salesforce_knowledge_list_output.rb +++ /dev/null @@ -1,179 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SalesforceKnowledgeListOutput - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - } - end - - # Attribute type mapping. - def self.swagger_types - { - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/salesforceknowledgelistoutput_inner.rb b/jcapiv2/lib/jcapiv2/models/salesforceknowledgelistoutput_inner.rb deleted file mode 100644 index 8120777..0000000 --- a/jcapiv2/lib/jcapiv2/models/salesforceknowledgelistoutput_inner.rb +++ /dev/null @@ -1,188 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SalesforceknowledgelistoutputInner - attr_accessor :id - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'id' => :'id' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'id' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - id == o.id - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [id].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/samba_domain.rb b/jcapiv2/lib/jcapiv2/models/samba_domain.rb new file mode 100644 index 0000000..1625e80 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/samba_domain.rb @@ -0,0 +1,237 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SambaDomain + # Unique identifier of this domain + attr_accessor :id + + # Name of this domain's WorkGroup + attr_accessor :name + + # Security identifier of this domain + attr_accessor :sid + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name', + :'sid' => :'sid' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object', + :'sid' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SambaDomain` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SambaDomain`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'sid') + self.sid = attributes[:'sid'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @sid.nil? + invalid_properties.push('invalid value for "sid", sid cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @name.nil? + return false if @sid.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name && + sid == o.sid + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name, sid].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/samba_domain_input.rb b/jcapiv2/lib/jcapiv2/models/samba_domain_input.rb deleted file mode 100644 index fe7ed6a..0000000 --- a/jcapiv2/lib/jcapiv2/models/samba_domain_input.rb +++ /dev/null @@ -1,209 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SambaDomainInput - # Name of this domain's WorkGroup - attr_accessor :name - - # Security identifier of this domain - attr_accessor :sid - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'name' => :'name', - :'sid' => :'sid' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'name' => :'String', - :'sid' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'sid') - self.sid = attributes[:'sid'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") - end - - if @sid.nil? - invalid_properties.push("invalid value for 'sid', sid cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @name.nil? - return false if @sid.nil? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - name == o.name && - sid == o.sid - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [name, sid].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/samba_domain_output.rb b/jcapiv2/lib/jcapiv2/models/samba_domain_output.rb deleted file mode 100644 index 069ab9d..0000000 --- a/jcapiv2/lib/jcapiv2/models/samba_domain_output.rb +++ /dev/null @@ -1,224 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SambaDomainOutput - # Name of this domain's WorkGroup - attr_accessor :name - - # Security identifier of this domain - attr_accessor :sid - - # Unique identifier of this domain - attr_accessor :id - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'name' => :'name', - :'sid' => :'sid', - :'id' => :'id' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'name' => :'String', - :'sid' => :'String', - :'id' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'sid') - self.sid = attributes[:'sid'] - end - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") - end - - if @sid.nil? - invalid_properties.push("invalid value for 'sid', sid cannot be nil.") - end - - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @name.nil? - return false if @sid.nil? - return false if @id.nil? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - name == o.name && - sid == o.sid && - id == o.id - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [name, sid, id].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/schedule_os_update.rb b/jcapiv2/lib/jcapiv2/models/schedule_os_update.rb new file mode 100644 index 0000000..34740d5 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/schedule_os_update.rb @@ -0,0 +1,234 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ScheduleOSUpdate + attr_accessor :install_action + + attr_accessor :max_user_deferrals + + attr_accessor :product_key + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'install_action' => :'install_action', + :'max_user_deferrals' => :'max_user_deferrals', + :'product_key' => :'product_key' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'install_action' => :'Object', + :'max_user_deferrals' => :'Object', + :'product_key' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ScheduleOSUpdate` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ScheduleOSUpdate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'install_action') + self.install_action = attributes[:'install_action'] + end + + if attributes.key?(:'max_user_deferrals') + self.max_user_deferrals = attributes[:'max_user_deferrals'] + end + + if attributes.key?(:'product_key') + self.product_key = attributes[:'product_key'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @install_action.nil? + invalid_properties.push('invalid value for "install_action", install_action cannot be nil.') + end + + if @product_key.nil? + invalid_properties.push('invalid value for "product_key", product_key cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @install_action.nil? + return false if @product_key.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + install_action == o.install_action && + max_user_deferrals == o.max_user_deferrals && + product_key == o.product_key + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [install_action, max_user_deferrals, product_key].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/scheduled_userstate_result.rb b/jcapiv2/lib/jcapiv2/models/scheduled_userstate_result.rb new file mode 100644 index 0000000..c8b40df --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/scheduled_userstate_result.rb @@ -0,0 +1,237 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class ScheduledUserstateResult + # The UTC date and time when the scheduled job will execute. + attr_accessor :scheduled_date + + # The id of the scheduled job that scheduled the state change. + attr_accessor :scheduled_job_id + + # The state that the user will be in once the scheduled job executes. + attr_accessor :state + + # The id of the user that the scheduled job will update. + attr_accessor :system_user_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'scheduled_date' => :'scheduledDate', + :'scheduled_job_id' => :'scheduledJobId', + :'state' => :'state', + :'system_user_id' => :'systemUserId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'scheduled_date' => :'Object', + :'scheduled_job_id' => :'Object', + :'state' => :'Object', + :'system_user_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::ScheduledUserstateResult` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::ScheduledUserstateResult`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'scheduled_date') + self.scheduled_date = attributes[:'scheduled_date'] + end + + if attributes.key?(:'scheduled_job_id') + self.scheduled_job_id = attributes[:'scheduled_job_id'] + end + + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'system_user_id') + self.system_user_id = attributes[:'system_user_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + scheduled_date == o.scheduled_date && + scheduled_job_id == o.scheduled_job_id && + state == o.state && + system_user_id == o.system_user_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [scheduled_date, scheduled_job_id, state, system_user_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/setup_assistant_option.rb b/jcapiv2/lib/jcapiv2/models/setup_assistant_option.rb new file mode 100644 index 0000000..142d49f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/setup_assistant_option.rb @@ -0,0 +1,57 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SetupAssistantOption + ACCESSIBILITY = 'accessibility'.freeze + APPEARANCE = 'appearance'.freeze + APPLE_ID = 'appleID'.freeze + BIOMETRIC = 'biometric'.freeze + DIAGNOSTICS = 'diagnostics'.freeze + DISPLAY_TONE = 'displayTone'.freeze + FILE_VAULT = 'fileVault'.freeze + ICLOUD_DIAGNOSTICS = 'icloudDiagnostics'.freeze + ICLOUD_STORAGE = 'icloudStorage'.freeze + LOCATION = 'location'.freeze + PAYMENT = 'payment'.freeze + PRIVACY = 'privacy'.freeze + RESTORE = 'restore'.freeze + SCREEN_TIME = 'screenTime'.freeze + SIRI = 'siri'.freeze + TOS = 'tos'.freeze + APP_STORE = 'appStore'.freeze + DISPLAY_ZOOM = 'displayZoom'.freeze + DEVICE_TO_DEVICE_MIGRATION = 'deviceToDeviceMigration'.freeze + HOME_BUTTON = 'homeButton'.freeze + IMESSAGE_AND_FACETIME = 'imessageAndFacetime'.freeze + MESSAGING_ACTIVATION_USING_PHONE_NUMBER = 'messagingActivationUsingPhoneNumber'.freeze + MOVE_FROM_ANDROID = 'moveFromAndroid'.freeze + PASSCODE = 'passcode'.freeze + RESTORE_COMPLETE = 'restoreComplete'.freeze + SETUP_CELLULAR = 'setupCellular'.freeze + SOFTWARE_UPDATE = 'softwareUpdate'.freeze + UNLOCK_WITH_WATCH = 'unlockWithWatch'.freeze + UPDATE_COMPLETE = 'updateComplete'.freeze + WATCH_MIGRATION = 'watchMigration'.freeze + WELCOME = 'welcome'.freeze + + # Builds the enum from string + # @param [String] The enum value in the form of the string + # @return [String] The enum value + def build_from_hash(value) + constantValues = SetupAssistantOption.constants.select { |c| SetupAssistantOption::const_get(c) == value } + raise "Invalid ENUM value #{value} for class #SetupAssistantOption" if constantValues.empty? + value + end + end +end diff --git a/jcapiv2/lib/jcapiv2/models/shared_folder.rb b/jcapiv2/lib/jcapiv2/models/shared_folder.rb new file mode 100644 index 0000000..4f8b08e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/shared_folder.rb @@ -0,0 +1,294 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SharedFolder + attr_accessor :created_at + + attr_accessor :items_in_folder + + attr_accessor :name + + attr_accessor :passwords_count + + attr_accessor :passwords_score + + attr_accessor :score_updated_at + + attr_accessor :users_with_access + + attr_accessor :uuid + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'created_at' => :'createdAt', + :'items_in_folder' => :'itemsInFolder', + :'name' => :'name', + :'passwords_count' => :'passwordsCount', + :'passwords_score' => :'passwordsScore', + :'score_updated_at' => :'scoreUpdatedAt', + :'users_with_access' => :'usersWithAccess', + :'uuid' => :'uuid' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'created_at' => :'Object', + :'items_in_folder' => :'Object', + :'name' => :'Object', + :'passwords_count' => :'Object', + :'passwords_score' => :'Object', + :'score_updated_at' => :'Object', + :'users_with_access' => :'Object', + :'uuid' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SharedFolder` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SharedFolder`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'created_at') + self.created_at = attributes[:'created_at'] + end + + if attributes.key?(:'items_in_folder') + self.items_in_folder = attributes[:'items_in_folder'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'passwords_count') + self.passwords_count = attributes[:'passwords_count'] + end + + if attributes.key?(:'passwords_score') + self.passwords_score = attributes[:'passwords_score'] + end + + if attributes.key?(:'score_updated_at') + self.score_updated_at = attributes[:'score_updated_at'] + end + + if attributes.key?(:'users_with_access') + self.users_with_access = attributes[:'users_with_access'] + end + + if attributes.key?(:'uuid') + self.uuid = attributes[:'uuid'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @created_at.nil? + invalid_properties.push('invalid value for "created_at", created_at cannot be nil.') + end + + if @items_in_folder.nil? + invalid_properties.push('invalid value for "items_in_folder", items_in_folder cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @users_with_access.nil? + invalid_properties.push('invalid value for "users_with_access", users_with_access cannot be nil.') + end + + if @uuid.nil? + invalid_properties.push('invalid value for "uuid", uuid cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @created_at.nil? + return false if @items_in_folder.nil? + return false if @name.nil? + return false if @users_with_access.nil? + return false if @uuid.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + created_at == o.created_at && + items_in_folder == o.items_in_folder && + name == o.name && + passwords_count == o.passwords_count && + passwords_score == o.passwords_score && + score_updated_at == o.score_updated_at && + users_with_access == o.users_with_access && + uuid == o.uuid + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [created_at, items_in_folder, name, passwords_count, passwords_score, score_updated_at, users_with_access, uuid].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/shared_folder_access_levels.rb b/jcapiv2/lib/jcapiv2/models/shared_folder_access_levels.rb new file mode 100644 index 0000000..5b1893f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/shared_folder_access_levels.rb @@ -0,0 +1,213 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SharedFolderAccessLevels + attr_accessor :results + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SharedFolderAccessLevels` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SharedFolderAccessLevels`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @results.nil? + invalid_properties.push('invalid value for "results", results cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @results.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/shared_folder_access_levels_results.rb b/jcapiv2/lib/jcapiv2/models/shared_folder_access_levels_results.rb new file mode 100644 index 0000000..1d5c0c2 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/shared_folder_access_levels_results.rb @@ -0,0 +1,234 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SharedFolderAccessLevelsResults + attr_accessor :description + + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'description' => :'description', + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'description' => :'Object', + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SharedFolderAccessLevelsResults` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SharedFolderAccessLevelsResults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + description == o.description && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [description, id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/shared_folder_details.rb b/jcapiv2/lib/jcapiv2/models/shared_folder_details.rb new file mode 100644 index 0000000..a4dfc1b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/shared_folder_details.rb @@ -0,0 +1,334 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SharedFolderDetails + attr_accessor :compromised_passwords + + attr_accessor :old_passwords + + attr_accessor :reused_passwords + + attr_accessor :weak_passwords + + attr_accessor :created_at + + attr_accessor :items_in_folder + + attr_accessor :name + + attr_accessor :passwords_count + + attr_accessor :passwords_score + + attr_accessor :score_updated_at + + attr_accessor :users_with_access + + attr_accessor :uuid + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'compromised_passwords' => :'compromisedPasswords', + :'old_passwords' => :'oldPasswords', + :'reused_passwords' => :'reusedPasswords', + :'weak_passwords' => :'weakPasswords', + :'created_at' => :'createdAt', + :'items_in_folder' => :'itemsInFolder', + :'name' => :'name', + :'passwords_count' => :'passwordsCount', + :'passwords_score' => :'passwordsScore', + :'score_updated_at' => :'scoreUpdatedAt', + :'users_with_access' => :'usersWithAccess', + :'uuid' => :'uuid' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'compromised_passwords' => :'', + :'old_passwords' => :'', + :'reused_passwords' => :'', + :'weak_passwords' => :'', + :'created_at' => :'', + :'items_in_folder' => :'', + :'name' => :'', + :'passwords_count' => :'', + :'passwords_score' => :'', + :'score_updated_at' => :'', + :'users_with_access' => :'', + :'uuid' => :'' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SharedFolderDetails` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SharedFolderDetails`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + # call parent's initialize + super(attributes) + + if attributes.key?(:'compromised_passwords') + self.compromised_passwords = attributes[:'compromised_passwords'] + end + + if attributes.key?(:'old_passwords') + self.old_passwords = attributes[:'old_passwords'] + end + + if attributes.key?(:'reused_passwords') + self.reused_passwords = attributes[:'reused_passwords'] + end + + if attributes.key?(:'weak_passwords') + self.weak_passwords = attributes[:'weak_passwords'] + end + + if attributes.key?(:'created_at') + self.created_at = attributes[:'created_at'] + end + + if attributes.key?(:'items_in_folder') + self.items_in_folder = attributes[:'items_in_folder'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'passwords_count') + self.passwords_count = attributes[:'passwords_count'] + end + + if attributes.key?(:'passwords_score') + self.passwords_score = attributes[:'passwords_score'] + end + + if attributes.key?(:'score_updated_at') + self.score_updated_at = attributes[:'score_updated_at'] + end + + if attributes.key?(:'users_with_access') + self.users_with_access = attributes[:'users_with_access'] + end + + if attributes.key?(:'uuid') + self.uuid = attributes[:'uuid'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = super + if @created_at.nil? + invalid_properties.push('invalid value for "created_at", created_at cannot be nil.') + end + + if @items_in_folder.nil? + invalid_properties.push('invalid value for "items_in_folder", items_in_folder cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @users_with_access.nil? + invalid_properties.push('invalid value for "users_with_access", users_with_access cannot be nil.') + end + + if @uuid.nil? + invalid_properties.push('invalid value for "uuid", uuid cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @created_at.nil? + return false if @items_in_folder.nil? + return false if @name.nil? + return false if @users_with_access.nil? + return false if @uuid.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + compromised_passwords == o.compromised_passwords && + old_passwords == o.old_passwords && + reused_passwords == o.reused_passwords && + weak_passwords == o.weak_passwords && + created_at == o.created_at && + items_in_folder == o.items_in_folder && + name == o.name && + passwords_count == o.passwords_count && + passwords_score == o.passwords_score && + score_updated_at == o.score_updated_at && + users_with_access == o.users_with_access && + uuid == o.uuid && super(o) + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [compromised_passwords, old_passwords, reused_passwords, weak_passwords, created_at, items_in_folder, name, passwords_count, passwords_score, score_updated_at, users_with_access, uuid].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + super(attributes) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = super + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/shared_folder_groups.rb b/jcapiv2/lib/jcapiv2/models/shared_folder_groups.rb new file mode 100644 index 0000000..cfb601d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/shared_folder_groups.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SharedFolderGroups + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SharedFolderGroups` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SharedFolderGroups`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @results.nil? + invalid_properties.push('invalid value for "results", results cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @results.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/shared_folder_users.rb b/jcapiv2/lib/jcapiv2/models/shared_folder_users.rb new file mode 100644 index 0000000..8731a72 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/shared_folder_users.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SharedFolderUsers + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SharedFolderUsers` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SharedFolderUsers`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @results.nil? + invalid_properties.push('invalid value for "results", results cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @results.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/shared_folder_users_results.rb b/jcapiv2/lib/jcapiv2/models/shared_folder_users_results.rb new file mode 100644 index 0000000..78464a2 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/shared_folder_users_results.rb @@ -0,0 +1,317 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SharedFolderUsersResults + attr_accessor :access_level_id + + attr_accessor :access_level_name + + attr_accessor :apps + + attr_accessor :email + + attr_accessor :employee_uuid + + attr_accessor :external_id + + attr_accessor :id + + attr_accessor :name + + attr_accessor :status + + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'access_level_id' => :'accessLevelId', + :'access_level_name' => :'accessLevelName', + :'apps' => :'apps', + :'email' => :'email', + :'employee_uuid' => :'employeeUuid', + :'external_id' => :'externalId', + :'id' => :'id', + :'name' => :'name', + :'status' => :'status', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'access_level_id' => :'Object', + :'access_level_name' => :'Object', + :'apps' => :'Object', + :'email' => :'Object', + :'employee_uuid' => :'Object', + :'external_id' => :'Object', + :'id' => :'Object', + :'name' => :'Object', + :'status' => :'Object', + :'username' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SharedFolderUsersResults` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SharedFolderUsersResults`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'access_level_id') + self.access_level_id = attributes[:'access_level_id'] + end + + if attributes.key?(:'access_level_name') + self.access_level_name = attributes[:'access_level_name'] + end + + if attributes.key?(:'apps') + self.apps = attributes[:'apps'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'employee_uuid') + self.employee_uuid = attributes[:'employee_uuid'] + end + + if attributes.key?(:'external_id') + self.external_id = attributes[:'external_id'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @access_level_id.nil? + invalid_properties.push('invalid value for "access_level_id", access_level_id cannot be nil.') + end + + if @access_level_name.nil? + invalid_properties.push('invalid value for "access_level_name", access_level_name cannot be nil.') + end + + if @email.nil? + invalid_properties.push('invalid value for "email", email cannot be nil.') + end + + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + if @status.nil? + invalid_properties.push('invalid value for "status", status cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @access_level_id.nil? + return false if @access_level_name.nil? + return false if @email.nil? + return false if @id.nil? + return false if @name.nil? + return false if @status.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + access_level_id == o.access_level_id && + access_level_name == o.access_level_name && + apps == o.apps && + email == o.email && + employee_uuid == o.employee_uuid && + external_id == o.external_id && + id == o.id && + name == o.name && + status == o.status && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [access_level_id, access_level_name, apps, email, employee_uuid, external_id, id, name, status, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/shared_folders_list.rb b/jcapiv2/lib/jcapiv2/models/shared_folders_list.rb new file mode 100644 index 0000000..5721b09 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/shared_folders_list.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SharedFoldersList + attr_accessor :results + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'results' => :'results', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'results' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SharedFoldersList` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SharedFoldersList`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'results') + if (value = attributes[:'results']).is_a?(Array) + self.results = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @results.nil? + invalid_properties.push('invalid value for "results", results cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @results.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + results == o.results && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [results, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/software_app.rb b/jcapiv2/lib/jcapiv2/models/software_app.rb new file mode 100644 index 0000000..596fc59 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/software_app.rb @@ -0,0 +1,226 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SoftwareApp + attr_accessor :display_name + + attr_accessor :id + + attr_accessor :settings + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'display_name' => :'displayName', + :'id' => :'id', + :'settings' => :'settings' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'display_name' => :'Object', + :'id' => :'Object', + :'settings' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SoftwareApp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SoftwareApp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'settings') + if (value = attributes[:'settings']).is_a?(Array) + self.settings = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + display_name == o.display_name && + id == o.id && + settings == o.settings + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [display_name, id, settings].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/software_app_apple_vpp.rb b/jcapiv2/lib/jcapiv2/models/software_app_apple_vpp.rb new file mode 100644 index 0000000..76f44ec --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/software_app_apple_vpp.rb @@ -0,0 +1,289 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # appleVpp is an optional attribute, it will only be present on apps with a 'setting' 'package_manager' type of 'APPLE_VPP'. + class SoftwareAppAppleVpp + # Text sent to configure the application, the text should be a valid plist. Returned only by 'GET /softwareapps/{id}'. + attr_accessor :app_configuration + + attr_accessor :assigned_licenses + + attr_accessor :available_licenses + + # App details returned by iTunes API. See example. The properties in this field are out of our control and we cannot guarantee consistency, so it should be checked by the client and manage the details accordingly. + attr_accessor :details + + # Denotes if configuration has been enabled for the application. Returned only by ''GET /softwareapps/{id}''. + attr_accessor :is_config_enabled + + # The supported device families for this VPP Application. + attr_accessor :supported_device_families + + attr_accessor :total_licenses + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'app_configuration' => :'appConfiguration', + :'assigned_licenses' => :'assignedLicenses', + :'available_licenses' => :'availableLicenses', + :'details' => :'details', + :'is_config_enabled' => :'isConfigEnabled', + :'supported_device_families' => :'supportedDeviceFamilies', + :'total_licenses' => :'totalLicenses' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'app_configuration' => :'Object', + :'assigned_licenses' => :'Object', + :'available_licenses' => :'Object', + :'details' => :'Object', + :'is_config_enabled' => :'Object', + :'supported_device_families' => :'Object', + :'total_licenses' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SoftwareAppAppleVpp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SoftwareAppAppleVpp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'app_configuration') + self.app_configuration = attributes[:'app_configuration'] + end + + if attributes.key?(:'assigned_licenses') + self.assigned_licenses = attributes[:'assigned_licenses'] + end + + if attributes.key?(:'available_licenses') + self.available_licenses = attributes[:'available_licenses'] + end + + if attributes.key?(:'details') + self.details = attributes[:'details'] + end + + if attributes.key?(:'is_config_enabled') + self.is_config_enabled = attributes[:'is_config_enabled'] + end + + if attributes.key?(:'supported_device_families') + if (value = attributes[:'supported_device_families']).is_a?(Array) + self.supported_device_families = value + end + end + + if attributes.key?(:'total_licenses') + self.total_licenses = attributes[:'total_licenses'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + app_configuration == o.app_configuration && + assigned_licenses == o.assigned_licenses && + available_licenses == o.available_licenses && + details == o.details && + is_config_enabled == o.is_config_enabled && + supported_device_families == o.supported_device_families && + total_licenses == o.total_licenses + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [app_configuration, assigned_licenses, available_licenses, details, is_config_enabled, supported_device_families, total_licenses].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/software_app_create.rb b/jcapiv2/lib/jcapiv2/models/software_app_create.rb new file mode 100644 index 0000000..f237294 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/software_app_create.rb @@ -0,0 +1,235 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SoftwareAppCreate + attr_accessor :display_name + + attr_accessor :id + + attr_accessor :settings + + attr_accessor :upload_url + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'display_name' => :'displayName', + :'id' => :'id', + :'settings' => :'settings', + :'upload_url' => :'uploadUrl' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'display_name' => :'Object', + :'id' => :'Object', + :'settings' => :'Object', + :'upload_url' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SoftwareAppCreate` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SoftwareAppCreate`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'settings') + if (value = attributes[:'settings']).is_a?(Array) + self.settings = value + end + end + + if attributes.key?(:'upload_url') + self.upload_url = attributes[:'upload_url'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + display_name == o.display_name && + id == o.id && + settings == o.settings && + upload_url == o.upload_url + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [display_name, id, settings, upload_url].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/software_app_google_android.rb b/jcapiv2/lib/jcapiv2/models/software_app_google_android.rb new file mode 100644 index 0000000..284b23e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/software_app_google_android.rb @@ -0,0 +1,479 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # googleAndroid is an optional attribute, it will only be present on apps with a 'setting' 'package_manager' type of 'GOOGLE_ANDROID'. + class SoftwareAppGoogleAndroid + # Whether this app is free, free with in-app purchases, or paid. + attr_accessor :app_pricing + + # Latest version currently available for this app. + attr_accessor :app_version + + # The name of the author of this app. + attr_accessor :author + + # Controls the auto-update mode for the app. + attr_accessor :auto_update_mode + + # The app category (e.g. COMMUNICATION, SOCIAL, etc.). + attr_accessor :category + + # The content rating for this app. + attr_accessor :content_rating + + # The display mode of the web app. + attr_accessor :display_mode + + # How and to whom the package is made available. + attr_accessor :distribution_channel + + # Full app description, if available. + attr_accessor :full_description + + # A link to an image that can be used as an icon for the app. + attr_accessor :icon_url + + # The type of installation to perform for an app. + attr_accessor :install_type + + # The managed configurations template for the app. + attr_accessor :managed_configuration_template_id + + # Indicates whether this app has managed properties or not. + attr_accessor :managed_properties + + # The minimum Android SDK necessary to run the app. + attr_accessor :min_sdk_version + + # The name of the app in the form enterprises/{enterprise}/applications/{packageName}. + attr_accessor :name + + attr_accessor :permission_grants + + # The policy for granting permission requests to apps. + attr_accessor :runtime_permission + + # The start URL, i.e. the URL that should load when the user opens the application. Applicable only for webapps. + attr_accessor :start_url + + # Type of this android application. + attr_accessor :type + + # The approximate time (within 7 days) the app was last published. + attr_accessor :update_time + + # The current version of the web app. + attr_accessor :version_code + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'app_pricing' => :'appPricing', + :'app_version' => :'appVersion', + :'author' => :'author', + :'auto_update_mode' => :'autoUpdateMode', + :'category' => :'category', + :'content_rating' => :'contentRating', + :'display_mode' => :'displayMode', + :'distribution_channel' => :'distributionChannel', + :'full_description' => :'fullDescription', + :'icon_url' => :'iconUrl', + :'install_type' => :'installType', + :'managed_configuration_template_id' => :'managedConfigurationTemplateId', + :'managed_properties' => :'managedProperties', + :'min_sdk_version' => :'minSdkVersion', + :'name' => :'name', + :'permission_grants' => :'permissionGrants', + :'runtime_permission' => :'runtimePermission', + :'start_url' => :'startUrl', + :'type' => :'type', + :'update_time' => :'updateTime', + :'version_code' => :'versionCode' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'app_pricing' => :'Object', + :'app_version' => :'Object', + :'author' => :'Object', + :'auto_update_mode' => :'Object', + :'category' => :'Object', + :'content_rating' => :'Object', + :'display_mode' => :'Object', + :'distribution_channel' => :'Object', + :'full_description' => :'Object', + :'icon_url' => :'Object', + :'install_type' => :'Object', + :'managed_configuration_template_id' => :'Object', + :'managed_properties' => :'Object', + :'min_sdk_version' => :'Object', + :'name' => :'Object', + :'permission_grants' => :'Object', + :'runtime_permission' => :'Object', + :'start_url' => :'Object', + :'type' => :'Object', + :'update_time' => :'Object', + :'version_code' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SoftwareAppGoogleAndroid` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SoftwareAppGoogleAndroid`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'app_pricing') + self.app_pricing = attributes[:'app_pricing'] + end + + if attributes.key?(:'app_version') + self.app_version = attributes[:'app_version'] + end + + if attributes.key?(:'author') + self.author = attributes[:'author'] + end + + if attributes.key?(:'auto_update_mode') + self.auto_update_mode = attributes[:'auto_update_mode'] + end + + if attributes.key?(:'category') + self.category = attributes[:'category'] + end + + if attributes.key?(:'content_rating') + self.content_rating = attributes[:'content_rating'] + end + + if attributes.key?(:'display_mode') + self.display_mode = attributes[:'display_mode'] + end + + if attributes.key?(:'distribution_channel') + self.distribution_channel = attributes[:'distribution_channel'] + end + + if attributes.key?(:'full_description') + self.full_description = attributes[:'full_description'] + end + + if attributes.key?(:'icon_url') + self.icon_url = attributes[:'icon_url'] + end + + if attributes.key?(:'install_type') + self.install_type = attributes[:'install_type'] + end + + if attributes.key?(:'managed_configuration_template_id') + self.managed_configuration_template_id = attributes[:'managed_configuration_template_id'] + end + + if attributes.key?(:'managed_properties') + self.managed_properties = attributes[:'managed_properties'] + end + + if attributes.key?(:'min_sdk_version') + self.min_sdk_version = attributes[:'min_sdk_version'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'permission_grants') + if (value = attributes[:'permission_grants']).is_a?(Array) + self.permission_grants = value + end + end + + if attributes.key?(:'runtime_permission') + self.runtime_permission = attributes[:'runtime_permission'] + end + + if attributes.key?(:'start_url') + self.start_url = attributes[:'start_url'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + + if attributes.key?(:'update_time') + self.update_time = attributes[:'update_time'] + end + + if attributes.key?(:'version_code') + self.version_code = attributes[:'version_code'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + auto_update_mode_validator = EnumAttributeValidator.new('Object', ['AUTO_UPDATE_DEFAULT', 'AUTO_UPDATE_POSTPONED', 'AUTO_UPDATE_HIGH_PRIORITY']) + return false unless auto_update_mode_validator.valid?(@auto_update_mode) + install_type_validator = EnumAttributeValidator.new('Object', ['AVAILABLE', 'FORCE_INSTALLED', 'BLOCKED']) + return false unless install_type_validator.valid?(@install_type) + runtime_permission_validator = EnumAttributeValidator.new('Object', ['PROMPT', 'GRANT', 'DENY']) + return false unless runtime_permission_validator.valid?(@runtime_permission) + type_validator = EnumAttributeValidator.new('Object', ['APP_TYPE_UNSPECIFIED', 'PUBLIC', 'PRIVATE', 'WEBAPP']) + return false unless type_validator.valid?(@type) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] auto_update_mode Object to be assigned + def auto_update_mode=(auto_update_mode) + validator = EnumAttributeValidator.new('Object', ['AUTO_UPDATE_DEFAULT', 'AUTO_UPDATE_POSTPONED', 'AUTO_UPDATE_HIGH_PRIORITY']) + unless validator.valid?(auto_update_mode) + fail ArgumentError, "invalid value for \"auto_update_mode\", must be one of #{validator.allowable_values}." + end + @auto_update_mode = auto_update_mode + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] install_type Object to be assigned + def install_type=(install_type) + validator = EnumAttributeValidator.new('Object', ['AVAILABLE', 'FORCE_INSTALLED', 'BLOCKED']) + unless validator.valid?(install_type) + fail ArgumentError, "invalid value for \"install_type\", must be one of #{validator.allowable_values}." + end + @install_type = install_type + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] runtime_permission Object to be assigned + def runtime_permission=(runtime_permission) + validator = EnumAttributeValidator.new('Object', ['PROMPT', 'GRANT', 'DENY']) + unless validator.valid?(runtime_permission) + fail ArgumentError, "invalid value for \"runtime_permission\", must be one of #{validator.allowable_values}." + end + @runtime_permission = runtime_permission + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] type Object to be assigned + def type=(type) + validator = EnumAttributeValidator.new('Object', ['APP_TYPE_UNSPECIFIED', 'PUBLIC', 'PRIVATE', 'WEBAPP']) + unless validator.valid?(type) + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + app_pricing == o.app_pricing && + app_version == o.app_version && + author == o.author && + auto_update_mode == o.auto_update_mode && + category == o.category && + content_rating == o.content_rating && + display_mode == o.display_mode && + distribution_channel == o.distribution_channel && + full_description == o.full_description && + icon_url == o.icon_url && + install_type == o.install_type && + managed_configuration_template_id == o.managed_configuration_template_id && + managed_properties == o.managed_properties && + min_sdk_version == o.min_sdk_version && + name == o.name && + permission_grants == o.permission_grants && + runtime_permission == o.runtime_permission && + start_url == o.start_url && + type == o.type && + update_time == o.update_time && + version_code == o.version_code + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [app_pricing, app_version, author, auto_update_mode, category, content_rating, display_mode, distribution_channel, full_description, icon_url, install_type, managed_configuration_template_id, managed_properties, min_sdk_version, name, permission_grants, runtime_permission, start_url, type, update_time, version_code].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/software_app_permission_grants.rb b/jcapiv2/lib/jcapiv2/models/software_app_permission_grants.rb new file mode 100644 index 0000000..cbc2af7 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/software_app_permission_grants.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SoftwareAppPermissionGrants + # An opaque string uniquely identifying the Android permission, e.g. android.permission.READ_CALENDAR. + attr_accessor :id + + # The policy for granting the permission. + attr_accessor :policy + + class EnumAttributeValidator + attr_reader :datatype + attr_reader :allowable_values + + def initialize(datatype, allowable_values) + @allowable_values = allowable_values.map do |value| + case datatype.to_s + when /Integer/i + value.to_i + when /Float/i + value.to_f + else + value + end + end + end + + def valid?(value) + !value || allowable_values.include?(value) + end + end + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'policy' => :'policy' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'policy' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SoftwareAppPermissionGrants` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SoftwareAppPermissionGrants`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'policy') + self.policy = attributes[:'policy'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + policy_validator = EnumAttributeValidator.new('Object', ['PROMPT', 'GRANT', 'DENY']) + return false unless policy_validator.valid?(@policy) + true + end + + # Custom attribute writer method checking allowed values (enum). + # @param [Object] policy Object to be assigned + def policy=(policy) + validator = EnumAttributeValidator.new('Object', ['PROMPT', 'GRANT', 'DENY']) + unless validator.valid?(policy) + fail ArgumentError, "invalid value for \"policy\", must be one of #{validator.allowable_values}." + end + @policy = policy + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + policy == o.policy + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, policy].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/software_app_reclaim_licenses.rb b/jcapiv2/lib/jcapiv2/models/software_app_reclaim_licenses.rb new file mode 100644 index 0000000..1641930 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/software_app_reclaim_licenses.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SoftwareAppReclaimLicenses + attr_accessor :assigned_licenses + + attr_accessor :available_licenses + + attr_accessor :reclaimed_licenses + + attr_accessor :total_licenses + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'assigned_licenses' => :'assignedLicenses', + :'available_licenses' => :'availableLicenses', + :'reclaimed_licenses' => :'reclaimedLicenses', + :'total_licenses' => :'totalLicenses' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'assigned_licenses' => :'Object', + :'available_licenses' => :'Object', + :'reclaimed_licenses' => :'Object', + :'total_licenses' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SoftwareAppReclaimLicenses` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SoftwareAppReclaimLicenses`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'assigned_licenses') + self.assigned_licenses = attributes[:'assigned_licenses'] + end + + if attributes.key?(:'available_licenses') + self.available_licenses = attributes[:'available_licenses'] + end + + if attributes.key?(:'reclaimed_licenses') + self.reclaimed_licenses = attributes[:'reclaimed_licenses'] + end + + if attributes.key?(:'total_licenses') + self.total_licenses = attributes[:'total_licenses'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + assigned_licenses == o.assigned_licenses && + available_licenses == o.available_licenses && + reclaimed_licenses == o.reclaimed_licenses && + total_licenses == o.total_licenses + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [assigned_licenses, available_licenses, reclaimed_licenses, total_licenses].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/software_app_settings.rb b/jcapiv2/lib/jcapiv2/models/software_app_settings.rb new file mode 100644 index 0000000..d4df3fe --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/software_app_settings.rb @@ -0,0 +1,397 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SoftwareAppSettings + attr_accessor :allow_update_delay + + attr_accessor :apple_vpp + + # The manifest asset kind (ex: software). + attr_accessor :asset_kind + + # The incremental size to use for summing the package as it is downloaded. + attr_accessor :asset_sha256_size + + # The array of checksums, one each for the hash size up to the total size of the package. + attr_accessor :asset_sha256_strings + + attr_accessor :auto_update + + # Command line arguments to use with the application. + attr_accessor :command_line_arguments + + # The software app description. + attr_accessor :description + + # State of Install or Uninstall + attr_accessor :desired_state + + # ID of the Enterprise with which this app is associated + attr_accessor :enterprise_object_id + + attr_accessor :google_android + + # Repository where the app is located within the package manager + attr_accessor :location + + # ID of the repository where the app is located within the package manager + attr_accessor :location_object_id + + attr_accessor :package_id + + # The package manifest kind (ex: software-package). + attr_accessor :package_kind + + # App store serving the app: APPLE_VPP, CHOCOLATEY, etc. + attr_accessor :package_manager + + # The package manifest subtitle. + attr_accessor :package_subtitle + + # The package manifest version. + attr_accessor :package_version + + attr_accessor :stored_package + + # ID of the stored package this app uses to reference the stored install media. + attr_accessor :stored_package_object_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'allow_update_delay' => :'allowUpdateDelay', + :'apple_vpp' => :'appleVpp', + :'asset_kind' => :'assetKind', + :'asset_sha256_size' => :'assetSha256Size', + :'asset_sha256_strings' => :'assetSha256Strings', + :'auto_update' => :'autoUpdate', + :'command_line_arguments' => :'commandLineArguments', + :'description' => :'description', + :'desired_state' => :'desiredState', + :'enterprise_object_id' => :'enterpriseObjectId', + :'google_android' => :'googleAndroid', + :'location' => :'location', + :'location_object_id' => :'locationObjectId', + :'package_id' => :'packageId', + :'package_kind' => :'packageKind', + :'package_manager' => :'packageManager', + :'package_subtitle' => :'packageSubtitle', + :'package_version' => :'packageVersion', + :'stored_package' => :'storedPackage', + :'stored_package_object_id' => :'storedPackageObjectId' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'allow_update_delay' => :'Object', + :'apple_vpp' => :'Object', + :'asset_kind' => :'Object', + :'asset_sha256_size' => :'Object', + :'asset_sha256_strings' => :'Object', + :'auto_update' => :'Object', + :'command_line_arguments' => :'Object', + :'description' => :'Object', + :'desired_state' => :'Object', + :'enterprise_object_id' => :'Object', + :'google_android' => :'Object', + :'location' => :'Object', + :'location_object_id' => :'Object', + :'package_id' => :'Object', + :'package_kind' => :'Object', + :'package_manager' => :'Object', + :'package_subtitle' => :'Object', + :'package_version' => :'Object', + :'stored_package' => :'Object', + :'stored_package_object_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SoftwareAppSettings` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SoftwareAppSettings`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'allow_update_delay') + self.allow_update_delay = attributes[:'allow_update_delay'] + else + self.allow_update_delay = false + end + + if attributes.key?(:'apple_vpp') + self.apple_vpp = attributes[:'apple_vpp'] + end + + if attributes.key?(:'asset_kind') + self.asset_kind = attributes[:'asset_kind'] + end + + if attributes.key?(:'asset_sha256_size') + self.asset_sha256_size = attributes[:'asset_sha256_size'] + end + + if attributes.key?(:'asset_sha256_strings') + if (value = attributes[:'asset_sha256_strings']).is_a?(Array) + self.asset_sha256_strings = value + end + end + + if attributes.key?(:'auto_update') + self.auto_update = attributes[:'auto_update'] + else + self.auto_update = false + end + + if attributes.key?(:'command_line_arguments') + self.command_line_arguments = attributes[:'command_line_arguments'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'desired_state') + self.desired_state = attributes[:'desired_state'] + end + + if attributes.key?(:'enterprise_object_id') + self.enterprise_object_id = attributes[:'enterprise_object_id'] + end + + if attributes.key?(:'google_android') + self.google_android = attributes[:'google_android'] + end + + if attributes.key?(:'location') + self.location = attributes[:'location'] + end + + if attributes.key?(:'location_object_id') + self.location_object_id = attributes[:'location_object_id'] + end + + if attributes.key?(:'package_id') + self.package_id = attributes[:'package_id'] + end + + if attributes.key?(:'package_kind') + self.package_kind = attributes[:'package_kind'] + end + + if attributes.key?(:'package_manager') + self.package_manager = attributes[:'package_manager'] + end + + if attributes.key?(:'package_subtitle') + self.package_subtitle = attributes[:'package_subtitle'] + end + + if attributes.key?(:'package_version') + self.package_version = attributes[:'package_version'] + end + + if attributes.key?(:'stored_package') + self.stored_package = attributes[:'stored_package'] + end + + if attributes.key?(:'stored_package_object_id') + self.stored_package_object_id = attributes[:'stored_package_object_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + allow_update_delay == o.allow_update_delay && + apple_vpp == o.apple_vpp && + asset_kind == o.asset_kind && + asset_sha256_size == o.asset_sha256_size && + asset_sha256_strings == o.asset_sha256_strings && + auto_update == o.auto_update && + command_line_arguments == o.command_line_arguments && + description == o.description && + desired_state == o.desired_state && + enterprise_object_id == o.enterprise_object_id && + google_android == o.google_android && + location == o.location && + location_object_id == o.location_object_id && + package_id == o.package_id && + package_kind == o.package_kind && + package_manager == o.package_manager && + package_subtitle == o.package_subtitle && + package_version == o.package_version && + stored_package == o.stored_package && + stored_package_object_id == o.stored_package_object_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [allow_update_delay, apple_vpp, asset_kind, asset_sha256_size, asset_sha256_strings, auto_update, command_line_arguments, description, desired_state, enterprise_object_id, google_android, location, location_object_id, package_id, package_kind, package_manager, package_subtitle, package_version, stored_package, stored_package_object_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/software_app_status.rb b/jcapiv2/lib/jcapiv2/models/software_app_status.rb new file mode 100644 index 0000000..fbe8d94 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/software_app_status.rb @@ -0,0 +1,269 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SoftwareAppStatus + attr_accessor :code + + attr_accessor :details + + attr_accessor :id + + attr_accessor :software_app_id + + attr_accessor :state + + attr_accessor :system_id + + attr_accessor :timestamp + + attr_accessor :version + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'code' => :'code', + :'details' => :'details', + :'id' => :'id', + :'software_app_id' => :'softwareAppId', + :'state' => :'state', + :'system_id' => :'systemId', + :'timestamp' => :'timestamp', + :'version' => :'version' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'code' => :'Object', + :'details' => :'Object', + :'id' => :'Object', + :'software_app_id' => :'Object', + :'state' => :'Object', + :'system_id' => :'Object', + :'timestamp' => :'Object', + :'version' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SoftwareAppStatus` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SoftwareAppStatus`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'code') + self.code = attributes[:'code'] + end + + if attributes.key?(:'details') + self.details = attributes[:'details'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'software_app_id') + self.software_app_id = attributes[:'software_app_id'] + end + + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'timestamp') + self.timestamp = attributes[:'timestamp'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + code == o.code && + details == o.details && + id == o.id && + software_app_id == o.software_app_id && + state == o.state && + system_id == o.system_id && + timestamp == o.timestamp && + version == o.version + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [code, details, id, software_app_id, state, system_id, timestamp, version].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/software_app_with_status.rb b/jcapiv2/lib/jcapiv2/models/software_app_with_status.rb new file mode 100644 index 0000000..41a7cf8 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/software_app_with_status.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SoftwareAppWithStatus + attr_accessor :app + + attr_accessor :status + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'app' => :'app', + :'status' => :'status' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'app' => :'Object', + :'status' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SoftwareAppWithStatus` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SoftwareAppWithStatus`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'app') + self.app = attributes[:'app'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + app == o.app && + status == o.status + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [app, status].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/software_apps_retry_installation_request.rb b/jcapiv2/lib/jcapiv2/models/software_apps_retry_installation_request.rb new file mode 100644 index 0000000..57fdc51 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/software_apps_retry_installation_request.rb @@ -0,0 +1,209 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SoftwareAppsRetryInstallationRequest + # An array of system IDs to retry the software application installation. + attr_accessor :system_ids + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'system_ids' => :'system_ids' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'system_ids' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SoftwareAppsRetryInstallationRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SoftwareAppsRetryInstallationRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'system_ids') + if (value = attributes[:'system_ids']).is_a?(Array) + self.system_ids = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + system_ids == o.system_ids + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [system_ids].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/sshkeylist.rb b/jcapiv2/lib/jcapiv2/models/sshkeylist.rb deleted file mode 100644 index 53336e3..0000000 --- a/jcapiv2/lib/jcapiv2/models/sshkeylist.rb +++ /dev/null @@ -1,219 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class Sshkeylist - # The ID of the SSH key. - attr_accessor :_id - - # The date the SSH key was created. - attr_accessor :create_date - - # The name of the SSH key. - attr_accessor :name - - # The Public SSH key. - attr_accessor :public_key - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'_id' => :'_id', - :'create_date' => :'create_date', - :'name' => :'name', - :'public_key' => :'public_key' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'_id' => :'String', - :'create_date' => :'String', - :'name' => :'String', - :'public_key' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'_id') - self._id = attributes[:'_id'] - end - - if attributes.has_key?(:'create_date') - self.create_date = attributes[:'create_date'] - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'public_key') - self.public_key = attributes[:'public_key'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - _id == o._id && - create_date == o.create_date && - name == o.name && - public_key == o.public_key - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [_id, create_date, name, public_key].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/subscription.rb b/jcapiv2/lib/jcapiv2/models/subscription.rb new file mode 100644 index 0000000..0158870 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/subscription.rb @@ -0,0 +1,274 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class Subscription + # The annual (discounted) price of this subscription. + attr_accessor :annual_price + + # The display name of this subscription. + attr_accessor :display_name + + # Array of the features included in the subscription. + attr_accessor :features + + # The list price of this subscription. + attr_accessor :list_price + + # Unique identifier corresponding to this subscription. + attr_accessor :product_code + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'annual_price' => :'annualPrice', + :'display_name' => :'displayName', + :'features' => :'features', + :'list_price' => :'listPrice', + :'product_code' => :'productCode' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'annual_price' => :'Object', + :'display_name' => :'Object', + :'features' => :'Object', + :'list_price' => :'Object', + :'product_code' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Subscription` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Subscription`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'annual_price') + self.annual_price = attributes[:'annual_price'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'features') + if (value = attributes[:'features']).is_a?(Array) + self.features = value + end + end + + if attributes.key?(:'list_price') + self.list_price = attributes[:'list_price'] + end + + if attributes.key?(:'product_code') + self.product_code = attributes[:'product_code'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @annual_price.nil? + invalid_properties.push('invalid value for "annual_price", annual_price cannot be nil.') + end + + if @display_name.nil? + invalid_properties.push('invalid value for "display_name", display_name cannot be nil.') + end + + if @features.nil? + invalid_properties.push('invalid value for "features", features cannot be nil.') + end + + if @list_price.nil? + invalid_properties.push('invalid value for "list_price", list_price cannot be nil.') + end + + if @product_code.nil? + invalid_properties.push('invalid value for "product_code", product_code cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @annual_price.nil? + return false if @display_name.nil? + return false if @features.nil? + return false if @list_price.nil? + return false if @product_code.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + annual_price == o.annual_price && + display_name == o.display_name && + features == o.features && + list_price == o.list_price && + product_code == o.product_code + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [annual_price, display_name, features, list_price, product_code].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/suggestion_counts.rb b/jcapiv2/lib/jcapiv2/models/suggestion_counts.rb new file mode 100644 index 0000000..82d6c0b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/suggestion_counts.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SuggestionCounts + attr_accessor :add + + attr_accessor :remove + + attr_accessor :total + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'add' => :'add', + :'remove' => :'remove', + :'total' => :'total' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'add' => :'Object', + :'remove' => :'Object', + :'total' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SuggestionCounts` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SuggestionCounts`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'add') + self.add = attributes[:'add'] + end + + if attributes.key?(:'remove') + self.remove = attributes[:'remove'] + end + + if attributes.key?(:'total') + self.total = attributes[:'total'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + add == o.add && + remove == o.remove && + total == o.total + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [add, remove, total].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option.rb b/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option.rb new file mode 100644 index 0000000..d2a7569 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option.rb @@ -0,0 +1,220 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # The representation of a Syncro billing mapping dependency with its name (e.g. schedule) and actual values (e.g. individual schedules) + class SyncroBillingMappingConfigurationOption + # The option name + attr_accessor :name + + # The actual option's values + attr_accessor :values + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'values' => :'values' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'values' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroBillingMappingConfigurationOption` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroBillingMappingConfigurationOption`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'values') + if (value = attributes[:'values']).is_a?(Array) + self.values = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + values == o.values + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, values].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option_value.rb b/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option_value.rb new file mode 100644 index 0000000..62e3e20 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option_value.rb @@ -0,0 +1,227 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # The shape of a Syncro billing mapping dependency with its human readable description (label) and value stored in the backend (value) and children (lines) + class SyncroBillingMappingConfigurationOptionValue + attr_accessor :label + + attr_accessor :lines + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'label' => :'label', + :'lines' => :'lines', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'label' => :'Object', + :'lines' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroBillingMappingConfigurationOptionValue` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroBillingMappingConfigurationOptionValue`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'label') + self.label = attributes[:'label'] + end + + if attributes.key?(:'lines') + if (value = attributes[:'lines']).is_a?(Array) + self.lines = value + end + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + label == o.label && + lines == o.lines && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [label, lines, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option_value_line.rb b/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option_value_line.rb new file mode 100644 index 0000000..8451d98 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_option_value_line.rb @@ -0,0 +1,216 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # The shape of a Syncro billing mapping schedule's line + class SyncroBillingMappingConfigurationOptionValueLine + attr_accessor :label + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'label' => :'label', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'label' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroBillingMappingConfigurationOptionValueLine` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroBillingMappingConfigurationOptionValueLine`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'label') + self.label = attributes[:'label'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + label == o.label && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [label, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_options_resp.rb b/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_options_resp.rb new file mode 100644 index 0000000..7e364bf --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_billing_mapping_configuration_options_resp.rb @@ -0,0 +1,214 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Response for retrieving Syncro billing mapping configuration options + class SyncroBillingMappingConfigurationOptionsResp + attr_accessor :options + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'options' => :'options' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'options' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroBillingMappingConfigurationOptionsResp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroBillingMappingConfigurationOptionsResp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'options') + if (value = attributes[:'options']).is_a?(Array) + self.options = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @options.nil? + invalid_properties.push('invalid value for "options", options cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @options.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + options == o.options + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [options].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_company.rb b/jcapiv2/lib/jcapiv2/models/syncro_company.rb new file mode 100644 index 0000000..c98c746 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_company.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Syncro company details + class SyncroCompany + # The company identifier. + attr_accessor :id + + # The company name. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroCompany` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroCompany`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_company_resp.rb b/jcapiv2/lib/jcapiv2/models/syncro_company_resp.rb new file mode 100644 index 0000000..4658ef6 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_company_resp.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Response for retrieving Syncro companies + class SyncroCompanyResp + attr_accessor :records + + attr_accessor :total_count + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records', + :'total_count' => :'totalCount' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object', + :'total_count' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroCompanyResp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroCompanyResp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + + if attributes.key?(:'total_count') + self.total_count = attributes[:'total_count'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + if @total_count.nil? + invalid_properties.push('invalid value for "total_count", total_count cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + return false if @total_count.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records && + total_count == o.total_count + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records, total_count].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_integration.rb b/jcapiv2/lib/jcapiv2/models/syncro_integration.rb new file mode 100644 index 0000000..89dadaf --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_integration.rb @@ -0,0 +1,238 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Syncro integration configuration details + class SyncroIntegration + # The identifier for this Syncro integration. + attr_accessor :id + + # Has the msp-api been configured with auth data yet + attr_accessor :is_msp_auth_configured + + # The subdomain for the URL to connect to Syncro. + attr_accessor :subdomain + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'id' => :'id', + :'is_msp_auth_configured' => :'isMspAuthConfigured', + :'subdomain' => :'subdomain' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'id' => :'Object', + :'is_msp_auth_configured' => :'Object', + :'subdomain' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroIntegration` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroIntegration`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'is_msp_auth_configured') + self.is_msp_auth_configured = attributes[:'is_msp_auth_configured'] + end + + if attributes.key?(:'subdomain') + self.subdomain = attributes[:'subdomain'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @id.nil? + invalid_properties.push('invalid value for "id", id cannot be nil.') + end + + if @subdomain.nil? + invalid_properties.push('invalid value for "subdomain", subdomain cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @id.nil? + return false if @subdomain.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + id == o.id && + is_msp_auth_configured == o.is_msp_auth_configured && + subdomain == o.subdomain + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [id, is_msp_auth_configured, subdomain].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_integration_patch_req.rb b/jcapiv2/lib/jcapiv2/models/syncro_integration_patch_req.rb new file mode 100644 index 0000000..0e6a9f9 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_integration_patch_req.rb @@ -0,0 +1,218 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request for updating a Syncro integration + class SyncroIntegrationPatchReq + # The Syncro API token for authentication + attr_accessor :api_token + + # The subdomain for the URL to connect to Syncro. + attr_accessor :subdomain + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'api_token' => :'apiToken', + :'subdomain' => :'subdomain' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'api_token' => :'Object', + :'subdomain' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroIntegrationPatchReq` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroIntegrationPatchReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'api_token') + self.api_token = attributes[:'api_token'] + end + + if attributes.key?(:'subdomain') + self.subdomain = attributes[:'subdomain'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + api_token == o.api_token && + subdomain == o.subdomain + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [api_token, subdomain].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_integration_req.rb b/jcapiv2/lib/jcapiv2/models/syncro_integration_req.rb new file mode 100644 index 0000000..37bb30d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_integration_req.rb @@ -0,0 +1,228 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request for creating a Syncro integration + class SyncroIntegrationReq + # The Syncro API token for authentication + attr_accessor :api_token + + # The subdomain for the URL to connect to Syncro. + attr_accessor :subdomain + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'api_token' => :'apiToken', + :'subdomain' => :'subdomain' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'api_token' => :'Object', + :'subdomain' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroIntegrationReq` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroIntegrationReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'api_token') + self.api_token = attributes[:'api_token'] + end + + if attributes.key?(:'subdomain') + self.subdomain = attributes[:'subdomain'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @api_token.nil? + invalid_properties.push('invalid value for "api_token", api_token cannot be nil.') + end + + if @subdomain.nil? + invalid_properties.push('invalid value for "subdomain", subdomain cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @api_token.nil? + return false if @subdomain.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + api_token == o.api_token && + subdomain == o.subdomain + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [api_token, subdomain].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_mapping_request.rb b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request.rb new file mode 100644 index 0000000..c9d2fc4 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request.rb @@ -0,0 +1,209 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request object for creating Syncro mappings + class SyncroMappingRequest + attr_accessor :data + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'data' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroMappingRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroMappingRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'data') + if (value = attributes[:'data']).is_a?(Array) + self.data = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [data].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations.rb b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations.rb new file mode 100644 index 0000000..a414450 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations.rb @@ -0,0 +1,207 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Syncro billing mapping details + class SyncroMappingRequestBillingConfigurations + attr_accessor :fields + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'fields' => :'fields' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'fields' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroMappingRequestBillingConfigurations` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroMappingRequestBillingConfigurations`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'fields') + self.fields = attributes[:'fields'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + fields == o.fields + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [fields].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields.rb b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields.rb new file mode 100644 index 0000000..5d32cca --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SyncroMappingRequestBillingConfigurationsFields + attr_accessor :line_item_id + + attr_accessor :line_item_name + + attr_accessor :schedule_id + + attr_accessor :schedule_name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'line_item_id' => :'line_item_id', + :'line_item_name' => :'line_item_name', + :'schedule_id' => :'schedule_id', + :'schedule_name' => :'schedule_name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'line_item_id' => :'Object', + :'line_item_name' => :'Object', + :'schedule_id' => :'Object', + :'schedule_name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroMappingRequestBillingConfigurationsFields` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroMappingRequestBillingConfigurationsFields`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'line_item_id') + self.line_item_id = attributes[:'line_item_id'] + end + + if attributes.key?(:'line_item_name') + self.line_item_name = attributes[:'line_item_name'] + end + + if attributes.key?(:'schedule_id') + self.schedule_id = attributes[:'schedule_id'] + end + + if attributes.key?(:'schedule_name') + self.schedule_name = attributes[:'schedule_name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + line_item_id == o.line_item_id && + line_item_name == o.line_item_name && + schedule_id == o.schedule_id && + schedule_name == o.schedule_name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [line_item_id, line_item_name, schedule_id, schedule_name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields_line_item_id.rb b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields_line_item_id.rb new file mode 100644 index 0000000..5de1973 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields_line_item_id.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SyncroMappingRequestBillingConfigurationsFieldsLineItemId + attr_accessor :kind + + attr_accessor :number_value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'kind' => :'kind', + :'number_value' => :'numberValue' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'kind' => :'Object', + :'number_value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemId` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemId`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'kind') + self.kind = attributes[:'kind'] + end + + if attributes.key?(:'number_value') + self.number_value = attributes[:'number_value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + kind == o.kind && + number_value == o.number_value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [kind, number_value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields_line_item_name.rb b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields_line_item_name.rb new file mode 100644 index 0000000..972638b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_billing_configurations_fields_line_item_name.rb @@ -0,0 +1,215 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SyncroMappingRequestBillingConfigurationsFieldsLineItemName + attr_accessor :kind + + attr_accessor :string_value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'kind' => :'kind', + :'string_value' => :'stringValue' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'kind' => :'Object', + :'string_value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemName` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemName`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'kind') + self.kind = attributes[:'kind'] + end + + if attributes.key?(:'string_value') + self.string_value = attributes[:'string_value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + kind == o.kind && + string_value == o.string_value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [kind, string_value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_data.rb b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_data.rb new file mode 100644 index 0000000..61ac402 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_mapping_request_data.rb @@ -0,0 +1,243 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SyncroMappingRequestData + attr_accessor :billing_configurations + + attr_accessor :company + + attr_accessor :delete + + attr_accessor :organization + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'billing_configurations' => :'billingConfigurations', + :'company' => :'company', + :'delete' => :'delete', + :'organization' => :'organization' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'billing_configurations' => :'Object', + :'company' => :'Object', + :'delete' => :'Object', + :'organization' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroMappingRequestData` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroMappingRequestData`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'billing_configurations') + self.billing_configurations = attributes[:'billing_configurations'] + end + + if attributes.key?(:'company') + self.company = attributes[:'company'] + end + + if attributes.key?(:'delete') + self.delete = attributes[:'delete'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @company.nil? + invalid_properties.push('invalid value for "company", company cannot be nil.') + end + + if @organization.nil? + invalid_properties.push('invalid value for "organization", organization cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @company.nil? + return false if @organization.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + billing_configurations == o.billing_configurations && + company == o.company && + delete == o.delete && + organization == o.organization + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [billing_configurations, company, delete, organization].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_mapping_response.rb b/jcapiv2/lib/jcapiv2/models/syncro_mapping_response.rb new file mode 100644 index 0000000..e4b2f07 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_mapping_response.rb @@ -0,0 +1,216 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Syncro mapping GET response + class SyncroMappingResponse + attr_accessor :company + + attr_accessor :organization + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'company' => :'company', + :'organization' => :'organization' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'company' => :'Object', + :'organization' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroMappingResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroMappingResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'company') + self.company = attributes[:'company'] + end + + if attributes.key?(:'organization') + self.organization = attributes[:'organization'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + company == o.company && + organization == o.organization + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [company, organization].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_settings.rb b/jcapiv2/lib/jcapiv2/models/syncro_settings.rb new file mode 100644 index 0000000..5448ca9 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_settings.rb @@ -0,0 +1,208 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Syncro integration settings + class SyncroSettings + # Determine whether Syncro uses automatic ticketing + attr_accessor :automatic_ticketing + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'automatic_ticketing' => :'automaticTicketing' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'automatic_ticketing' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroSettings` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroSettings`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'automatic_ticketing') + self.automatic_ticketing = attributes[:'automatic_ticketing'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + automatic_ticketing == o.automatic_ticketing + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [automatic_ticketing].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_settings_patch_req.rb b/jcapiv2/lib/jcapiv2/models/syncro_settings_patch_req.rb new file mode 100644 index 0000000..20a26dd --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_settings_patch_req.rb @@ -0,0 +1,208 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # Request for updating a Syncro integration's settings + class SyncroSettingsPatchReq + # Determine whether Syncro uses automatic ticketing + attr_accessor :automatic_ticketing + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'automatic_ticketing' => :'automaticTicketing' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'automatic_ticketing' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroSettingsPatchReq` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroSettingsPatchReq`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'automatic_ticketing') + self.automatic_ticketing = attributes[:'automatic_ticketing'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + automatic_ticketing == o.automatic_ticketing + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [automatic_ticketing].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration.rb b/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration.rb new file mode 100644 index 0000000..cfae091 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration.rb @@ -0,0 +1,297 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # A SyncroTicketingAlertConfiguration object + class SyncroTicketingAlertConfiguration + attr_accessor :category + + attr_accessor :description + + attr_accessor :display_name + + attr_accessor :due_days + + attr_accessor :id + + attr_accessor :priority + + attr_accessor :problem_type + + attr_accessor :should_create_tickets + + attr_accessor :status + + attr_accessor :user_id + + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'category' => :'category', + :'description' => :'description', + :'display_name' => :'displayName', + :'due_days' => :'dueDays', + :'id' => :'id', + :'priority' => :'priority', + :'problem_type' => :'problemType', + :'should_create_tickets' => :'shouldCreateTickets', + :'status' => :'status', + :'user_id' => :'userId', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'category' => :'Object', + :'description' => :'Object', + :'display_name' => :'Object', + :'due_days' => :'Object', + :'id' => :'Object', + :'priority' => :'Object', + :'problem_type' => :'Object', + :'should_create_tickets' => :'Object', + :'status' => :'Object', + :'user_id' => :'Object', + :'username' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroTicketingAlertConfiguration` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroTicketingAlertConfiguration`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'category') + self.category = attributes[:'category'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'due_days') + self.due_days = attributes[:'due_days'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'priority') + self.priority = attributes[:'priority'] + end + + if attributes.key?(:'problem_type') + self.problem_type = attributes[:'problem_type'] + end + + if attributes.key?(:'should_create_tickets') + self.should_create_tickets = attributes[:'should_create_tickets'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'user_id') + self.user_id = attributes[:'user_id'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + category == o.category && + description == o.description && + display_name == o.display_name && + due_days == o.due_days && + id == o.id && + priority == o.priority && + problem_type == o.problem_type && + should_create_tickets == o.should_create_tickets && + status == o.status && + user_id == o.user_id && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [category, description, display_name, due_days, id, priority, problem_type, should_create_tickets, status, user_id, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_list.rb b/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_list.rb new file mode 100644 index 0000000..64c5273 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_list.rb @@ -0,0 +1,213 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SyncroTicketingAlertConfigurationList + attr_accessor :records + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroTicketingAlertConfigurationList` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroTicketingAlertConfigurationList`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_option.rb b/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_option.rb new file mode 100644 index 0000000..1f54d4e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_option.rb @@ -0,0 +1,217 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SyncroTicketingAlertConfigurationOption + attr_accessor :name + + attr_accessor :values + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'values' => :'values' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'values' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroTicketingAlertConfigurationOption` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroTicketingAlertConfigurationOption`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'values') + if (value = attributes[:'values']).is_a?(Array) + self.values = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + values == o.values + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, values].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_options.rb b/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_options.rb new file mode 100644 index 0000000..32ef99a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_options.rb @@ -0,0 +1,213 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SyncroTicketingAlertConfigurationOptions + attr_accessor :records + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroTicketingAlertConfigurationOptions` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroTicketingAlertConfigurationOptions`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_request.rb b/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_request.rb new file mode 100644 index 0000000..4481687 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/syncro_ticketing_alert_configuration_request.rb @@ -0,0 +1,271 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + # A SyncroTicketingAlertConfigurationRequest to update Syncro ticketing configuration. + class SyncroTicketingAlertConfigurationRequest + attr_accessor :due_days + + attr_accessor :priority + + attr_accessor :problem_type + + attr_accessor :should_create_tickets + + attr_accessor :status + + attr_accessor :user_id + + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'due_days' => :'dueDays', + :'priority' => :'priority', + :'problem_type' => :'problemType', + :'should_create_tickets' => :'shouldCreateTickets', + :'status' => :'status', + :'user_id' => :'userId', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'due_days' => :'Object', + :'priority' => :'Object', + :'problem_type' => :'Object', + :'should_create_tickets' => :'Object', + :'status' => :'Object', + :'user_id' => :'Object', + :'username' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SyncroTicketingAlertConfigurationRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SyncroTicketingAlertConfigurationRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'due_days') + self.due_days = attributes[:'due_days'] + end + + if attributes.key?(:'priority') + self.priority = attributes[:'priority'] + end + + if attributes.key?(:'problem_type') + self.problem_type = attributes[:'problem_type'] + end + + if attributes.key?(:'should_create_tickets') + self.should_create_tickets = attributes[:'should_create_tickets'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'user_id') + self.user_id = attributes[:'user_id'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @problem_type.nil? + invalid_properties.push('invalid value for "problem_type", problem_type cannot be nil.') + end + + if @should_create_tickets.nil? + invalid_properties.push('invalid value for "should_create_tickets", should_create_tickets cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @problem_type.nil? + return false if @should_create_tickets.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + due_days == o.due_days && + priority == o.priority && + problem_type == o.problem_type && + should_create_tickets == o.should_create_tickets && + status == o.status && + user_id == o.user_id && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [due_days, priority, problem_type, should_create_tickets, status, user_id, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_graph_management_req.rb b/jcapiv2/lib/jcapiv2/models/system_graph_management_req.rb deleted file mode 100644 index 974481a..0000000 --- a/jcapiv2/lib/jcapiv2/models/system_graph_management_req.rb +++ /dev/null @@ -1,277 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SystemGraphManagementReq - attr_accessor :attributes - - # The ObjectID of graph object being added or removed as an association. - attr_accessor :id - - # How to modify the graph connection. - attr_accessor :op - - attr_accessor :type - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'attributes' => :'attributes', - :'id' => :'id', - :'op' => :'op', - :'type' => :'type' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'attributes' => :'SystemGraphManagementReqAttributes', - :'id' => :'String', - :'op' => :'String', - :'type' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'attributes') - self.attributes = attributes[:'attributes'] - end - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'op') - self.op = attributes[:'op'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - if @op.nil? - invalid_properties.push("invalid value for 'op', op cannot be nil.") - end - - if @type.nil? - invalid_properties.push("invalid value for 'type', type cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @id.nil? - return false if @op.nil? - op_validator = EnumAttributeValidator.new('String', ["add", "remove", "update"]) - return false unless op_validator.valid?(@op) - return false if @type.nil? - type_validator = EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "user", "user_group"]) - return false unless type_validator.valid?(@type) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] op Object to be assigned - def op=(op) - validator = EnumAttributeValidator.new('String', ["add", "remove", "update"]) - unless validator.valid?(op) - fail ArgumentError, "invalid value for 'op', must be one of #{validator.allowable_values}." - end - @op = op - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] type Object to be assigned - def type=(type) - validator = EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "user", "user_group"]) - unless validator.valid?(type) - fail ArgumentError, "invalid value for 'type', must be one of #{validator.allowable_values}." - end - @type = type - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - attributes == o.attributes && - id == o.id && - op == o.op && - type == o.type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [attributes, id, op, type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/system_graph_management_req_attributes.rb b/jcapiv2/lib/jcapiv2/models/system_graph_management_req_attributes.rb deleted file mode 100644 index f79305e..0000000 --- a/jcapiv2/lib/jcapiv2/models/system_graph_management_req_attributes.rb +++ /dev/null @@ -1,188 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - # The graph connection's attributes - class SystemGraphManagementReqAttributes - attr_accessor :sudo - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'sudo' => :'sudo' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'sudo' => :'SystemGraphManagementReqAttributesSudo' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'sudo') - self.sudo = attributes[:'sudo'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - sudo == o.sudo - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [sudo].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/system_graph_management_req_attributes_sudo.rb b/jcapiv2/lib/jcapiv2/models/system_graph_management_req_attributes_sudo.rb deleted file mode 100644 index 32562e9..0000000 --- a/jcapiv2/lib/jcapiv2/models/system_graph_management_req_attributes_sudo.rb +++ /dev/null @@ -1,197 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SystemGraphManagementReqAttributesSudo - attr_accessor :enabled - - attr_accessor :without_password - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'enabled' => :'enabled', - :'without_password' => :'withoutPassword' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'enabled' => :'BOOLEAN', - :'without_password' => :'BOOLEAN' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'enabled') - self.enabled = attributes[:'enabled'] - end - - if attributes.has_key?(:'withoutPassword') - self.without_password = attributes[:'withoutPassword'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - enabled == o.enabled && - without_password == o.without_password - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [enabled, without_password].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/system_group.rb b/jcapiv2/lib/jcapiv2/models/system_group.rb index fac50e8..c459493 100644 --- a/jcapiv2/lib/jcapiv2/models/system_group.rb +++ b/jcapiv2/lib/jcapiv2/models/system_group.rb @@ -1,23 +1,39 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemGroup + attr_accessor :attributes + + # Description of a System Group + attr_accessor :description + + # E-mail address associated with a System Group + attr_accessor :email + # ObjectId uniquely identifying a System Group. attr_accessor :id + attr_accessor :member_query + + # Array of GraphObjects exempted from the query + attr_accessor :member_query_exemptions + + # True if notification emails are to be sent for membership suggestions. + attr_accessor :member_suggestions_notify + + attr_accessor :membership_method + # Display name of a System Group. attr_accessor :name @@ -49,64 +65,120 @@ def valid?(value) # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'attributes' => :'attributes', + :'description' => :'description', + :'email' => :'email', :'id' => :'id', + :'member_query' => :'memberQuery', + :'member_query_exemptions' => :'memberQueryExemptions', + :'member_suggestions_notify' => :'memberSuggestionsNotify', + :'membership_method' => :'membershipMethod', :'name' => :'name', :'type' => :'type' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'id' => :'String', - :'name' => :'String', - :'type' => :'String' + :'attributes' => :'Object', + :'description' => :'Object', + :'email' => :'Object', + :'id' => :'Object', + :'member_query' => :'Object', + :'member_query_exemptions' => :'Object', + :'member_suggestions_notify' => :'Object', + :'membership_method' => :'Object', + :'name' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemGroup` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemGroup`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'description') + self.description = attributes[:'description'] + end - if attributes.has_key?(:'id') + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'name') + if attributes.key?(:'member_query') + self.member_query = attributes[:'member_query'] + end + + if attributes.key?(:'member_query_exemptions') + if (value = attributes[:'member_query_exemptions']).is_a?(Array) + self.member_query_exemptions = value + end + end + + if attributes.key?(:'member_suggestions_notify') + self.member_suggestions_notify = attributes[:'member_suggestions_notify'] + end + + if attributes.key?(:'membership_method') + self.membership_method = attributes[:'membership_method'] + end + + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - type_validator = EnumAttributeValidator.new('String', ["system_group"]) + type_validator = EnumAttributeValidator.new('Object', ['system_group']) return false unless type_validator.valid?(@type) - return true + true end # Custom attribute writer method checking allowed values (enum). # @param [Object] type Object to be assigned def type=(type) - validator = EnumAttributeValidator.new('String', ["system_group"]) + validator = EnumAttributeValidator.new('Object', ['system_group']) unless validator.valid?(type) - fail ArgumentError, "invalid value for 'type', must be one of #{validator.allowable_values}." + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." end @type = type end @@ -116,7 +188,14 @@ def type=(type) def ==(o) return true if self.equal?(o) self.class == o.class && + attributes == o.attributes && + description == o.description && + email == o.email && id == o.id && + member_query == o.member_query && + member_query_exemptions == o.member_query_exemptions && + member_suggestions_notify == o.member_suggestions_notify && + membership_method == o.membership_method && name == o.name && type == o.type end @@ -128,9 +207,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [id, name, type].hash + [attributes, description, email, id, member_query, member_query_exemptions, member_suggestions_notify, membership_method, name, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -138,16 +224,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -169,7 +257,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -190,8 +278,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -213,7 +300,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -225,7 +316,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -235,8 +326,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_group_data.rb b/jcapiv2/lib/jcapiv2/models/system_group_data.rb deleted file mode 100644 index 346460f..0000000 --- a/jcapiv2/lib/jcapiv2/models/system_group_data.rb +++ /dev/null @@ -1,194 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SystemGroupData - # Display name of a System Group. - attr_accessor :name - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'name' => :'name' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'name' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @name.nil? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - name == o.name - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [name].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/system_group_graph_management_req.rb b/jcapiv2/lib/jcapiv2/models/system_group_graph_management_req.rb deleted file mode 100644 index 7bbe870..0000000 --- a/jcapiv2/lib/jcapiv2/models/system_group_graph_management_req.rb +++ /dev/null @@ -1,268 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SystemGroupGraphManagementReq - # The ObjectID of graph object being added or removed as an association. - attr_accessor :id - - # How to modify the graph connection. - attr_accessor :op - - attr_accessor :type - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'id' => :'id', - :'op' => :'op', - :'type' => :'type' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'id' => :'String', - :'op' => :'String', - :'type' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'op') - self.op = attributes[:'op'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - if @op.nil? - invalid_properties.push("invalid value for 'op', op cannot be nil.") - end - - if @type.nil? - invalid_properties.push("invalid value for 'type', type cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @id.nil? - return false if @op.nil? - op_validator = EnumAttributeValidator.new('String', ["add", "remove", "update"]) - return false unless op_validator.valid?(@op) - return false if @type.nil? - type_validator = EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "user", "user_group"]) - return false unless type_validator.valid?(@type) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] op Object to be assigned - def op=(op) - validator = EnumAttributeValidator.new('String', ["add", "remove", "update"]) - unless validator.valid?(op) - fail ArgumentError, "invalid value for 'op', must be one of #{validator.allowable_values}." - end - @op = op - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] type Object to be assigned - def type=(type) - validator = EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "user", "user_group"]) - unless validator.valid?(type) - fail ArgumentError, "invalid value for 'type', must be one of #{validator.allowable_values}." - end - @type = type - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - id == o.id && - op == o.op && - type == o.type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [id, op, type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/system_group_members_req.rb b/jcapiv2/lib/jcapiv2/models/system_group_members_req.rb deleted file mode 100644 index 6293f3b..0000000 --- a/jcapiv2/lib/jcapiv2/models/system_group_members_req.rb +++ /dev/null @@ -1,269 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SystemGroupMembersReq - # The ObjectID of member being added or removed. - attr_accessor :id - - # How to modify the membership connection. - attr_accessor :op - - # The member type. - attr_accessor :type - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'id' => :'id', - :'op' => :'op', - :'type' => :'type' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'id' => :'String', - :'op' => :'String', - :'type' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'op') - self.op = attributes[:'op'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - if @op.nil? - invalid_properties.push("invalid value for 'op', op cannot be nil.") - end - - if @type.nil? - invalid_properties.push("invalid value for 'type', type cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @id.nil? - return false if @op.nil? - op_validator = EnumAttributeValidator.new('String', ["add", "remove"]) - return false unless op_validator.valid?(@op) - return false if @type.nil? - type_validator = EnumAttributeValidator.new('String', ["system"]) - return false unless type_validator.valid?(@type) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] op Object to be assigned - def op=(op) - validator = EnumAttributeValidator.new('String', ["add", "remove"]) - unless validator.valid?(op) - fail ArgumentError, "invalid value for 'op', must be one of #{validator.allowable_values}." - end - @op = op - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] type Object to be assigned - def type=(type) - validator = EnumAttributeValidator.new('String', ["system"]) - unless validator.valid?(type) - fail ArgumentError, "invalid value for 'type', must be one of #{validator.allowable_values}." - end - @type = type - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - id == o.id && - op == o.op && - type == o.type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [id, op, type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/system_group_post.rb b/jcapiv2/lib/jcapiv2/models/system_group_post.rb new file mode 100644 index 0000000..1472658 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_group_post.rb @@ -0,0 +1,281 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemGroupPost + attr_accessor :attributes + + # Description of a System Group + attr_accessor :description + + # Email address of a System Group + attr_accessor :email + + attr_accessor :member_query + + # Array of GraphObjects exempted from the query + attr_accessor :member_query_exemptions + + # True if notification emails are to be sent for membership suggestions. + attr_accessor :member_suggestions_notify + + attr_accessor :membership_method + + # Display name of a System Group. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'attributes' => :'attributes', + :'description' => :'description', + :'email' => :'email', + :'member_query' => :'memberQuery', + :'member_query_exemptions' => :'memberQueryExemptions', + :'member_suggestions_notify' => :'memberSuggestionsNotify', + :'membership_method' => :'membershipMethod', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'attributes' => :'Object', + :'description' => :'Object', + :'email' => :'Object', + :'member_query' => :'Object', + :'member_query_exemptions' => :'Object', + :'member_suggestions_notify' => :'Object', + :'membership_method' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemGroupPost` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemGroupPost`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'member_query') + self.member_query = attributes[:'member_query'] + end + + if attributes.key?(:'member_query_exemptions') + if (value = attributes[:'member_query_exemptions']).is_a?(Array) + self.member_query_exemptions = value + end + end + + if attributes.key?(:'member_suggestions_notify') + self.member_suggestions_notify = attributes[:'member_suggestions_notify'] + end + + if attributes.key?(:'membership_method') + self.membership_method = attributes[:'membership_method'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + description == o.description && + email == o.email && + member_query == o.member_query && + member_query_exemptions == o.member_query_exemptions && + member_suggestions_notify == o.member_suggestions_notify && + membership_method == o.membership_method && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [attributes, description, email, member_query, member_query_exemptions, member_suggestions_notify, membership_method, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_group_put.rb b/jcapiv2/lib/jcapiv2/models/system_group_put.rb new file mode 100644 index 0000000..bab095a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_group_put.rb @@ -0,0 +1,281 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemGroupPut + attr_accessor :attributes + + # Description of a System Group + attr_accessor :description + + # Email address of a System Group + attr_accessor :email + + attr_accessor :member_query + + # Array of GraphObjects exempted from the query + attr_accessor :member_query_exemptions + + # True if notification emails are to be sent for membership suggestions. + attr_accessor :member_suggestions_notify + + attr_accessor :membership_method + + # Display name of a System Group. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'attributes' => :'attributes', + :'description' => :'description', + :'email' => :'email', + :'member_query' => :'memberQuery', + :'member_query_exemptions' => :'memberQueryExemptions', + :'member_suggestions_notify' => :'memberSuggestionsNotify', + :'membership_method' => :'membershipMethod', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'attributes' => :'Object', + :'description' => :'Object', + :'email' => :'Object', + :'member_query' => :'Object', + :'member_query_exemptions' => :'Object', + :'member_suggestions_notify' => :'Object', + :'membership_method' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemGroupPut` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemGroupPut`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'member_query') + self.member_query = attributes[:'member_query'] + end + + if attributes.key?(:'member_query_exemptions') + if (value = attributes[:'member_query_exemptions']).is_a?(Array) + self.member_query_exemptions = value + end + end + + if attributes.key?(:'member_suggestions_notify') + self.member_suggestions_notify = attributes[:'member_suggestions_notify'] + end + + if attributes.key?(:'membership_method') + self.membership_method = attributes[:'membership_method'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @name.nil? + invalid_properties.push('invalid value for "name", name cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @name.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + description == o.description && + email == o.email && + member_query == o.member_query && + member_query_exemptions == o.member_query_exemptions && + member_suggestions_notify == o.member_suggestions_notify && + membership_method == o.membership_method && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [attributes, description, email, member_query, member_query_exemptions, member_suggestions_notify, membership_method, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_alf.rb b/jcapiv2/lib/jcapiv2/models/system_insights_alf.rb new file mode 100644 index 0000000..7a57835 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_alf.rb @@ -0,0 +1,278 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsAlf + attr_accessor :allow_signed_enabled + + attr_accessor :collection_time + + attr_accessor :firewall_unload + + attr_accessor :global_state + + attr_accessor :logging_enabled + + attr_accessor :logging_option + + attr_accessor :stealth_enabled + + attr_accessor :system_id + + attr_accessor :version + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'allow_signed_enabled' => :'allow_signed_enabled', + :'collection_time' => :'collection_time', + :'firewall_unload' => :'firewall_unload', + :'global_state' => :'global_state', + :'logging_enabled' => :'logging_enabled', + :'logging_option' => :'logging_option', + :'stealth_enabled' => :'stealth_enabled', + :'system_id' => :'system_id', + :'version' => :'version' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'allow_signed_enabled' => :'Object', + :'collection_time' => :'Object', + :'firewall_unload' => :'Object', + :'global_state' => :'Object', + :'logging_enabled' => :'Object', + :'logging_option' => :'Object', + :'stealth_enabled' => :'Object', + :'system_id' => :'Object', + :'version' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsAlf` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsAlf`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'allow_signed_enabled') + self.allow_signed_enabled = attributes[:'allow_signed_enabled'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'firewall_unload') + self.firewall_unload = attributes[:'firewall_unload'] + end + + if attributes.key?(:'global_state') + self.global_state = attributes[:'global_state'] + end + + if attributes.key?(:'logging_enabled') + self.logging_enabled = attributes[:'logging_enabled'] + end + + if attributes.key?(:'logging_option') + self.logging_option = attributes[:'logging_option'] + end + + if attributes.key?(:'stealth_enabled') + self.stealth_enabled = attributes[:'stealth_enabled'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + allow_signed_enabled == o.allow_signed_enabled && + collection_time == o.collection_time && + firewall_unload == o.firewall_unload && + global_state == o.global_state && + logging_enabled == o.logging_enabled && + logging_option == o.logging_option && + stealth_enabled == o.stealth_enabled && + system_id == o.system_id && + version == o.version + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [allow_signed_enabled, collection_time, firewall_unload, global_state, logging_enabled, logging_option, stealth_enabled, system_id, version].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_alf_exceptions.rb b/jcapiv2/lib/jcapiv2/models/system_insights_alf_exceptions.rb new file mode 100644 index 0000000..415c09a --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_alf_exceptions.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsAlfExceptions + attr_accessor :collection_time + + attr_accessor :path + + attr_accessor :state + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'path' => :'path', + :'state' => :'state', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'path' => :'Object', + :'state' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsAlfExceptions` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsAlfExceptions`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + path == o.path && + state == o.state && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, path, state, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_alf_explicit_auths.rb b/jcapiv2/lib/jcapiv2/models/system_insights_alf_explicit_auths.rb new file mode 100644 index 0000000..74d6237 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_alf_explicit_auths.rb @@ -0,0 +1,224 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsAlfExplicitAuths + attr_accessor :collection_time + + attr_accessor :process + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'process' => :'process', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'process' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsAlfExplicitAuths` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsAlfExplicitAuths`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'process') + self.process = attributes[:'process'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + process == o.process && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, process, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_appcompat_shims.rb b/jcapiv2/lib/jcapiv2/models/system_insights_appcompat_shims.rb new file mode 100644 index 0000000..44fecdf --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_appcompat_shims.rb @@ -0,0 +1,269 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsAppcompatShims + attr_accessor :collection_time + + attr_accessor :description + + attr_accessor :executable + + attr_accessor :install_time + + attr_accessor :path + + attr_accessor :sdb_id + + attr_accessor :system_id + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'description' => :'description', + :'executable' => :'executable', + :'install_time' => :'install_time', + :'path' => :'path', + :'sdb_id' => :'sdb_id', + :'system_id' => :'system_id', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'description' => :'Object', + :'executable' => :'Object', + :'install_time' => :'Object', + :'path' => :'Object', + :'sdb_id' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsAppcompatShims` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsAppcompatShims`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'executable') + self.executable = attributes[:'executable'] + end + + if attributes.key?(:'install_time') + self.install_time = attributes[:'install_time'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'sdb_id') + self.sdb_id = attributes[:'sdb_id'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + description == o.description && + executable == o.executable && + install_time == o.install_time && + path == o.path && + sdb_id == o.sdb_id && + system_id == o.system_id && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, description, executable, install_time, path, sdb_id, system_id, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_apps.rb b/jcapiv2/lib/jcapiv2/models/system_insights_apps.rb index 92e4042..d4ab657 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_apps.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_apps.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsApps attr_accessor :applescript_enabled @@ -57,7 +55,6 @@ class SystemInsightsApps attr_accessor :system_id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -86,137 +83,149 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'applescript_enabled' => :'String', - :'bundle_executable' => :'String', - :'bundle_identifier' => :'String', - :'bundle_name' => :'String', - :'bundle_package_type' => :'String', - :'bundle_short_version' => :'String', - :'bundle_version' => :'String', - :'category' => :'String', - :'collection_time' => :'String', - :'compiler' => :'String', - :'copyright' => :'String', - :'development_region' => :'String', - :'display_name' => :'String', - :'element' => :'String', - :'environment' => :'String', - :'info_string' => :'String', - :'last_opened_time' => :'Float', - :'minimum_system_version' => :'String', - :'name' => :'String', - :'path' => :'String', - :'system_id' => :'String' + :'applescript_enabled' => :'Object', + :'bundle_executable' => :'Object', + :'bundle_identifier' => :'Object', + :'bundle_name' => :'Object', + :'bundle_package_type' => :'Object', + :'bundle_short_version' => :'Object', + :'bundle_version' => :'Object', + :'category' => :'Object', + :'collection_time' => :'Object', + :'compiler' => :'Object', + :'copyright' => :'Object', + :'development_region' => :'Object', + :'display_name' => :'Object', + :'element' => :'Object', + :'environment' => :'Object', + :'info_string' => :'Object', + :'last_opened_time' => :'Object', + :'minimum_system_version' => :'Object', + :'name' => :'Object', + :'path' => :'Object', + :'system_id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsApps` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsApps`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'applescript_enabled') + if attributes.key?(:'applescript_enabled') self.applescript_enabled = attributes[:'applescript_enabled'] end - if attributes.has_key?(:'bundle_executable') + if attributes.key?(:'bundle_executable') self.bundle_executable = attributes[:'bundle_executable'] end - if attributes.has_key?(:'bundle_identifier') + if attributes.key?(:'bundle_identifier') self.bundle_identifier = attributes[:'bundle_identifier'] end - if attributes.has_key?(:'bundle_name') + if attributes.key?(:'bundle_name') self.bundle_name = attributes[:'bundle_name'] end - if attributes.has_key?(:'bundle_package_type') + if attributes.key?(:'bundle_package_type') self.bundle_package_type = attributes[:'bundle_package_type'] end - if attributes.has_key?(:'bundle_short_version') + if attributes.key?(:'bundle_short_version') self.bundle_short_version = attributes[:'bundle_short_version'] end - if attributes.has_key?(:'bundle_version') + if attributes.key?(:'bundle_version') self.bundle_version = attributes[:'bundle_version'] end - if attributes.has_key?(:'category') + if attributes.key?(:'category') self.category = attributes[:'category'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'compiler') + if attributes.key?(:'compiler') self.compiler = attributes[:'compiler'] end - if attributes.has_key?(:'copyright') + if attributes.key?(:'copyright') self.copyright = attributes[:'copyright'] end - if attributes.has_key?(:'development_region') + if attributes.key?(:'development_region') self.development_region = attributes[:'development_region'] end - if attributes.has_key?(:'display_name') + if attributes.key?(:'display_name') self.display_name = attributes[:'display_name'] end - if attributes.has_key?(:'element') + if attributes.key?(:'element') self.element = attributes[:'element'] end - if attributes.has_key?(:'environment') + if attributes.key?(:'environment') self.environment = attributes[:'environment'] end - if attributes.has_key?(:'info_string') + if attributes.key?(:'info_string') self.info_string = attributes[:'info_string'] end - if attributes.has_key?(:'last_opened_time') + if attributes.key?(:'last_opened_time') self.last_opened_time = attributes[:'last_opened_time'] end - if attributes.has_key?(:'minimum_system_version') + if attributes.key?(:'minimum_system_version') self.minimum_system_version = attributes[:'minimum_system_version'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'path') + if attributes.key?(:'path') self.path = attributes[:'path'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -254,26 +263,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [applescript_enabled, bundle_executable, bundle_identifier, bundle_name, bundle_package_type, bundle_short_version, bundle_version, category, collection_time, compiler, copyright, development_region, display_name, element, environment, info_string, last_opened_time, minimum_system_version, name, path, system_id].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -295,7 +313,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -316,8 +334,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -339,7 +356,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -351,7 +372,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -361,8 +382,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_authorized_keys.rb b/jcapiv2/lib/jcapiv2/models/system_insights_authorized_keys.rb new file mode 100644 index 0000000..d5d0755 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_authorized_keys.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsAuthorizedKeys + attr_accessor :algorithm + + attr_accessor :collection_time + + attr_accessor :key + + attr_accessor :key_file + + attr_accessor :system_id + + attr_accessor :uid + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'algorithm' => :'algorithm', + :'collection_time' => :'collection_time', + :'key' => :'key', + :'key_file' => :'key_file', + :'system_id' => :'system_id', + :'uid' => :'uid' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'algorithm' => :'Object', + :'collection_time' => :'Object', + :'key' => :'Object', + :'key_file' => :'Object', + :'system_id' => :'Object', + :'uid' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsAuthorizedKeys` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsAuthorizedKeys`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'algorithm') + self.algorithm = attributes[:'algorithm'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'key') + self.key = attributes[:'key'] + end + + if attributes.key?(:'key_file') + self.key_file = attributes[:'key_file'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'uid') + self.uid = attributes[:'uid'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + algorithm == o.algorithm && + collection_time == o.collection_time && + key == o.key && + key_file == o.key_file && + system_id == o.system_id && + uid == o.uid + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [algorithm, collection_time, key, key_file, system_id, uid].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_azure_instance_metadata.rb b/jcapiv2/lib/jcapiv2/models/system_insights_azure_instance_metadata.rb new file mode 100644 index 0000000..bcaf798 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_azure_instance_metadata.rb @@ -0,0 +1,359 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsAzureInstanceMetadata + attr_accessor :collection_time + + attr_accessor :location + + attr_accessor :name + + attr_accessor :offer + + attr_accessor :os_type + + attr_accessor :placement_group_id + + attr_accessor :platform_fault_domain + + attr_accessor :platform_update_domain + + attr_accessor :publisher + + attr_accessor :resource_group_name + + attr_accessor :sku + + attr_accessor :subscription_id + + attr_accessor :system_id + + attr_accessor :version + + attr_accessor :vm_id + + attr_accessor :vm_scale_set_name + + attr_accessor :vm_size + + attr_accessor :zone + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'location' => :'location', + :'name' => :'name', + :'offer' => :'offer', + :'os_type' => :'os_type', + :'placement_group_id' => :'placement_group_id', + :'platform_fault_domain' => :'platform_fault_domain', + :'platform_update_domain' => :'platform_update_domain', + :'publisher' => :'publisher', + :'resource_group_name' => :'resource_group_name', + :'sku' => :'sku', + :'subscription_id' => :'subscription_id', + :'system_id' => :'system_id', + :'version' => :'version', + :'vm_id' => :'vm_id', + :'vm_scale_set_name' => :'vm_scale_set_name', + :'vm_size' => :'vm_size', + :'zone' => :'zone' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'location' => :'Object', + :'name' => :'Object', + :'offer' => :'Object', + :'os_type' => :'Object', + :'placement_group_id' => :'Object', + :'platform_fault_domain' => :'Object', + :'platform_update_domain' => :'Object', + :'publisher' => :'Object', + :'resource_group_name' => :'Object', + :'sku' => :'Object', + :'subscription_id' => :'Object', + :'system_id' => :'Object', + :'version' => :'Object', + :'vm_id' => :'Object', + :'vm_scale_set_name' => :'Object', + :'vm_size' => :'Object', + :'zone' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsAzureInstanceMetadata` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsAzureInstanceMetadata`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'location') + self.location = attributes[:'location'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'offer') + self.offer = attributes[:'offer'] + end + + if attributes.key?(:'os_type') + self.os_type = attributes[:'os_type'] + end + + if attributes.key?(:'placement_group_id') + self.placement_group_id = attributes[:'placement_group_id'] + end + + if attributes.key?(:'platform_fault_domain') + self.platform_fault_domain = attributes[:'platform_fault_domain'] + end + + if attributes.key?(:'platform_update_domain') + self.platform_update_domain = attributes[:'platform_update_domain'] + end + + if attributes.key?(:'publisher') + self.publisher = attributes[:'publisher'] + end + + if attributes.key?(:'resource_group_name') + self.resource_group_name = attributes[:'resource_group_name'] + end + + if attributes.key?(:'sku') + self.sku = attributes[:'sku'] + end + + if attributes.key?(:'subscription_id') + self.subscription_id = attributes[:'subscription_id'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + + if attributes.key?(:'vm_id') + self.vm_id = attributes[:'vm_id'] + end + + if attributes.key?(:'vm_scale_set_name') + self.vm_scale_set_name = attributes[:'vm_scale_set_name'] + end + + if attributes.key?(:'vm_size') + self.vm_size = attributes[:'vm_size'] + end + + if attributes.key?(:'zone') + self.zone = attributes[:'zone'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + location == o.location && + name == o.name && + offer == o.offer && + os_type == o.os_type && + placement_group_id == o.placement_group_id && + platform_fault_domain == o.platform_fault_domain && + platform_update_domain == o.platform_update_domain && + publisher == o.publisher && + resource_group_name == o.resource_group_name && + sku == o.sku && + subscription_id == o.subscription_id && + system_id == o.system_id && + version == o.version && + vm_id == o.vm_id && + vm_scale_set_name == o.vm_scale_set_name && + vm_size == o.vm_size && + zone == o.zone + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, location, name, offer, os_type, placement_group_id, platform_fault_domain, platform_update_domain, publisher, resource_group_name, sku, subscription_id, system_id, version, vm_id, vm_scale_set_name, vm_size, zone].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_azure_instance_tags.rb b/jcapiv2/lib/jcapiv2/models/system_insights_azure_instance_tags.rb new file mode 100644 index 0000000..18da544 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_azure_instance_tags.rb @@ -0,0 +1,242 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsAzureInstanceTags + attr_accessor :collection_time + + attr_accessor :key + + attr_accessor :system_id + + attr_accessor :value + + attr_accessor :vm_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'key' => :'key', + :'system_id' => :'system_id', + :'value' => :'value', + :'vm_id' => :'vm_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'key' => :'Object', + :'system_id' => :'Object', + :'value' => :'Object', + :'vm_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsAzureInstanceTags` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsAzureInstanceTags`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'key') + self.key = attributes[:'key'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + + if attributes.key?(:'vm_id') + self.vm_id = attributes[:'vm_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + key == o.key && + system_id == o.system_id && + value == o.value && + vm_id == o.vm_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, key, system_id, value, vm_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_battery.rb b/jcapiv2/lib/jcapiv2/models/system_insights_battery.rb index 349cbeb..7f821bd 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_battery.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_battery.rb @@ -1,21 +1,19 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsBattery - attr_accessor :amgerage + attr_accessor :amperage attr_accessor :charged @@ -55,11 +53,10 @@ class SystemInsightsBattery attr_accessor :voltage - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { - :'amgerage' => :'amgerage', + :'amperage' => :'amperage', :'charged' => :'charged', :'charging' => :'charging', :'collection_time' => :'collection_time', @@ -83,132 +80,144 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'amgerage' => :'Integer', - :'charged' => :'Integer', - :'charging' => :'Integer', - :'collection_time' => :'String', - :'condition' => :'String', - :'current_capacity' => :'Integer', - :'cycle_count' => :'Integer', - :'designed_capacity' => :'Integer', - :'health' => :'String', - :'manufacture_date' => :'Integer', - :'manufacturer' => :'String', - :'max_capacity' => :'Integer', - :'minutes_to_full_charge' => :'Integer', - :'minutes_until_empty' => :'Integer', - :'model' => :'String', - :'percent_remaining' => :'Integer', - :'serial_number' => :'String', - :'state' => :'String', - :'system_id' => :'String', - :'voltage' => :'Integer' + :'amperage' => :'Object', + :'charged' => :'Object', + :'charging' => :'Object', + :'collection_time' => :'Object', + :'condition' => :'Object', + :'current_capacity' => :'Object', + :'cycle_count' => :'Object', + :'designed_capacity' => :'Object', + :'health' => :'Object', + :'manufacture_date' => :'Object', + :'manufacturer' => :'Object', + :'max_capacity' => :'Object', + :'minutes_to_full_charge' => :'Object', + :'minutes_until_empty' => :'Object', + :'model' => :'Object', + :'percent_remaining' => :'Object', + :'serial_number' => :'Object', + :'state' => :'Object', + :'system_id' => :'Object', + :'voltage' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsBattery` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsBattery`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'amgerage') - self.amgerage = attributes[:'amgerage'] + if attributes.key?(:'amperage') + self.amperage = attributes[:'amperage'] end - if attributes.has_key?(:'charged') + if attributes.key?(:'charged') self.charged = attributes[:'charged'] end - if attributes.has_key?(:'charging') + if attributes.key?(:'charging') self.charging = attributes[:'charging'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'condition') + if attributes.key?(:'condition') self.condition = attributes[:'condition'] end - if attributes.has_key?(:'current_capacity') + if attributes.key?(:'current_capacity') self.current_capacity = attributes[:'current_capacity'] end - if attributes.has_key?(:'cycle_count') + if attributes.key?(:'cycle_count') self.cycle_count = attributes[:'cycle_count'] end - if attributes.has_key?(:'designed_capacity') + if attributes.key?(:'designed_capacity') self.designed_capacity = attributes[:'designed_capacity'] end - if attributes.has_key?(:'health') + if attributes.key?(:'health') self.health = attributes[:'health'] end - if attributes.has_key?(:'manufacture_date') + if attributes.key?(:'manufacture_date') self.manufacture_date = attributes[:'manufacture_date'] end - if attributes.has_key?(:'manufacturer') + if attributes.key?(:'manufacturer') self.manufacturer = attributes[:'manufacturer'] end - if attributes.has_key?(:'max_capacity') + if attributes.key?(:'max_capacity') self.max_capacity = attributes[:'max_capacity'] end - if attributes.has_key?(:'minutes_to_full_charge') + if attributes.key?(:'minutes_to_full_charge') self.minutes_to_full_charge = attributes[:'minutes_to_full_charge'] end - if attributes.has_key?(:'minutes_until_empty') + if attributes.key?(:'minutes_until_empty') self.minutes_until_empty = attributes[:'minutes_until_empty'] end - if attributes.has_key?(:'model') + if attributes.key?(:'model') self.model = attributes[:'model'] end - if attributes.has_key?(:'percent_remaining') + if attributes.key?(:'percent_remaining') self.percent_remaining = attributes[:'percent_remaining'] end - if attributes.has_key?(:'serial_number') + if attributes.key?(:'serial_number') self.serial_number = attributes[:'serial_number'] end - if attributes.has_key?(:'state') + if attributes.key?(:'state') self.state = attributes[:'state'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'voltage') + if attributes.key?(:'voltage') self.voltage = attributes[:'voltage'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -216,7 +225,7 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && - amgerage == o.amgerage && + amperage == o.amperage && charged == o.charged && charging == o.charging && collection_time == o.collection_time && @@ -245,9 +254,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [amgerage, charged, charging, collection_time, condition, current_capacity, cycle_count, designed_capacity, health, manufacture_date, manufacturer, max_capacity, minutes_to_full_charge, minutes_until_empty, model, percent_remaining, serial_number, state, system_id, voltage].hash + [amperage, charged, charging, collection_time, condition, current_capacity, cycle_count, designed_capacity, health, manufacture_date, manufacturer, max_capacity, minutes_to_full_charge, minutes_until_empty, model, percent_remaining, serial_number, state, system_id, voltage].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -255,16 +271,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -286,7 +304,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -307,8 +325,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -330,7 +347,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -342,7 +363,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -352,8 +373,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_bitlocker_info.rb b/jcapiv2/lib/jcapiv2/models/system_insights_bitlocker_info.rb index fcbd065..69aab3f 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_bitlocker_info.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_bitlocker_info.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsBitlockerInfo attr_accessor :collection_time @@ -31,7 +29,6 @@ class SystemInsightsBitlockerInfo attr_accessor :system_id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -47,72 +44,84 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'conversion_status' => :'Integer', - :'device_id' => :'String', - :'drive_letter' => :'String', - :'encryption_method' => :'String', - :'persistent_volume_id' => :'String', - :'protection_status' => :'Integer', - :'system_id' => :'String' + :'collection_time' => :'Object', + :'conversion_status' => :'Object', + :'device_id' => :'Object', + :'drive_letter' => :'Object', + :'encryption_method' => :'Object', + :'persistent_volume_id' => :'Object', + :'protection_status' => :'Object', + :'system_id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsBitlockerInfo` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsBitlockerInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'conversion_status') + if attributes.key?(:'conversion_status') self.conversion_status = attributes[:'conversion_status'] end - if attributes.has_key?(:'device_id') + if attributes.key?(:'device_id') self.device_id = attributes[:'device_id'] end - if attributes.has_key?(:'drive_letter') + if attributes.key?(:'drive_letter') self.drive_letter = attributes[:'drive_letter'] end - if attributes.has_key?(:'encryption_method') + if attributes.key?(:'encryption_method') self.encryption_method = attributes[:'encryption_method'] end - if attributes.has_key?(:'persistent_volume_id') + if attributes.key?(:'persistent_volume_id') self.persistent_volume_id = attributes[:'persistent_volume_id'] end - if attributes.has_key?(:'protection_status') + if attributes.key?(:'protection_status') self.protection_status = attributes[:'protection_status'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -137,26 +146,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, conversion_status, device_id, drive_letter, encryption_method, persistent_volume_id, protection_status, system_id].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -178,7 +196,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -199,8 +217,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -222,7 +239,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -234,7 +255,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -244,8 +265,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_browser_plugins.rb b/jcapiv2/lib/jcapiv2/models/system_insights_browser_plugins.rb index ce4c0f7..824e4e0 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_browser_plugins.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_browser_plugins.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsBrowserPlugins attr_accessor :collection_time @@ -39,7 +37,6 @@ class SystemInsightsBrowserPlugins attr_accessor :version - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -59,92 +56,104 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'description' => :'String', - :'development_region' => :'String', - :'disabled' => :'Integer', - :'identifier' => :'String', - :'name' => :'String', - :'native' => :'Integer', - :'path' => :'String', - :'sdk' => :'String', - :'system_id' => :'String', - :'uid' => :'String', - :'version' => :'String' + :'collection_time' => :'Object', + :'description' => :'Object', + :'development_region' => :'Object', + :'disabled' => :'Object', + :'identifier' => :'Object', + :'name' => :'Object', + :'native' => :'Object', + :'path' => :'Object', + :'sdk' => :'Object', + :'system_id' => :'Object', + :'uid' => :'Object', + :'version' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsBrowserPlugins` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsBrowserPlugins`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'development_region') + if attributes.key?(:'development_region') self.development_region = attributes[:'development_region'] end - if attributes.has_key?(:'disabled') + if attributes.key?(:'disabled') self.disabled = attributes[:'disabled'] end - if attributes.has_key?(:'identifier') + if attributes.key?(:'identifier') self.identifier = attributes[:'identifier'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'native') + if attributes.key?(:'native') self.native = attributes[:'native'] end - if attributes.has_key?(:'path') + if attributes.key?(:'path') self.path = attributes[:'path'] end - if attributes.has_key?(:'sdk') + if attributes.key?(:'sdk') self.sdk = attributes[:'sdk'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'uid') + if attributes.key?(:'uid') self.uid = attributes[:'uid'] end - if attributes.has_key?(:'version') + if attributes.key?(:'version') self.version = attributes[:'version'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -173,26 +182,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, description, development_region, disabled, identifier, name, native, path, sdk, system_id, uid, version].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -214,7 +232,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -235,8 +253,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -258,7 +275,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -270,7 +291,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -280,8 +301,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_certificates.rb b/jcapiv2/lib/jcapiv2/models/system_insights_certificates.rb new file mode 100644 index 0000000..ebb5fcf --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_certificates.rb @@ -0,0 +1,395 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsCertificates + attr_accessor :authority_key_id + + attr_accessor :ca + + attr_accessor :common_name + + attr_accessor :issuer + + attr_accessor :key_algorithm + + attr_accessor :key_strength + + attr_accessor :key_usage + + attr_accessor :not_valid_after + + attr_accessor :not_valid_before + + attr_accessor :path + + attr_accessor :self_signed + + attr_accessor :serial + + attr_accessor :sha1 + + attr_accessor :sid + + attr_accessor :signing_algorithm + + attr_accessor :store + + attr_accessor :store_id + + attr_accessor :store_location + + attr_accessor :subject + + attr_accessor :subject_key_id + + attr_accessor :system_id + + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'authority_key_id' => :'authority_key_id', + :'ca' => :'ca', + :'common_name' => :'common_name', + :'issuer' => :'issuer', + :'key_algorithm' => :'key_algorithm', + :'key_strength' => :'key_strength', + :'key_usage' => :'key_usage', + :'not_valid_after' => :'not_valid_after', + :'not_valid_before' => :'not_valid_before', + :'path' => :'path', + :'self_signed' => :'self_signed', + :'serial' => :'serial', + :'sha1' => :'sha1', + :'sid' => :'sid', + :'signing_algorithm' => :'signing_algorithm', + :'store' => :'store', + :'store_id' => :'store_id', + :'store_location' => :'store_location', + :'subject' => :'subject', + :'subject_key_id' => :'subject_key_id', + :'system_id' => :'system_id', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'authority_key_id' => :'Object', + :'ca' => :'Object', + :'common_name' => :'Object', + :'issuer' => :'Object', + :'key_algorithm' => :'Object', + :'key_strength' => :'Object', + :'key_usage' => :'Object', + :'not_valid_after' => :'Object', + :'not_valid_before' => :'Object', + :'path' => :'Object', + :'self_signed' => :'Object', + :'serial' => :'Object', + :'sha1' => :'Object', + :'sid' => :'Object', + :'signing_algorithm' => :'Object', + :'store' => :'Object', + :'store_id' => :'Object', + :'store_location' => :'Object', + :'subject' => :'Object', + :'subject_key_id' => :'Object', + :'system_id' => :'Object', + :'username' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsCertificates` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsCertificates`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'authority_key_id') + self.authority_key_id = attributes[:'authority_key_id'] + end + + if attributes.key?(:'ca') + self.ca = attributes[:'ca'] + end + + if attributes.key?(:'common_name') + self.common_name = attributes[:'common_name'] + end + + if attributes.key?(:'issuer') + self.issuer = attributes[:'issuer'] + end + + if attributes.key?(:'key_algorithm') + self.key_algorithm = attributes[:'key_algorithm'] + end + + if attributes.key?(:'key_strength') + self.key_strength = attributes[:'key_strength'] + end + + if attributes.key?(:'key_usage') + self.key_usage = attributes[:'key_usage'] + end + + if attributes.key?(:'not_valid_after') + self.not_valid_after = attributes[:'not_valid_after'] + end + + if attributes.key?(:'not_valid_before') + self.not_valid_before = attributes[:'not_valid_before'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'self_signed') + self.self_signed = attributes[:'self_signed'] + end + + if attributes.key?(:'serial') + self.serial = attributes[:'serial'] + end + + if attributes.key?(:'sha1') + self.sha1 = attributes[:'sha1'] + end + + if attributes.key?(:'sid') + self.sid = attributes[:'sid'] + end + + if attributes.key?(:'signing_algorithm') + self.signing_algorithm = attributes[:'signing_algorithm'] + end + + if attributes.key?(:'store') + self.store = attributes[:'store'] + end + + if attributes.key?(:'store_id') + self.store_id = attributes[:'store_id'] + end + + if attributes.key?(:'store_location') + self.store_location = attributes[:'store_location'] + end + + if attributes.key?(:'subject') + self.subject = attributes[:'subject'] + end + + if attributes.key?(:'subject_key_id') + self.subject_key_id = attributes[:'subject_key_id'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + authority_key_id == o.authority_key_id && + ca == o.ca && + common_name == o.common_name && + issuer == o.issuer && + key_algorithm == o.key_algorithm && + key_strength == o.key_strength && + key_usage == o.key_usage && + not_valid_after == o.not_valid_after && + not_valid_before == o.not_valid_before && + path == o.path && + self_signed == o.self_signed && + serial == o.serial && + sha1 == o.sha1 && + sid == o.sid && + signing_algorithm == o.signing_algorithm && + store == o.store && + store_id == o.store_id && + store_location == o.store_location && + subject == o.subject && + subject_key_id == o.subject_key_id && + system_id == o.system_id && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [authority_key_id, ca, common_name, issuer, key_algorithm, key_strength, key_usage, not_valid_after, not_valid_before, path, self_signed, serial, sha1, sid, signing_algorithm, store, store_id, store_location, subject, subject_key_id, system_id, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_chassis_info.rb b/jcapiv2/lib/jcapiv2/models/system_insights_chassis_info.rb new file mode 100644 index 0000000..5b167fa --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_chassis_info.rb @@ -0,0 +1,332 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsChassisInfo + attr_accessor :audible_alarm + + attr_accessor :breach_description + + attr_accessor :chassis_types + + attr_accessor :collection_time + + attr_accessor :description + + attr_accessor :lock + + attr_accessor :manufacturer + + attr_accessor :model + + attr_accessor :security_breach + + attr_accessor :serial + + attr_accessor :sku + + attr_accessor :smbios_tag + + attr_accessor :status + + attr_accessor :system_id + + attr_accessor :visible_alarm + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'audible_alarm' => :'audible_alarm', + :'breach_description' => :'breach_description', + :'chassis_types' => :'chassis_types', + :'collection_time' => :'collection_time', + :'description' => :'description', + :'lock' => :'lock', + :'manufacturer' => :'manufacturer', + :'model' => :'model', + :'security_breach' => :'security_breach', + :'serial' => :'serial', + :'sku' => :'sku', + :'smbios_tag' => :'smbios_tag', + :'status' => :'status', + :'system_id' => :'system_id', + :'visible_alarm' => :'visible_alarm' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'audible_alarm' => :'Object', + :'breach_description' => :'Object', + :'chassis_types' => :'Object', + :'collection_time' => :'Object', + :'description' => :'Object', + :'lock' => :'Object', + :'manufacturer' => :'Object', + :'model' => :'Object', + :'security_breach' => :'Object', + :'serial' => :'Object', + :'sku' => :'Object', + :'smbios_tag' => :'Object', + :'status' => :'Object', + :'system_id' => :'Object', + :'visible_alarm' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsChassisInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsChassisInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'audible_alarm') + self.audible_alarm = attributes[:'audible_alarm'] + end + + if attributes.key?(:'breach_description') + self.breach_description = attributes[:'breach_description'] + end + + if attributes.key?(:'chassis_types') + self.chassis_types = attributes[:'chassis_types'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'lock') + self.lock = attributes[:'lock'] + end + + if attributes.key?(:'manufacturer') + self.manufacturer = attributes[:'manufacturer'] + end + + if attributes.key?(:'model') + self.model = attributes[:'model'] + end + + if attributes.key?(:'security_breach') + self.security_breach = attributes[:'security_breach'] + end + + if attributes.key?(:'serial') + self.serial = attributes[:'serial'] + end + + if attributes.key?(:'sku') + self.sku = attributes[:'sku'] + end + + if attributes.key?(:'smbios_tag') + self.smbios_tag = attributes[:'smbios_tag'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'visible_alarm') + self.visible_alarm = attributes[:'visible_alarm'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + audible_alarm == o.audible_alarm && + breach_description == o.breach_description && + chassis_types == o.chassis_types && + collection_time == o.collection_time && + description == o.description && + lock == o.lock && + manufacturer == o.manufacturer && + model == o.model && + security_breach == o.security_breach && + serial == o.serial && + sku == o.sku && + smbios_tag == o.smbios_tag && + status == o.status && + system_id == o.system_id && + visible_alarm == o.visible_alarm + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [audible_alarm, breach_description, chassis_types, collection_time, description, lock, manufacturer, model, security_breach, serial, sku, smbios_tag, status, system_id, visible_alarm].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_chrome_extensions.rb b/jcapiv2/lib/jcapiv2/models/system_insights_chrome_extensions.rb index f836c4c..5197856 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_chrome_extensions.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_chrome_extensions.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsChromeExtensions attr_accessor :author @@ -41,7 +39,6 @@ class SystemInsightsChromeExtensions attr_accessor :version - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -62,97 +59,109 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'author' => :'String', - :'collection_time' => :'String', - :'description' => :'String', - :'identifier' => :'String', - :'locale' => :'String', - :'name' => :'String', - :'path' => :'String', - :'permissions' => :'String', - :'persistent' => :'Integer', - :'system_id' => :'String', - :'uid' => :'String', - :'update_url' => :'String', - :'version' => :'String' + :'author' => :'Object', + :'collection_time' => :'Object', + :'description' => :'Object', + :'identifier' => :'Object', + :'locale' => :'Object', + :'name' => :'Object', + :'path' => :'Object', + :'permissions' => :'Object', + :'persistent' => :'Object', + :'system_id' => :'Object', + :'uid' => :'Object', + :'update_url' => :'Object', + :'version' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsChromeExtensions` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsChromeExtensions`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'author') + if attributes.key?(:'author') self.author = attributes[:'author'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'identifier') + if attributes.key?(:'identifier') self.identifier = attributes[:'identifier'] end - if attributes.has_key?(:'locale') + if attributes.key?(:'locale') self.locale = attributes[:'locale'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'path') + if attributes.key?(:'path') self.path = attributes[:'path'] end - if attributes.has_key?(:'permissions') + if attributes.key?(:'permissions') self.permissions = attributes[:'permissions'] end - if attributes.has_key?(:'persistent') + if attributes.key?(:'persistent') self.persistent = attributes[:'persistent'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'uid') + if attributes.key?(:'uid') self.uid = attributes[:'uid'] end - if attributes.has_key?(:'update_url') + if attributes.key?(:'update_url') self.update_url = attributes[:'update_url'] end - if attributes.has_key?(:'version') + if attributes.key?(:'version') self.version = attributes[:'version'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -182,26 +191,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [author, collection_time, description, identifier, locale, name, path, permissions, persistent, system_id, uid, update_url, version].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -223,7 +241,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -244,8 +262,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -267,7 +284,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -279,7 +300,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -289,8 +310,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_connectivity.rb b/jcapiv2/lib/jcapiv2/models/system_insights_connectivity.rb new file mode 100644 index 0000000..a9caabd --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_connectivity.rb @@ -0,0 +1,296 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsConnectivity + attr_accessor :collection_time + + attr_accessor :disconnected + + attr_accessor :ipv4_internet + + attr_accessor :ipv4_local_network + + attr_accessor :ipv4_no_traffic + + attr_accessor :ipv4_subnet + + attr_accessor :ipv6_internet + + attr_accessor :ipv6_local_network + + attr_accessor :ipv6_no_traffic + + attr_accessor :ipv6_subnet + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'disconnected' => :'disconnected', + :'ipv4_internet' => :'ipv4_internet', + :'ipv4_local_network' => :'ipv4_local_network', + :'ipv4_no_traffic' => :'ipv4_no_traffic', + :'ipv4_subnet' => :'ipv4_subnet', + :'ipv6_internet' => :'ipv6_internet', + :'ipv6_local_network' => :'ipv6_local_network', + :'ipv6_no_traffic' => :'ipv6_no_traffic', + :'ipv6_subnet' => :'ipv6_subnet', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'disconnected' => :'Object', + :'ipv4_internet' => :'Object', + :'ipv4_local_network' => :'Object', + :'ipv4_no_traffic' => :'Object', + :'ipv4_subnet' => :'Object', + :'ipv6_internet' => :'Object', + :'ipv6_local_network' => :'Object', + :'ipv6_no_traffic' => :'Object', + :'ipv6_subnet' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsConnectivity` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsConnectivity`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'disconnected') + self.disconnected = attributes[:'disconnected'] + end + + if attributes.key?(:'ipv4_internet') + self.ipv4_internet = attributes[:'ipv4_internet'] + end + + if attributes.key?(:'ipv4_local_network') + self.ipv4_local_network = attributes[:'ipv4_local_network'] + end + + if attributes.key?(:'ipv4_no_traffic') + self.ipv4_no_traffic = attributes[:'ipv4_no_traffic'] + end + + if attributes.key?(:'ipv4_subnet') + self.ipv4_subnet = attributes[:'ipv4_subnet'] + end + + if attributes.key?(:'ipv6_internet') + self.ipv6_internet = attributes[:'ipv6_internet'] + end + + if attributes.key?(:'ipv6_local_network') + self.ipv6_local_network = attributes[:'ipv6_local_network'] + end + + if attributes.key?(:'ipv6_no_traffic') + self.ipv6_no_traffic = attributes[:'ipv6_no_traffic'] + end + + if attributes.key?(:'ipv6_subnet') + self.ipv6_subnet = attributes[:'ipv6_subnet'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + disconnected == o.disconnected && + ipv4_internet == o.ipv4_internet && + ipv4_local_network == o.ipv4_local_network && + ipv4_no_traffic == o.ipv4_no_traffic && + ipv4_subnet == o.ipv4_subnet && + ipv6_internet == o.ipv6_internet && + ipv6_local_network == o.ipv6_local_network && + ipv6_no_traffic == o.ipv6_no_traffic && + ipv6_subnet == o.ipv6_subnet && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, disconnected, ipv4_internet, ipv4_local_network, ipv4_no_traffic, ipv4_subnet, ipv6_internet, ipv6_local_network, ipv6_no_traffic, ipv6_subnet, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_crashes.rb b/jcapiv2/lib/jcapiv2/models/system_insights_crashes.rb index 4123ced..aa30716 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_crashes.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_crashes.rb @@ -1,20 +1,20 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsCrashes + attr_accessor :collection_time + attr_accessor :crash_path attr_accessor :crashed_thread @@ -41,16 +41,18 @@ class SystemInsightsCrashes attr_accessor :stack_trace + attr_accessor :system_id + attr_accessor :type attr_accessor :uid attr_accessor :version - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'collection_time' => :'collection_time', :'crash_path' => :'crash_path', :'crashed_thread' => :'crashed_thread', :'datetime' => :'datetime', @@ -64,6 +66,7 @@ def self.attribute_map :'registers' => :'registers', :'responsible' => :'responsible', :'stack_trace' => :'stack_trace', + :'system_id' => :'system_id', :'type' => :'type', :'uid' => :'uid', :'version' => :'version' @@ -71,112 +74,134 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'crash_path' => :'String', - :'crashed_thread' => :'String', - :'datetime' => :'String', - :'exception_codes' => :'String', - :'exception_notes' => :'String', - :'exception_type' => :'String', - :'identifier' => :'String', - :'parent' => :'String', - :'path' => :'String', - :'pid' => :'String', - :'registers' => :'String', - :'responsible' => :'String', - :'stack_trace' => :'String', - :'type' => :'String', - :'uid' => :'Integer', - :'version' => :'String' + :'collection_time' => :'Object', + :'crash_path' => :'Object', + :'crashed_thread' => :'Object', + :'datetime' => :'Object', + :'exception_codes' => :'Object', + :'exception_notes' => :'Object', + :'exception_type' => :'Object', + :'identifier' => :'Object', + :'parent' => :'Object', + :'path' => :'Object', + :'pid' => :'Object', + :'registers' => :'Object', + :'responsible' => :'Object', + :'stack_trace' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object', + :'uid' => :'Object', + :'version' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsCrashes` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsCrashes`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end - if attributes.has_key?(:'crash_path') + if attributes.key?(:'crash_path') self.crash_path = attributes[:'crash_path'] end - if attributes.has_key?(:'crashed_thread') + if attributes.key?(:'crashed_thread') self.crashed_thread = attributes[:'crashed_thread'] end - if attributes.has_key?(:'datetime') + if attributes.key?(:'datetime') self.datetime = attributes[:'datetime'] end - if attributes.has_key?(:'exception_codes') + if attributes.key?(:'exception_codes') self.exception_codes = attributes[:'exception_codes'] end - if attributes.has_key?(:'exception_notes') + if attributes.key?(:'exception_notes') self.exception_notes = attributes[:'exception_notes'] end - if attributes.has_key?(:'exception_type') + if attributes.key?(:'exception_type') self.exception_type = attributes[:'exception_type'] end - if attributes.has_key?(:'identifier') + if attributes.key?(:'identifier') self.identifier = attributes[:'identifier'] end - if attributes.has_key?(:'parent') + if attributes.key?(:'parent') self.parent = attributes[:'parent'] end - if attributes.has_key?(:'path') + if attributes.key?(:'path') self.path = attributes[:'path'] end - if attributes.has_key?(:'pid') + if attributes.key?(:'pid') self.pid = attributes[:'pid'] end - if attributes.has_key?(:'registers') + if attributes.key?(:'registers') self.registers = attributes[:'registers'] end - if attributes.has_key?(:'responsible') + if attributes.key?(:'responsible') self.responsible = attributes[:'responsible'] end - if attributes.has_key?(:'stack_trace') + if attributes.key?(:'stack_trace') self.stack_trace = attributes[:'stack_trace'] end - if attributes.has_key?(:'type') + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'type') self.type = attributes[:'type'] end - if attributes.has_key?(:'uid') + if attributes.key?(:'uid') self.uid = attributes[:'uid'] end - if attributes.has_key?(:'version') + if attributes.key?(:'version') self.version = attributes[:'version'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -184,6 +209,7 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && + collection_time == o.collection_time && crash_path == o.crash_path && crashed_thread == o.crashed_thread && datetime == o.datetime && @@ -197,6 +223,7 @@ def ==(o) registers == o.registers && responsible == o.responsible && stack_trace == o.stack_trace && + system_id == o.system_id && type == o.type && uid == o.uid && version == o.version @@ -209,9 +236,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [crash_path, crashed_thread, datetime, exception_codes, exception_notes, exception_type, identifier, parent, path, pid, registers, responsible, stack_trace, type, uid, version].hash + [collection_time, crash_path, crashed_thread, datetime, exception_codes, exception_notes, exception_type, identifier, parent, path, pid, registers, responsible, stack_trace, system_id, type, uid, version].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -219,16 +253,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -250,7 +286,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -271,8 +307,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -294,7 +329,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -306,7 +345,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -316,8 +355,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_cups_destinations.rb b/jcapiv2/lib/jcapiv2/models/system_insights_cups_destinations.rb new file mode 100644 index 0000000..7218fd3 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_cups_destinations.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsCupsDestinations + attr_accessor :name + + attr_accessor :option_name + + attr_accessor :option_value + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'name' => :'name', + :'option_name' => :'option_name', + :'option_value' => :'option_value', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'name' => :'Object', + :'option_name' => :'Object', + :'option_value' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsCupsDestinations` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsCupsDestinations`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'option_name') + self.option_name = attributes[:'option_name'] + end + + if attributes.key?(:'option_value') + self.option_value = attributes[:'option_value'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + name == o.name && + option_name == o.option_name && + option_value == o.option_value && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [name, option_name, option_value, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_disk_encryption.rb b/jcapiv2/lib/jcapiv2/models/system_insights_disk_encryption.rb index 758d013..fb4b7ba 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_disk_encryption.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_disk_encryption.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsDiskEncryption attr_accessor :collection_time @@ -33,7 +31,6 @@ class SystemInsightsDiskEncryption attr_accessor :uuid - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -50,77 +47,89 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'encrypted' => :'Integer', - :'encryption_status' => :'String', - :'name' => :'String', - :'system_id' => :'String', - :'type' => :'String', - :'uid' => :'String', - :'user_uuid' => :'String', - :'uuid' => :'String' + :'collection_time' => :'Object', + :'encrypted' => :'Object', + :'encryption_status' => :'Object', + :'name' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object', + :'uid' => :'Object', + :'user_uuid' => :'Object', + :'uuid' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsDiskEncryption` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsDiskEncryption`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'encrypted') + if attributes.key?(:'encrypted') self.encrypted = attributes[:'encrypted'] end - if attributes.has_key?(:'encryption_status') + if attributes.key?(:'encryption_status') self.encryption_status = attributes[:'encryption_status'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - if attributes.has_key?(:'uid') + if attributes.key?(:'uid') self.uid = attributes[:'uid'] end - if attributes.has_key?(:'user_uuid') + if attributes.key?(:'user_uuid') self.user_uuid = attributes[:'user_uuid'] end - if attributes.has_key?(:'uuid') + if attributes.key?(:'uuid') self.uuid = attributes[:'uuid'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -146,26 +155,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, encrypted, encryption_status, name, system_id, type, uid, user_uuid, uuid].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -187,7 +205,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -208,8 +226,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -231,7 +248,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -243,7 +264,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -253,8 +274,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_disk_info.rb b/jcapiv2/lib/jcapiv2/models/system_insights_disk_info.rb index 70b42ba..65e160c 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_disk_info.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_disk_info.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsDiskInfo attr_accessor :collection_time @@ -41,7 +39,6 @@ class SystemInsightsDiskInfo attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -62,97 +59,109 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'description' => :'String', - :'disk_index' => :'Integer', - :'disk_size' => :'String', - :'hardware_model' => :'String', - :'id' => :'String', - :'manufacturer' => :'String', - :'name' => :'String', - :'partitions' => :'Integer', - :'pnp_device_id' => :'String', - :'serial' => :'String', - :'system_id' => :'String', - :'type' => :'String' + :'collection_time' => :'Object', + :'description' => :'Object', + :'disk_index' => :'Object', + :'disk_size' => :'Object', + :'hardware_model' => :'Object', + :'id' => :'Object', + :'manufacturer' => :'Object', + :'name' => :'Object', + :'partitions' => :'Object', + :'pnp_device_id' => :'Object', + :'serial' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsDiskInfo` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsDiskInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'disk_index') + if attributes.key?(:'disk_index') self.disk_index = attributes[:'disk_index'] end - if attributes.has_key?(:'disk_size') + if attributes.key?(:'disk_size') self.disk_size = attributes[:'disk_size'] end - if attributes.has_key?(:'hardware_model') + if attributes.key?(:'hardware_model') self.hardware_model = attributes[:'hardware_model'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'manufacturer') + if attributes.key?(:'manufacturer') self.manufacturer = attributes[:'manufacturer'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'partitions') + if attributes.key?(:'partitions') self.partitions = attributes[:'partitions'] end - if attributes.has_key?(:'pnp_device_id') + if attributes.key?(:'pnp_device_id') self.pnp_device_id = attributes[:'pnp_device_id'] end - if attributes.has_key?(:'serial') + if attributes.key?(:'serial') self.serial = attributes[:'serial'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -182,26 +191,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, description, disk_index, disk_size, hardware_model, id, manufacturer, name, partitions, pnp_device_id, serial, system_id, type].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -223,7 +241,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -244,8 +262,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -267,7 +284,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -279,7 +300,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -289,8 +310,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_dns_resolvers.rb b/jcapiv2/lib/jcapiv2/models/system_insights_dns_resolvers.rb new file mode 100644 index 0000000..71894d2 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_dns_resolvers.rb @@ -0,0 +1,260 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsDnsResolvers + attr_accessor :address + + attr_accessor :collection_time + + attr_accessor :id + + attr_accessor :netmask + + attr_accessor :options + + attr_accessor :system_id + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'address' => :'address', + :'collection_time' => :'collection_time', + :'id' => :'id', + :'netmask' => :'netmask', + :'options' => :'options', + :'system_id' => :'system_id', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'address' => :'Object', + :'collection_time' => :'Object', + :'id' => :'Object', + :'netmask' => :'Object', + :'options' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsDnsResolvers` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsDnsResolvers`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'address') + self.address = attributes[:'address'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'netmask') + self.netmask = attributes[:'netmask'] + end + + if attributes.key?(:'options') + self.options = attributes[:'options'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + address == o.address && + collection_time == o.collection_time && + id == o.id && + netmask == o.netmask && + options == o.options && + system_id == o.system_id && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [address, collection_time, id, netmask, options, system_id, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_etc_hosts.rb b/jcapiv2/lib/jcapiv2/models/system_insights_etc_hosts.rb index b5dcb16..7abbf6b 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_etc_hosts.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_etc_hosts.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsEtcHosts attr_accessor :address @@ -23,7 +21,6 @@ class SystemInsightsEtcHosts attr_accessor :system_id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -35,52 +32,64 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'address' => :'String', - :'collection_time' => :'String', - :'hostnames' => :'String', - :'system_id' => :'String' + :'address' => :'Object', + :'collection_time' => :'Object', + :'hostnames' => :'Object', + :'system_id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsEtcHosts` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsEtcHosts`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'address') + if attributes.key?(:'address') self.address = attributes[:'address'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'hostnames') + if attributes.key?(:'hostnames') self.hostnames = attributes[:'hostnames'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -101,26 +110,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [address, collection_time, hostnames, system_id].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -142,7 +160,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -163,8 +181,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -186,7 +203,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -198,7 +219,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -208,8 +229,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_firefox_addons.rb b/jcapiv2/lib/jcapiv2/models/system_insights_firefox_addons.rb index 2e926ba..7c52eff 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_firefox_addons.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_firefox_addons.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsFirefoxAddons attr_accessor :active @@ -47,7 +45,6 @@ class SystemInsightsFirefoxAddons attr_accessor :visible - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -71,112 +68,124 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'active' => :'Integer', - :'autoupdate' => :'Integer', - :'collection_time' => :'String', - :'creator' => :'String', - :'description' => :'String', - :'disabled' => :'Integer', - :'identifier' => :'String', - :'location' => :'String', - :'name' => :'String', - :'path' => :'String', - :'source_url' => :'String', - :'system_id' => :'String', - :'type' => :'String', - :'uid' => :'String', - :'version' => :'String', - :'visible' => :'Integer' + :'active' => :'Object', + :'autoupdate' => :'Object', + :'collection_time' => :'Object', + :'creator' => :'Object', + :'description' => :'Object', + :'disabled' => :'Object', + :'identifier' => :'Object', + :'location' => :'Object', + :'name' => :'Object', + :'path' => :'Object', + :'source_url' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object', + :'uid' => :'Object', + :'version' => :'Object', + :'visible' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsFirefoxAddons` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsFirefoxAddons`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'active') + if attributes.key?(:'active') self.active = attributes[:'active'] end - if attributes.has_key?(:'autoupdate') + if attributes.key?(:'autoupdate') self.autoupdate = attributes[:'autoupdate'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'creator') + if attributes.key?(:'creator') self.creator = attributes[:'creator'] end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'disabled') + if attributes.key?(:'disabled') self.disabled = attributes[:'disabled'] end - if attributes.has_key?(:'identifier') + if attributes.key?(:'identifier') self.identifier = attributes[:'identifier'] end - if attributes.has_key?(:'location') + if attributes.key?(:'location') self.location = attributes[:'location'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'path') + if attributes.key?(:'path') self.path = attributes[:'path'] end - if attributes.has_key?(:'source_url') + if attributes.key?(:'source_url') self.source_url = attributes[:'source_url'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - if attributes.has_key?(:'uid') + if attributes.key?(:'uid') self.uid = attributes[:'uid'] end - if attributes.has_key?(:'version') + if attributes.key?(:'version') self.version = attributes[:'version'] end - if attributes.has_key?(:'visible') + if attributes.key?(:'visible') self.visible = attributes[:'visible'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -209,26 +218,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [active, autoupdate, collection_time, creator, description, disabled, identifier, location, name, path, source_url, system_id, type, uid, version, visible].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -250,7 +268,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -271,8 +289,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -294,7 +311,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -306,7 +327,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -316,8 +337,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_groups.rb b/jcapiv2/lib/jcapiv2/models/system_insights_groups.rb index ea7ade1..a6303e4 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_groups.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_groups.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsGroups attr_accessor :collection_time @@ -29,7 +27,6 @@ class SystemInsightsGroups attr_accessor :system_id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -44,67 +41,79 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'comment' => :'String', - :'gid' => :'String', - :'gid_signed' => :'String', - :'group_sid' => :'String', - :'groupname' => :'String', - :'system_id' => :'String' + :'collection_time' => :'Object', + :'comment' => :'Object', + :'gid' => :'Object', + :'gid_signed' => :'Object', + :'group_sid' => :'Object', + :'groupname' => :'Object', + :'system_id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsGroups` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsGroups`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'comment') + if attributes.key?(:'comment') self.comment = attributes[:'comment'] end - if attributes.has_key?(:'gid') + if attributes.key?(:'gid') self.gid = attributes[:'gid'] end - if attributes.has_key?(:'gid_signed') + if attributes.key?(:'gid_signed') self.gid_signed = attributes[:'gid_signed'] end - if attributes.has_key?(:'group_sid') + if attributes.key?(:'group_sid') self.group_sid = attributes[:'group_sid'] end - if attributes.has_key?(:'groupname') + if attributes.key?(:'groupname') self.groupname = attributes[:'groupname'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -128,26 +137,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, comment, gid, gid_signed, group_sid, groupname, system_id].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -169,7 +187,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -190,8 +208,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -213,7 +230,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -225,7 +246,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -235,8 +256,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_ie_extensions.rb b/jcapiv2/lib/jcapiv2/models/system_insights_ie_extensions.rb index da73148..7de7e99 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_ie_extensions.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_ie_extensions.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsIeExtensions attr_accessor :collection_time @@ -27,7 +25,6 @@ class SystemInsightsIeExtensions attr_accessor :version - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -41,62 +38,74 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'name' => :'String', - :'path' => :'String', - :'registry_path' => :'String', - :'system_id' => :'String', - :'version' => :'String' + :'collection_time' => :'Object', + :'name' => :'Object', + :'path' => :'Object', + :'registry_path' => :'Object', + :'system_id' => :'Object', + :'version' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsIeExtensions` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsIeExtensions`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'path') + if attributes.key?(:'path') self.path = attributes[:'path'] end - if attributes.has_key?(:'registry_path') + if attributes.key?(:'registry_path') self.registry_path = attributes[:'registry_path'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'version') + if attributes.key?(:'version') self.version = attributes[:'version'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -119,26 +128,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, name, path, registry_path, system_id, version].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -160,7 +178,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -181,8 +199,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -204,7 +221,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -216,7 +237,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -226,8 +247,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_interface_addresses.rb b/jcapiv2/lib/jcapiv2/models/system_insights_interface_addresses.rb index 295c2b1..c1e3085 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_interface_addresses.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_interface_addresses.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsInterfaceAddresses attr_accessor :address @@ -33,7 +31,6 @@ class SystemInsightsInterfaceAddresses attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -50,77 +47,89 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'address' => :'String', - :'broadcast' => :'String', - :'collection_time' => :'String', - :'friendly_name' => :'String', - :'interface' => :'String', - :'mask' => :'String', - :'point_to_point' => :'String', - :'system_id' => :'String', - :'type' => :'String' + :'address' => :'Object', + :'broadcast' => :'Object', + :'collection_time' => :'Object', + :'friendly_name' => :'Object', + :'interface' => :'Object', + :'mask' => :'Object', + :'point_to_point' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsInterfaceAddresses` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsInterfaceAddresses`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'address') + if attributes.key?(:'address') self.address = attributes[:'address'] end - if attributes.has_key?(:'broadcast') + if attributes.key?(:'broadcast') self.broadcast = attributes[:'broadcast'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'friendly_name') + if attributes.key?(:'friendly_name') self.friendly_name = attributes[:'friendly_name'] end - if attributes.has_key?(:'interface') + if attributes.key?(:'interface') self.interface = attributes[:'interface'] end - if attributes.has_key?(:'mask') + if attributes.key?(:'mask') self.mask = attributes[:'mask'] end - if attributes.has_key?(:'point_to_point') + if attributes.key?(:'point_to_point') self.point_to_point = attributes[:'point_to_point'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -146,26 +155,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [address, broadcast, collection_time, friendly_name, interface, mask, point_to_point, system_id, type].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -187,7 +205,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -208,8 +226,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -231,7 +248,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -243,7 +264,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -253,8 +274,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_interface_details.rb b/jcapiv2/lib/jcapiv2/models/system_insights_interface_details.rb new file mode 100644 index 0000000..191a75d --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_interface_details.rb @@ -0,0 +1,521 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsInterfaceDetails + attr_accessor :collisions + + attr_accessor :connection_id + + attr_accessor :connection_status + + attr_accessor :description + + attr_accessor :dhcp_enabled + + attr_accessor :dhcp_lease_expires + + attr_accessor :dhcp_lease_obtained + + attr_accessor :dhcp_server + + attr_accessor :dns_domain + + attr_accessor :dns_domain_suffix_search_order + + attr_accessor :dns_host_name + + attr_accessor :dns_server_search_order + + attr_accessor :enabled + + attr_accessor :flags + + attr_accessor :friendly_name + + attr_accessor :ibytes + + attr_accessor :idrops + + attr_accessor :ierrors + + attr_accessor :interface + + attr_accessor :ipackets + + attr_accessor :last_change + + attr_accessor :link_speed + + attr_accessor :mac + + attr_accessor :manufacturer + + attr_accessor :metric + + attr_accessor :mtu + + attr_accessor :obytes + + attr_accessor :odrops + + attr_accessor :oerrors + + attr_accessor :opackets + + attr_accessor :pci_slot + + attr_accessor :physical_adapter + + attr_accessor :service + + attr_accessor :speed + + attr_accessor :system_id + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collisions' => :'collisions', + :'connection_id' => :'connection_id', + :'connection_status' => :'connection_status', + :'description' => :'description', + :'dhcp_enabled' => :'dhcp_enabled', + :'dhcp_lease_expires' => :'dhcp_lease_expires', + :'dhcp_lease_obtained' => :'dhcp_lease_obtained', + :'dhcp_server' => :'dhcp_server', + :'dns_domain' => :'dns_domain', + :'dns_domain_suffix_search_order' => :'dns_domain_suffix_search_order', + :'dns_host_name' => :'dns_host_name', + :'dns_server_search_order' => :'dns_server_search_order', + :'enabled' => :'enabled', + :'flags' => :'flags', + :'friendly_name' => :'friendly_name', + :'ibytes' => :'ibytes', + :'idrops' => :'idrops', + :'ierrors' => :'ierrors', + :'interface' => :'interface', + :'ipackets' => :'ipackets', + :'last_change' => :'last_change', + :'link_speed' => :'link_speed', + :'mac' => :'mac', + :'manufacturer' => :'manufacturer', + :'metric' => :'metric', + :'mtu' => :'mtu', + :'obytes' => :'obytes', + :'odrops' => :'odrops', + :'oerrors' => :'oerrors', + :'opackets' => :'opackets', + :'pci_slot' => :'pci_slot', + :'physical_adapter' => :'physical_adapter', + :'service' => :'service', + :'speed' => :'speed', + :'system_id' => :'system_id', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collisions' => :'Object', + :'connection_id' => :'Object', + :'connection_status' => :'Object', + :'description' => :'Object', + :'dhcp_enabled' => :'Object', + :'dhcp_lease_expires' => :'Object', + :'dhcp_lease_obtained' => :'Object', + :'dhcp_server' => :'Object', + :'dns_domain' => :'Object', + :'dns_domain_suffix_search_order' => :'Object', + :'dns_host_name' => :'Object', + :'dns_server_search_order' => :'Object', + :'enabled' => :'Object', + :'flags' => :'Object', + :'friendly_name' => :'Object', + :'ibytes' => :'Object', + :'idrops' => :'Object', + :'ierrors' => :'Object', + :'interface' => :'Object', + :'ipackets' => :'Object', + :'last_change' => :'Object', + :'link_speed' => :'Object', + :'mac' => :'Object', + :'manufacturer' => :'Object', + :'metric' => :'Object', + :'mtu' => :'Object', + :'obytes' => :'Object', + :'odrops' => :'Object', + :'oerrors' => :'Object', + :'opackets' => :'Object', + :'pci_slot' => :'Object', + :'physical_adapter' => :'Object', + :'service' => :'Object', + :'speed' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsInterfaceDetails` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsInterfaceDetails`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collisions') + self.collisions = attributes[:'collisions'] + end + + if attributes.key?(:'connection_id') + self.connection_id = attributes[:'connection_id'] + end + + if attributes.key?(:'connection_status') + self.connection_status = attributes[:'connection_status'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'dhcp_enabled') + self.dhcp_enabled = attributes[:'dhcp_enabled'] + end + + if attributes.key?(:'dhcp_lease_expires') + self.dhcp_lease_expires = attributes[:'dhcp_lease_expires'] + end + + if attributes.key?(:'dhcp_lease_obtained') + self.dhcp_lease_obtained = attributes[:'dhcp_lease_obtained'] + end + + if attributes.key?(:'dhcp_server') + self.dhcp_server = attributes[:'dhcp_server'] + end + + if attributes.key?(:'dns_domain') + self.dns_domain = attributes[:'dns_domain'] + end + + if attributes.key?(:'dns_domain_suffix_search_order') + self.dns_domain_suffix_search_order = attributes[:'dns_domain_suffix_search_order'] + end + + if attributes.key?(:'dns_host_name') + self.dns_host_name = attributes[:'dns_host_name'] + end + + if attributes.key?(:'dns_server_search_order') + self.dns_server_search_order = attributes[:'dns_server_search_order'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'flags') + self.flags = attributes[:'flags'] + end + + if attributes.key?(:'friendly_name') + self.friendly_name = attributes[:'friendly_name'] + end + + if attributes.key?(:'ibytes') + self.ibytes = attributes[:'ibytes'] + end + + if attributes.key?(:'idrops') + self.idrops = attributes[:'idrops'] + end + + if attributes.key?(:'ierrors') + self.ierrors = attributes[:'ierrors'] + end + + if attributes.key?(:'interface') + self.interface = attributes[:'interface'] + end + + if attributes.key?(:'ipackets') + self.ipackets = attributes[:'ipackets'] + end + + if attributes.key?(:'last_change') + self.last_change = attributes[:'last_change'] + end + + if attributes.key?(:'link_speed') + self.link_speed = attributes[:'link_speed'] + end + + if attributes.key?(:'mac') + self.mac = attributes[:'mac'] + end + + if attributes.key?(:'manufacturer') + self.manufacturer = attributes[:'manufacturer'] + end + + if attributes.key?(:'metric') + self.metric = attributes[:'metric'] + end + + if attributes.key?(:'mtu') + self.mtu = attributes[:'mtu'] + end + + if attributes.key?(:'obytes') + self.obytes = attributes[:'obytes'] + end + + if attributes.key?(:'odrops') + self.odrops = attributes[:'odrops'] + end + + if attributes.key?(:'oerrors') + self.oerrors = attributes[:'oerrors'] + end + + if attributes.key?(:'opackets') + self.opackets = attributes[:'opackets'] + end + + if attributes.key?(:'pci_slot') + self.pci_slot = attributes[:'pci_slot'] + end + + if attributes.key?(:'physical_adapter') + self.physical_adapter = attributes[:'physical_adapter'] + end + + if attributes.key?(:'service') + self.service = attributes[:'service'] + end + + if attributes.key?(:'speed') + self.speed = attributes[:'speed'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collisions == o.collisions && + connection_id == o.connection_id && + connection_status == o.connection_status && + description == o.description && + dhcp_enabled == o.dhcp_enabled && + dhcp_lease_expires == o.dhcp_lease_expires && + dhcp_lease_obtained == o.dhcp_lease_obtained && + dhcp_server == o.dhcp_server && + dns_domain == o.dns_domain && + dns_domain_suffix_search_order == o.dns_domain_suffix_search_order && + dns_host_name == o.dns_host_name && + dns_server_search_order == o.dns_server_search_order && + enabled == o.enabled && + flags == o.flags && + friendly_name == o.friendly_name && + ibytes == o.ibytes && + idrops == o.idrops && + ierrors == o.ierrors && + interface == o.interface && + ipackets == o.ipackets && + last_change == o.last_change && + link_speed == o.link_speed && + mac == o.mac && + manufacturer == o.manufacturer && + metric == o.metric && + mtu == o.mtu && + obytes == o.obytes && + odrops == o.odrops && + oerrors == o.oerrors && + opackets == o.opackets && + pci_slot == o.pci_slot && + physical_adapter == o.physical_adapter && + service == o.service && + speed == o.speed && + system_id == o.system_id && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collisions, connection_id, connection_status, description, dhcp_enabled, dhcp_lease_expires, dhcp_lease_obtained, dhcp_server, dns_domain, dns_domain_suffix_search_order, dns_host_name, dns_server_search_order, enabled, flags, friendly_name, ibytes, idrops, ierrors, interface, ipackets, last_change, link_speed, mac, manufacturer, metric, mtu, obytes, odrops, oerrors, opackets, pci_slot, physical_adapter, service, speed, system_id, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_kernel_info.rb b/jcapiv2/lib/jcapiv2/models/system_insights_kernel_info.rb index 0fdb499..646a88f 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_kernel_info.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_kernel_info.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsKernelInfo attr_accessor :arguments @@ -27,7 +25,6 @@ class SystemInsightsKernelInfo attr_accessor :version - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -41,62 +38,74 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'arguments' => :'String', - :'collection_time' => :'String', - :'device' => :'String', - :'path' => :'String', - :'system_id' => :'String', - :'version' => :'String' + :'arguments' => :'Object', + :'collection_time' => :'Object', + :'device' => :'Object', + :'path' => :'Object', + :'system_id' => :'Object', + :'version' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsKernelInfo` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsKernelInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'arguments') + if attributes.key?(:'arguments') self.arguments = attributes[:'arguments'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'device') + if attributes.key?(:'device') self.device = attributes[:'device'] end - if attributes.has_key?(:'path') + if attributes.key?(:'path') self.path = attributes[:'path'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'version') + if attributes.key?(:'version') self.version = attributes[:'version'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -119,26 +128,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [arguments, collection_time, device, path, system_id, version].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -160,7 +178,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -181,8 +199,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -204,7 +221,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -216,7 +237,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -226,8 +247,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_launchd.rb b/jcapiv2/lib/jcapiv2/models/system_insights_launchd.rb index afdf032..af18ced 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_launchd.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_launchd.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsLaunchd attr_accessor :collection_time @@ -61,7 +59,6 @@ class SystemInsightsLaunchd attr_accessor :working_directory - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -92,147 +89,159 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'disabled' => :'String', - :'groupname' => :'String', - :'inetd_compatibility' => :'String', - :'keep_alive' => :'String', - :'label' => :'String', - :'name' => :'String', - :'on_demand' => :'String', - :'path' => :'String', - :'process_type' => :'String', - :'program' => :'String', - :'program_arguments' => :'String', - :'queue_directories' => :'String', - :'root_directory' => :'String', - :'run_at_load' => :'String', - :'start_interval' => :'String', - :'start_on_mount' => :'String', - :'stderr_path' => :'String', - :'stdout_path' => :'String', - :'system_id' => :'String', - :'username' => :'String', - :'watch_paths' => :'String', - :'working_directory' => :'String' + :'collection_time' => :'Object', + :'disabled' => :'Object', + :'groupname' => :'Object', + :'inetd_compatibility' => :'Object', + :'keep_alive' => :'Object', + :'label' => :'Object', + :'name' => :'Object', + :'on_demand' => :'Object', + :'path' => :'Object', + :'process_type' => :'Object', + :'program' => :'Object', + :'program_arguments' => :'Object', + :'queue_directories' => :'Object', + :'root_directory' => :'Object', + :'run_at_load' => :'Object', + :'start_interval' => :'Object', + :'start_on_mount' => :'Object', + :'stderr_path' => :'Object', + :'stdout_path' => :'Object', + :'system_id' => :'Object', + :'username' => :'Object', + :'watch_paths' => :'Object', + :'working_directory' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsLaunchd` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsLaunchd`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'disabled') + if attributes.key?(:'disabled') self.disabled = attributes[:'disabled'] end - if attributes.has_key?(:'groupname') + if attributes.key?(:'groupname') self.groupname = attributes[:'groupname'] end - if attributes.has_key?(:'inetd_compatibility') + if attributes.key?(:'inetd_compatibility') self.inetd_compatibility = attributes[:'inetd_compatibility'] end - if attributes.has_key?(:'keep_alive') + if attributes.key?(:'keep_alive') self.keep_alive = attributes[:'keep_alive'] end - if attributes.has_key?(:'label') + if attributes.key?(:'label') self.label = attributes[:'label'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'on_demand') + if attributes.key?(:'on_demand') self.on_demand = attributes[:'on_demand'] end - if attributes.has_key?(:'path') + if attributes.key?(:'path') self.path = attributes[:'path'] end - if attributes.has_key?(:'process_type') + if attributes.key?(:'process_type') self.process_type = attributes[:'process_type'] end - if attributes.has_key?(:'program') + if attributes.key?(:'program') self.program = attributes[:'program'] end - if attributes.has_key?(:'program_arguments') + if attributes.key?(:'program_arguments') self.program_arguments = attributes[:'program_arguments'] end - if attributes.has_key?(:'queue_directories') + if attributes.key?(:'queue_directories') self.queue_directories = attributes[:'queue_directories'] end - if attributes.has_key?(:'root_directory') + if attributes.key?(:'root_directory') self.root_directory = attributes[:'root_directory'] end - if attributes.has_key?(:'run_at_load') + if attributes.key?(:'run_at_load') self.run_at_load = attributes[:'run_at_load'] end - if attributes.has_key?(:'start_interval') + if attributes.key?(:'start_interval') self.start_interval = attributes[:'start_interval'] end - if attributes.has_key?(:'start_on_mount') + if attributes.key?(:'start_on_mount') self.start_on_mount = attributes[:'start_on_mount'] end - if attributes.has_key?(:'stderr_path') + if attributes.key?(:'stderr_path') self.stderr_path = attributes[:'stderr_path'] end - if attributes.has_key?(:'stdout_path') + if attributes.key?(:'stdout_path') self.stdout_path = attributes[:'stdout_path'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'username') + if attributes.key?(:'username') self.username = attributes[:'username'] end - if attributes.has_key?(:'watch_paths') + if attributes.key?(:'watch_paths') self.watch_paths = attributes[:'watch_paths'] end - if attributes.has_key?(:'working_directory') + if attributes.key?(:'working_directory') self.working_directory = attributes[:'working_directory'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -272,26 +281,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, disabled, groupname, inetd_compatibility, keep_alive, label, name, on_demand, path, process_type, program, program_arguments, queue_directories, root_directory, run_at_load, start_interval, start_on_mount, stderr_path, stdout_path, system_id, username, watch_paths, working_directory].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -313,7 +331,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -334,8 +352,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -357,7 +374,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -369,7 +390,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -379,8 +400,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_linux_packages.rb b/jcapiv2/lib/jcapiv2/models/system_insights_linux_packages.rb new file mode 100644 index 0000000..41ac664 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_linux_packages.rb @@ -0,0 +1,305 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsLinuxPackages + attr_accessor :arch + + attr_accessor :install_time + + attr_accessor :maintainer_or_vendor + + attr_accessor :mount_namespace_id + + attr_accessor :name + + attr_accessor :package_format + + attr_accessor :package_group_or_section + + attr_accessor :pid_with_namespace + + attr_accessor :release_or_revision + + attr_accessor :size + + attr_accessor :system_id + + attr_accessor :version + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'arch' => :'arch', + :'install_time' => :'install_time', + :'maintainer_or_vendor' => :'maintainer_or_vendor', + :'mount_namespace_id' => :'mount_namespace_id', + :'name' => :'name', + :'package_format' => :'package_format', + :'package_group_or_section' => :'package_group_or_section', + :'pid_with_namespace' => :'pid_with_namespace', + :'release_or_revision' => :'release_or_revision', + :'size' => :'size', + :'system_id' => :'system_id', + :'version' => :'version' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'arch' => :'Object', + :'install_time' => :'Object', + :'maintainer_or_vendor' => :'Object', + :'mount_namespace_id' => :'Object', + :'name' => :'Object', + :'package_format' => :'Object', + :'package_group_or_section' => :'Object', + :'pid_with_namespace' => :'Object', + :'release_or_revision' => :'Object', + :'size' => :'Object', + :'system_id' => :'Object', + :'version' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsLinuxPackages` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsLinuxPackages`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'arch') + self.arch = attributes[:'arch'] + end + + if attributes.key?(:'install_time') + self.install_time = attributes[:'install_time'] + end + + if attributes.key?(:'maintainer_or_vendor') + self.maintainer_or_vendor = attributes[:'maintainer_or_vendor'] + end + + if attributes.key?(:'mount_namespace_id') + self.mount_namespace_id = attributes[:'mount_namespace_id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'package_format') + self.package_format = attributes[:'package_format'] + end + + if attributes.key?(:'package_group_or_section') + self.package_group_or_section = attributes[:'package_group_or_section'] + end + + if attributes.key?(:'pid_with_namespace') + self.pid_with_namespace = attributes[:'pid_with_namespace'] + end + + if attributes.key?(:'release_or_revision') + self.release_or_revision = attributes[:'release_or_revision'] + end + + if attributes.key?(:'size') + self.size = attributes[:'size'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + arch == o.arch && + install_time == o.install_time && + maintainer_or_vendor == o.maintainer_or_vendor && + mount_namespace_id == o.mount_namespace_id && + name == o.name && + package_format == o.package_format && + package_group_or_section == o.package_group_or_section && + pid_with_namespace == o.pid_with_namespace && + release_or_revision == o.release_or_revision && + size == o.size && + system_id == o.system_id && + version == o.version + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [arch, install_time, maintainer_or_vendor, mount_namespace_id, name, package_format, package_group_or_section, pid_with_namespace, release_or_revision, size, system_id, version].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_logged_in_users.rb b/jcapiv2/lib/jcapiv2/models/system_insights_logged_in_users.rb index 9e9e5f5..85835b5 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_logged_in_users.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_logged_in_users.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsLoggedInUsers attr_accessor :collection_time @@ -31,7 +29,6 @@ class SystemInsightsLoggedInUsers attr_accessor :user - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -47,72 +44,84 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'host' => :'String', - :'pid' => :'Integer', - :'system_id' => :'String', - :'time' => :'Integer', - :'tty' => :'String', - :'type' => :'String', - :'user' => :'String' + :'collection_time' => :'Object', + :'host' => :'Object', + :'pid' => :'Object', + :'system_id' => :'Object', + :'time' => :'Object', + :'tty' => :'Object', + :'type' => :'Object', + :'user' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsLoggedInUsers` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsLoggedInUsers`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'host') + if attributes.key?(:'host') self.host = attributes[:'host'] end - if attributes.has_key?(:'pid') + if attributes.key?(:'pid') self.pid = attributes[:'pid'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'time') + if attributes.key?(:'time') self.time = attributes[:'time'] end - if attributes.has_key?(:'tty') + if attributes.key?(:'tty') self.tty = attributes[:'tty'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - if attributes.has_key?(:'user') + if attributes.key?(:'user') self.user = attributes[:'user'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -137,26 +146,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, host, pid, system_id, time, tty, type, user].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -178,7 +196,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -199,8 +217,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -222,7 +239,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -234,7 +255,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -244,8 +265,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_logical_drives.rb b/jcapiv2/lib/jcapiv2/models/system_insights_logical_drives.rb new file mode 100644 index 0000000..a2adc5b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_logical_drives.rb @@ -0,0 +1,269 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsLogicalDrives + attr_accessor :boot_partition + + attr_accessor :collection_time + + attr_accessor :device_id + + attr_accessor :file_system + + attr_accessor :free_space + + attr_accessor :size + + attr_accessor :system_id + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'boot_partition' => :'boot_partition', + :'collection_time' => :'collection_time', + :'device_id' => :'device_id', + :'file_system' => :'file_system', + :'free_space' => :'free_space', + :'size' => :'size', + :'system_id' => :'system_id', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'boot_partition' => :'Object', + :'collection_time' => :'Object', + :'device_id' => :'Object', + :'file_system' => :'Object', + :'free_space' => :'Object', + :'size' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsLogicalDrives` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsLogicalDrives`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'boot_partition') + self.boot_partition = attributes[:'boot_partition'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'device_id') + self.device_id = attributes[:'device_id'] + end + + if attributes.key?(:'file_system') + self.file_system = attributes[:'file_system'] + end + + if attributes.key?(:'free_space') + self.free_space = attributes[:'free_space'] + end + + if attributes.key?(:'size') + self.size = attributes[:'size'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + boot_partition == o.boot_partition && + collection_time == o.collection_time && + device_id == o.device_id && + file_system == o.file_system && + free_space == o.free_space && + size == o.size && + system_id == o.system_id && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [boot_partition, collection_time, device_id, file_system, free_space, size, system_id, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_logical_drvies.rb b/jcapiv2/lib/jcapiv2/models/system_insights_logical_drvies.rb deleted file mode 100644 index 7dfa917..0000000 --- a/jcapiv2/lib/jcapiv2/models/system_insights_logical_drvies.rb +++ /dev/null @@ -1,251 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SystemInsightsLogicalDrvies - attr_accessor :boot_partition - - attr_accessor :collection_time - - attr_accessor :device_id - - attr_accessor :file_system - - attr_accessor :free_space - - attr_accessor :size - - attr_accessor :system_id - - attr_accessor :type - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'boot_partition' => :'boot_partition', - :'collection_time' => :'collection_time', - :'device_id' => :'device_id', - :'file_system' => :'file_system', - :'free_space' => :'free_space', - :'size' => :'size', - :'system_id' => :'system_id', - :'type' => :'type' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'boot_partition' => :'Integer', - :'collection_time' => :'String', - :'device_id' => :'String', - :'file_system' => :'String', - :'free_space' => :'String', - :'size' => :'String', - :'system_id' => :'String', - :'type' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'boot_partition') - self.boot_partition = attributes[:'boot_partition'] - end - - if attributes.has_key?(:'collection_time') - self.collection_time = attributes[:'collection_time'] - end - - if attributes.has_key?(:'device_id') - self.device_id = attributes[:'device_id'] - end - - if attributes.has_key?(:'file_system') - self.file_system = attributes[:'file_system'] - end - - if attributes.has_key?(:'free_space') - self.free_space = attributes[:'free_space'] - end - - if attributes.has_key?(:'size') - self.size = attributes[:'size'] - end - - if attributes.has_key?(:'system_id') - self.system_id = attributes[:'system_id'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - boot_partition == o.boot_partition && - collection_time == o.collection_time && - device_id == o.device_id && - file_system == o.file_system && - free_space == o.free_space && - size == o.size && - system_id == o.system_id && - type == o.type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [boot_partition, collection_time, device_id, file_system, free_space, size, system_id, type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_managed_policies.rb b/jcapiv2/lib/jcapiv2/models/system_insights_managed_policies.rb new file mode 100644 index 0000000..2368610 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_managed_policies.rb @@ -0,0 +1,269 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsManagedPolicies + attr_accessor :collection_time + + attr_accessor :domain + + attr_accessor :manual + + attr_accessor :name + + attr_accessor :system_id + + attr_accessor :username + + attr_accessor :uuid + + attr_accessor :value + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'domain' => :'domain', + :'manual' => :'manual', + :'name' => :'name', + :'system_id' => :'system_id', + :'username' => :'username', + :'uuid' => :'uuid', + :'value' => :'value' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'domain' => :'Object', + :'manual' => :'Object', + :'name' => :'Object', + :'system_id' => :'Object', + :'username' => :'Object', + :'uuid' => :'Object', + :'value' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsManagedPolicies` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsManagedPolicies`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'domain') + self.domain = attributes[:'domain'] + end + + if attributes.key?(:'manual') + self.manual = attributes[:'manual'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + + if attributes.key?(:'uuid') + self.uuid = attributes[:'uuid'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + domain == o.domain && + manual == o.manual && + name == o.name && + system_id == o.system_id && + username == o.username && + uuid == o.uuid && + value == o.value + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, domain, manual, name, system_id, username, uuid, value].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_mounts.rb b/jcapiv2/lib/jcapiv2/models/system_insights_mounts.rb index f7d6d19..7390dd1 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_mounts.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_mounts.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsMounts attr_accessor :blocks @@ -41,7 +39,6 @@ class SystemInsightsMounts attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -62,97 +59,109 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'blocks' => :'String', - :'blocks_available' => :'String', - :'blocks_free' => :'String', - :'blocks_size' => :'String', - :'collection_time' => :'String', - :'device' => :'String', - :'device_alias' => :'String', - :'flags' => :'String', - :'inodes' => :'String', - :'inodes_free' => :'String', - :'path' => :'String', - :'system_id' => :'String', - :'type' => :'String' + :'blocks' => :'Object', + :'blocks_available' => :'Object', + :'blocks_free' => :'Object', + :'blocks_size' => :'Object', + :'collection_time' => :'Object', + :'device' => :'Object', + :'device_alias' => :'Object', + :'flags' => :'Object', + :'inodes' => :'Object', + :'inodes_free' => :'Object', + :'path' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsMounts` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsMounts`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'blocks') + if attributes.key?(:'blocks') self.blocks = attributes[:'blocks'] end - if attributes.has_key?(:'blocks_available') + if attributes.key?(:'blocks_available') self.blocks_available = attributes[:'blocks_available'] end - if attributes.has_key?(:'blocks_free') + if attributes.key?(:'blocks_free') self.blocks_free = attributes[:'blocks_free'] end - if attributes.has_key?(:'blocks_size') + if attributes.key?(:'blocks_size') self.blocks_size = attributes[:'blocks_size'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'device') + if attributes.key?(:'device') self.device = attributes[:'device'] end - if attributes.has_key?(:'device_alias') + if attributes.key?(:'device_alias') self.device_alias = attributes[:'device_alias'] end - if attributes.has_key?(:'flags') + if attributes.key?(:'flags') self.flags = attributes[:'flags'] end - if attributes.has_key?(:'inodes') + if attributes.key?(:'inodes') self.inodes = attributes[:'inodes'] end - if attributes.has_key?(:'inodes_free') + if attributes.key?(:'inodes_free') self.inodes_free = attributes[:'inodes_free'] end - if attributes.has_key?(:'path') + if attributes.key?(:'path') self.path = attributes[:'path'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -182,26 +191,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [blocks, blocks_available, blocks_free, blocks_size, collection_time, device, device_alias, flags, inodes, inodes_free, path, system_id, type].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -223,7 +241,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -244,8 +262,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -267,7 +284,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -279,7 +300,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -289,8 +310,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_os_version.rb b/jcapiv2/lib/jcapiv2/models/system_insights_os_version.rb index 8429de6..76bb172 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_os_version.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_os_version.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsOsVersion attr_accessor :build @@ -39,7 +37,6 @@ class SystemInsightsOsVersion attr_accessor :version - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -59,92 +56,104 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'build' => :'String', - :'codename' => :'String', - :'collection_time' => :'String', - :'install_date' => :'String', - :'major' => :'Integer', - :'minor' => :'Integer', - :'name' => :'String', - :'patch' => :'Integer', - :'platform' => :'String', - :'platform_like' => :'String', - :'system_id' => :'String', - :'version' => :'String' + :'build' => :'Object', + :'codename' => :'Object', + :'collection_time' => :'Object', + :'install_date' => :'Object', + :'major' => :'Object', + :'minor' => :'Object', + :'name' => :'Object', + :'patch' => :'Object', + :'platform' => :'Object', + :'platform_like' => :'Object', + :'system_id' => :'Object', + :'version' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsOsVersion` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsOsVersion`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'build') + if attributes.key?(:'build') self.build = attributes[:'build'] end - if attributes.has_key?(:'codename') + if attributes.key?(:'codename') self.codename = attributes[:'codename'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'install_date') + if attributes.key?(:'install_date') self.install_date = attributes[:'install_date'] end - if attributes.has_key?(:'major') + if attributes.key?(:'major') self.major = attributes[:'major'] end - if attributes.has_key?(:'minor') + if attributes.key?(:'minor') self.minor = attributes[:'minor'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'patch') + if attributes.key?(:'patch') self.patch = attributes[:'patch'] end - if attributes.has_key?(:'platform') + if attributes.key?(:'platform') self.platform = attributes[:'platform'] end - if attributes.has_key?(:'platform_like') + if attributes.key?(:'platform_like') self.platform_like = attributes[:'platform_like'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'version') + if attributes.key?(:'version') self.version = attributes[:'version'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -173,26 +182,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [build, codename, collection_time, install_date, major, minor, name, patch, platform, platform_like, system_id, version].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -214,7 +232,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -235,8 +253,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -258,7 +275,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -270,7 +291,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -280,8 +301,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_patches.rb b/jcapiv2/lib/jcapiv2/models/system_insights_patches.rb index dc54cb6..265df81 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_patches.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_patches.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsPatches attr_accessor :caption @@ -35,7 +33,6 @@ class SystemInsightsPatches attr_accessor :system_id - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -53,82 +50,94 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'caption' => :'String', - :'collection_time' => :'String', - :'csname' => :'String', - :'description' => :'String', - :'fix_comments' => :'String', - :'hotfix_id' => :'String', - :'install_date' => :'String', - :'installed_by' => :'String', - :'installed_on' => :'String', - :'system_id' => :'String' + :'caption' => :'Object', + :'collection_time' => :'Object', + :'csname' => :'Object', + :'description' => :'Object', + :'fix_comments' => :'Object', + :'hotfix_id' => :'Object', + :'install_date' => :'Object', + :'installed_by' => :'Object', + :'installed_on' => :'Object', + :'system_id' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsPatches` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsPatches`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'caption') + if attributes.key?(:'caption') self.caption = attributes[:'caption'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'csname') + if attributes.key?(:'csname') self.csname = attributes[:'csname'] end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'fix_comments') + if attributes.key?(:'fix_comments') self.fix_comments = attributes[:'fix_comments'] end - if attributes.has_key?(:'hotfix_id') + if attributes.key?(:'hotfix_id') self.hotfix_id = attributes[:'hotfix_id'] end - if attributes.has_key?(:'install_date') + if attributes.key?(:'install_date') self.install_date = attributes[:'install_date'] end - if attributes.has_key?(:'installed_by') + if attributes.key?(:'installed_by') self.installed_by = attributes[:'installed_by'] end - if attributes.has_key?(:'installed_on') + if attributes.key?(:'installed_on') self.installed_on = attributes[:'installed_on'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -155,26 +164,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [caption, collection_time, csname, description, fix_comments, hotfix_id, install_date, installed_by, installed_on, system_id].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -196,7 +214,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -217,8 +235,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -240,7 +257,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -252,7 +273,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -262,8 +283,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_programs.rb b/jcapiv2/lib/jcapiv2/models/system_insights_programs.rb index 8547581..939e6ab 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_programs.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_programs.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsPrograms attr_accessor :collection_time @@ -37,7 +35,6 @@ class SystemInsightsPrograms attr_accessor :version - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -56,87 +53,99 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'identifying_number' => :'String', - :'install_date' => :'String', - :'install_location' => :'String', - :'install_source' => :'String', - :'language' => :'String', - :'name' => :'String', - :'publisher' => :'String', - :'system_id' => :'String', - :'uninstall_string' => :'String', - :'version' => :'String' + :'collection_time' => :'Object', + :'identifying_number' => :'Object', + :'install_date' => :'Object', + :'install_location' => :'Object', + :'install_source' => :'Object', + :'language' => :'Object', + :'name' => :'Object', + :'publisher' => :'Object', + :'system_id' => :'Object', + :'uninstall_string' => :'Object', + :'version' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsPrograms` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsPrograms`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'identifying_number') + if attributes.key?(:'identifying_number') self.identifying_number = attributes[:'identifying_number'] end - if attributes.has_key?(:'install_date') + if attributes.key?(:'install_date') self.install_date = attributes[:'install_date'] end - if attributes.has_key?(:'install_location') + if attributes.key?(:'install_location') self.install_location = attributes[:'install_location'] end - if attributes.has_key?(:'install_source') + if attributes.key?(:'install_source') self.install_source = attributes[:'install_source'] end - if attributes.has_key?(:'language') + if attributes.key?(:'language') self.language = attributes[:'language'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'publisher') + if attributes.key?(:'publisher') self.publisher = attributes[:'publisher'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'uninstall_string') + if attributes.key?(:'uninstall_string') self.uninstall_string = attributes[:'uninstall_string'] end - if attributes.has_key?(:'version') + if attributes.key?(:'version') self.version = attributes[:'version'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -164,26 +173,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, identifying_number, install_date, install_location, install_source, language, name, publisher, system_id, uninstall_string, version].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -205,7 +223,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -226,8 +244,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -249,7 +266,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -261,7 +282,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -271,8 +292,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_python_packages.rb b/jcapiv2/lib/jcapiv2/models/system_insights_python_packages.rb new file mode 100644 index 0000000..9ee392f --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_python_packages.rb @@ -0,0 +1,269 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsPythonPackages + attr_accessor :auther + + attr_accessor :directory + + attr_accessor :license + + attr_accessor :name + + attr_accessor :path + + attr_accessor :summary + + attr_accessor :system_id + + attr_accessor :version + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'auther' => :'auther', + :'directory' => :'directory', + :'license' => :'license', + :'name' => :'name', + :'path' => :'path', + :'summary' => :'summary', + :'system_id' => :'system_id', + :'version' => :'version' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'auther' => :'Object', + :'directory' => :'Object', + :'license' => :'Object', + :'name' => :'Object', + :'path' => :'Object', + :'summary' => :'Object', + :'system_id' => :'Object', + :'version' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsPythonPackages` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsPythonPackages`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'auther') + self.auther = attributes[:'auther'] + end + + if attributes.key?(:'directory') + self.directory = attributes[:'directory'] + end + + if attributes.key?(:'license') + self.license = attributes[:'license'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'summary') + self.summary = attributes[:'summary'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + auther == o.auther && + directory == o.directory && + license == o.license && + name == o.name && + path == o.path && + summary == o.summary && + system_id == o.system_id && + version == o.version + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [auther, directory, license, name, path, summary, system_id, version].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_safari_extensions.rb b/jcapiv2/lib/jcapiv2/models/system_insights_safari_extensions.rb index 113d653..d16df29 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_safari_extensions.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_safari_extensions.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsSafariExtensions attr_accessor :author @@ -39,7 +37,6 @@ class SystemInsightsSafariExtensions attr_accessor :version - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -59,92 +56,104 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'author' => :'String', - :'collection_time' => :'String', - :'description' => :'String', - :'developer_id' => :'String', - :'identifier' => :'String', - :'name' => :'String', - :'path' => :'String', - :'sdk' => :'String', - :'system_id' => :'String', - :'uid' => :'String', - :'update_url' => :'String', - :'version' => :'String' + :'author' => :'Object', + :'collection_time' => :'Object', + :'description' => :'Object', + :'developer_id' => :'Object', + :'identifier' => :'Object', + :'name' => :'Object', + :'path' => :'Object', + :'sdk' => :'Object', + :'system_id' => :'Object', + :'uid' => :'Object', + :'update_url' => :'Object', + :'version' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsSafariExtensions` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsSafariExtensions`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'author') + if attributes.key?(:'author') self.author = attributes[:'author'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'developer_id') + if attributes.key?(:'developer_id') self.developer_id = attributes[:'developer_id'] end - if attributes.has_key?(:'identifier') + if attributes.key?(:'identifier') self.identifier = attributes[:'identifier'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'path') + if attributes.key?(:'path') self.path = attributes[:'path'] end - if attributes.has_key?(:'sdk') + if attributes.key?(:'sdk') self.sdk = attributes[:'sdk'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'uid') + if attributes.key?(:'uid') self.uid = attributes[:'uid'] end - if attributes.has_key?(:'update_url') + if attributes.key?(:'update_url') self.update_url = attributes[:'update_url'] end - if attributes.has_key?(:'version') + if attributes.key?(:'version') self.version = attributes[:'version'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -173,26 +182,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [author, collection_time, description, developer_id, identifier, name, path, sdk, system_id, uid, update_url, version].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -214,7 +232,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -235,8 +253,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -258,7 +275,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -270,7 +291,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -280,8 +301,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_scheduled_tasks.rb b/jcapiv2/lib/jcapiv2/models/system_insights_scheduled_tasks.rb new file mode 100644 index 0000000..0a70870 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_scheduled_tasks.rb @@ -0,0 +1,296 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsScheduledTasks + attr_accessor :action + + attr_accessor :enabled + + attr_accessor :hidden + + attr_accessor :last_run_code + + attr_accessor :last_run_message + + attr_accessor :last_run_time + + attr_accessor :name + + attr_accessor :next_run_time + + attr_accessor :path + + attr_accessor :state + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'action' => :'action', + :'enabled' => :'enabled', + :'hidden' => :'hidden', + :'last_run_code' => :'last_run_code', + :'last_run_message' => :'last_run_message', + :'last_run_time' => :'last_run_time', + :'name' => :'name', + :'next_run_time' => :'next_run_time', + :'path' => :'path', + :'state' => :'state', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'action' => :'Object', + :'enabled' => :'Object', + :'hidden' => :'Object', + :'last_run_code' => :'Object', + :'last_run_message' => :'Object', + :'last_run_time' => :'Object', + :'name' => :'Object', + :'next_run_time' => :'Object', + :'path' => :'Object', + :'state' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsScheduledTasks` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsScheduledTasks`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'action') + self.action = attributes[:'action'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'hidden') + self.hidden = attributes[:'hidden'] + end + + if attributes.key?(:'last_run_code') + self.last_run_code = attributes[:'last_run_code'] + end + + if attributes.key?(:'last_run_message') + self.last_run_message = attributes[:'last_run_message'] + end + + if attributes.key?(:'last_run_time') + self.last_run_time = attributes[:'last_run_time'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'next_run_time') + self.next_run_time = attributes[:'next_run_time'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + action == o.action && + enabled == o.enabled && + hidden == o.hidden && + last_run_code == o.last_run_code && + last_run_message == o.last_run_message && + last_run_time == o.last_run_time && + name == o.name && + next_run_time == o.next_run_time && + path == o.path && + state == o.state && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [action, enabled, hidden, last_run_code, last_run_message, last_run_time, name, next_run_time, path, state, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_secureboot.rb b/jcapiv2/lib/jcapiv2/models/system_insights_secureboot.rb new file mode 100644 index 0000000..1f87643 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_secureboot.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsSecureboot + attr_accessor :collection_time + + attr_accessor :secure_boot + + attr_accessor :setup_mode + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'secure_boot' => :'secure_boot', + :'setup_mode' => :'setup_mode', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'secure_boot' => :'Object', + :'setup_mode' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsSecureboot` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsSecureboot`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'secure_boot') + self.secure_boot = attributes[:'secure_boot'] + end + + if attributes.key?(:'setup_mode') + self.setup_mode = attributes[:'setup_mode'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + secure_boot == o.secure_boot && + setup_mode == o.setup_mode && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, secure_boot, setup_mode, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_services.rb b/jcapiv2/lib/jcapiv2/models/system_insights_services.rb new file mode 100644 index 0000000..2cf208b --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_services.rb @@ -0,0 +1,314 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsServices + attr_accessor :description + + attr_accessor :display_name + + attr_accessor :module_path + + attr_accessor :name + + attr_accessor :path + + attr_accessor :pid + + attr_accessor :service_exit_code + + attr_accessor :service_type + + attr_accessor :start_type + + attr_accessor :status + + attr_accessor :system_id + + attr_accessor :user_account + + attr_accessor :win32_exit_code + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'description' => :'description', + :'display_name' => :'display_name', + :'module_path' => :'module_path', + :'name' => :'name', + :'path' => :'path', + :'pid' => :'pid', + :'service_exit_code' => :'service_exit_code', + :'service_type' => :'service_type', + :'start_type' => :'start_type', + :'status' => :'status', + :'system_id' => :'system_id', + :'user_account' => :'user_account', + :'win32_exit_code' => :'win32_exit_code' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'description' => :'Object', + :'display_name' => :'Object', + :'module_path' => :'Object', + :'name' => :'Object', + :'path' => :'Object', + :'pid' => :'Object', + :'service_exit_code' => :'Object', + :'service_type' => :'Object', + :'start_type' => :'Object', + :'status' => :'Object', + :'system_id' => :'Object', + :'user_account' => :'Object', + :'win32_exit_code' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsServices` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsServices`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'display_name') + self.display_name = attributes[:'display_name'] + end + + if attributes.key?(:'module_path') + self.module_path = attributes[:'module_path'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'pid') + self.pid = attributes[:'pid'] + end + + if attributes.key?(:'service_exit_code') + self.service_exit_code = attributes[:'service_exit_code'] + end + + if attributes.key?(:'service_type') + self.service_type = attributes[:'service_type'] + end + + if attributes.key?(:'start_type') + self.start_type = attributes[:'start_type'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'user_account') + self.user_account = attributes[:'user_account'] + end + + if attributes.key?(:'win32_exit_code') + self.win32_exit_code = attributes[:'win32_exit_code'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + description == o.description && + display_name == o.display_name && + module_path == o.module_path && + name == o.name && + path == o.path && + pid == o.pid && + service_exit_code == o.service_exit_code && + service_type == o.service_type && + start_type == o.start_type && + status == o.status && + system_id == o.system_id && + user_account == o.user_account && + win32_exit_code == o.win32_exit_code + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [description, display_name, module_path, name, path, pid, service_exit_code, service_type, start_type, status, system_id, user_account, win32_exit_code].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_shadow.rb b/jcapiv2/lib/jcapiv2/models/system_insights_shadow.rb new file mode 100644 index 0000000..816215e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_shadow.rb @@ -0,0 +1,305 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsShadow + attr_accessor :collection_time + + attr_accessor :expire + + attr_accessor :flag + + attr_accessor :hash_alg + + attr_accessor :inactive + + attr_accessor :last_change + + attr_accessor :max + + attr_accessor :min + + attr_accessor :password_status + + attr_accessor :system_id + + attr_accessor :username + + attr_accessor :warning + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'expire' => :'expire', + :'flag' => :'flag', + :'hash_alg' => :'hash_alg', + :'inactive' => :'inactive', + :'last_change' => :'last_change', + :'max' => :'max', + :'min' => :'min', + :'password_status' => :'password_status', + :'system_id' => :'system_id', + :'username' => :'username', + :'warning' => :'warning' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'expire' => :'Object', + :'flag' => :'Object', + :'hash_alg' => :'Object', + :'inactive' => :'Object', + :'last_change' => :'Object', + :'max' => :'Object', + :'min' => :'Object', + :'password_status' => :'Object', + :'system_id' => :'Object', + :'username' => :'Object', + :'warning' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsShadow` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsShadow`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'expire') + self.expire = attributes[:'expire'] + end + + if attributes.key?(:'flag') + self.flag = attributes[:'flag'] + end + + if attributes.key?(:'hash_alg') + self.hash_alg = attributes[:'hash_alg'] + end + + if attributes.key?(:'inactive') + self.inactive = attributes[:'inactive'] + end + + if attributes.key?(:'last_change') + self.last_change = attributes[:'last_change'] + end + + if attributes.key?(:'max') + self.max = attributes[:'max'] + end + + if attributes.key?(:'min') + self.min = attributes[:'min'] + end + + if attributes.key?(:'password_status') + self.password_status = attributes[:'password_status'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + + if attributes.key?(:'warning') + self.warning = attributes[:'warning'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + expire == o.expire && + flag == o.flag && + hash_alg == o.hash_alg && + inactive == o.inactive && + last_change == o.last_change && + max == o.max && + min == o.min && + password_status == o.password_status && + system_id == o.system_id && + username == o.username && + warning == o.warning + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, expire, flag, hash_alg, inactive, last_change, max, min, password_status, system_id, username, warning].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_shared_folders.rb b/jcapiv2/lib/jcapiv2/models/system_insights_shared_folders.rb new file mode 100644 index 0000000..76164a7 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_shared_folders.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsSharedFolders + attr_accessor :collection_time + + attr_accessor :name + + attr_accessor :path + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'name' => :'name', + :'path' => :'path', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'name' => :'Object', + :'path' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsSharedFolders` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsSharedFolders`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + name == o.name && + path == o.path && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, name, path, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_shared_resources.rb b/jcapiv2/lib/jcapiv2/models/system_insights_shared_resources.rb new file mode 100644 index 0000000..9b2125e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_shared_resources.rb @@ -0,0 +1,287 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsSharedResources + attr_accessor :allow_maximum + + attr_accessor :collection_time + + attr_accessor :description + + attr_accessor :install_date + + attr_accessor :maximum_allowed + + attr_accessor :name + + attr_accessor :path + + attr_accessor :status + + attr_accessor :system_id + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'allow_maximum' => :'allow_maximum', + :'collection_time' => :'collection_time', + :'description' => :'description', + :'install_date' => :'install_date', + :'maximum_allowed' => :'maximum_allowed', + :'name' => :'name', + :'path' => :'path', + :'status' => :'status', + :'system_id' => :'system_id', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'allow_maximum' => :'Object', + :'collection_time' => :'Object', + :'description' => :'Object', + :'install_date' => :'Object', + :'maximum_allowed' => :'Object', + :'name' => :'Object', + :'path' => :'Object', + :'status' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsSharedResources` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsSharedResources`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'allow_maximum') + self.allow_maximum = attributes[:'allow_maximum'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'install_date') + self.install_date = attributes[:'install_date'] + end + + if attributes.key?(:'maximum_allowed') + self.maximum_allowed = attributes[:'maximum_allowed'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + allow_maximum == o.allow_maximum && + collection_time == o.collection_time && + description == o.description && + install_date == o.install_date && + maximum_allowed == o.maximum_allowed && + name == o.name && + path == o.path && + status == o.status && + system_id == o.system_id && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [allow_maximum, collection_time, description, install_date, maximum_allowed, name, path, status, system_id, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_sharing_preferences.rb b/jcapiv2/lib/jcapiv2/models/system_insights_sharing_preferences.rb new file mode 100644 index 0000000..5517b13 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_sharing_preferences.rb @@ -0,0 +1,305 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsSharingPreferences + attr_accessor :bluetooth_sharing + + attr_accessor :collection_time + + attr_accessor :content_caching + + attr_accessor :disc_sharing + + attr_accessor :file_sharing + + attr_accessor :internet_sharing + + attr_accessor :printer_sharing + + attr_accessor :remote_apple_events + + attr_accessor :remote_login + + attr_accessor :remote_management + + attr_accessor :screen_sharing + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'bluetooth_sharing' => :'bluetooth_sharing', + :'collection_time' => :'collection_time', + :'content_caching' => :'content_caching', + :'disc_sharing' => :'disc_sharing', + :'file_sharing' => :'file_sharing', + :'internet_sharing' => :'internet_sharing', + :'printer_sharing' => :'printer_sharing', + :'remote_apple_events' => :'remote_apple_events', + :'remote_login' => :'remote_login', + :'remote_management' => :'remote_management', + :'screen_sharing' => :'screen_sharing', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'bluetooth_sharing' => :'Object', + :'collection_time' => :'Object', + :'content_caching' => :'Object', + :'disc_sharing' => :'Object', + :'file_sharing' => :'Object', + :'internet_sharing' => :'Object', + :'printer_sharing' => :'Object', + :'remote_apple_events' => :'Object', + :'remote_login' => :'Object', + :'remote_management' => :'Object', + :'screen_sharing' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsSharingPreferences` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsSharingPreferences`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'bluetooth_sharing') + self.bluetooth_sharing = attributes[:'bluetooth_sharing'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'content_caching') + self.content_caching = attributes[:'content_caching'] + end + + if attributes.key?(:'disc_sharing') + self.disc_sharing = attributes[:'disc_sharing'] + end + + if attributes.key?(:'file_sharing') + self.file_sharing = attributes[:'file_sharing'] + end + + if attributes.key?(:'internet_sharing') + self.internet_sharing = attributes[:'internet_sharing'] + end + + if attributes.key?(:'printer_sharing') + self.printer_sharing = attributes[:'printer_sharing'] + end + + if attributes.key?(:'remote_apple_events') + self.remote_apple_events = attributes[:'remote_apple_events'] + end + + if attributes.key?(:'remote_login') + self.remote_login = attributes[:'remote_login'] + end + + if attributes.key?(:'remote_management') + self.remote_management = attributes[:'remote_management'] + end + + if attributes.key?(:'screen_sharing') + self.screen_sharing = attributes[:'screen_sharing'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + bluetooth_sharing == o.bluetooth_sharing && + collection_time == o.collection_time && + content_caching == o.content_caching && + disc_sharing == o.disc_sharing && + file_sharing == o.file_sharing && + internet_sharing == o.internet_sharing && + printer_sharing == o.printer_sharing && + remote_apple_events == o.remote_apple_events && + remote_login == o.remote_login && + remote_management == o.remote_management && + screen_sharing == o.screen_sharing && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [bluetooth_sharing, collection_time, content_caching, disc_sharing, file_sharing, internet_sharing, printer_sharing, remote_apple_events, remote_login, remote_management, screen_sharing, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_sip_config.rb b/jcapiv2/lib/jcapiv2/models/system_insights_sip_config.rb new file mode 100644 index 0000000..577fab5 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_sip_config.rb @@ -0,0 +1,242 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsSipConfig + attr_accessor :collection_time + + attr_accessor :config_flag + + attr_accessor :enabled + + attr_accessor :enabled_nvram + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'config_flag' => :'config_flag', + :'enabled' => :'enabled', + :'enabled_nvram' => :'enabled_nvram', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'config_flag' => :'Object', + :'enabled' => :'Object', + :'enabled_nvram' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsSipConfig` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsSipConfig`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'config_flag') + self.config_flag = attributes[:'config_flag'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'enabled_nvram') + self.enabled_nvram = attributes[:'enabled_nvram'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + config_flag == o.config_flag && + enabled == o.enabled && + enabled_nvram == o.enabled_nvram && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, config_flag, enabled, enabled_nvram, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_startup_items.rb b/jcapiv2/lib/jcapiv2/models/system_insights_startup_items.rb new file mode 100644 index 0000000..44dbbac --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_startup_items.rb @@ -0,0 +1,269 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsStartupItems + attr_accessor :args + + attr_accessor :name + + attr_accessor :path + + attr_accessor :source + + attr_accessor :status + + attr_accessor :system_id + + attr_accessor :type + + attr_accessor :username + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'args' => :'args', + :'name' => :'name', + :'path' => :'path', + :'source' => :'source', + :'status' => :'status', + :'system_id' => :'system_id', + :'type' => :'type', + :'username' => :'username' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'args' => :'Object', + :'name' => :'Object', + :'path' => :'Object', + :'source' => :'Object', + :'status' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object', + :'username' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsStartupItems` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsStartupItems`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'args') + self.args = attributes[:'args'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'source') + self.source = attributes[:'source'] + end + + if attributes.key?(:'status') + self.status = attributes[:'status'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + + if attributes.key?(:'username') + self.username = attributes[:'username'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + args == o.args && + name == o.name && + path == o.path && + source == o.source && + status == o.status && + system_id == o.system_id && + type == o.type && + username == o.username + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [args, name, path, source, status, system_id, type, username].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_system_controls.rb b/jcapiv2/lib/jcapiv2/models/system_insights_system_controls.rb index 09352b0..43c0e6a 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_system_controls.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_system_controls.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsSystemControls attr_accessor :collection_time @@ -33,7 +31,6 @@ class SystemInsightsSystemControls attr_accessor :type - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -50,77 +47,89 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'config_value' => :'String', - :'current_value' => :'String', - :'field_name' => :'String', - :'name' => :'String', - :'oid' => :'String', - :'subsystem' => :'String', - :'system_id' => :'String', - :'type' => :'String' + :'collection_time' => :'Object', + :'config_value' => :'Object', + :'current_value' => :'Object', + :'field_name' => :'Object', + :'name' => :'Object', + :'oid' => :'Object', + :'subsystem' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsSystemControls` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsSystemControls`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'config_value') + if attributes.key?(:'config_value') self.config_value = attributes[:'config_value'] end - if attributes.has_key?(:'current_value') + if attributes.key?(:'current_value') self.current_value = attributes[:'current_value'] end - if attributes.has_key?(:'field_name') + if attributes.key?(:'field_name') self.field_name = attributes[:'field_name'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'oid') + if attributes.key?(:'oid') self.oid = attributes[:'oid'] end - if attributes.has_key?(:'subsystem') + if attributes.key?(:'subsystem') self.subsystem = attributes[:'subsystem'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -146,26 +155,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, config_value, current_value, field_name, name, oid, subsystem, system_id, type].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -187,7 +205,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -208,8 +226,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -231,7 +248,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -243,7 +264,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -253,8 +274,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_system_info.rb b/jcapiv2/lib/jcapiv2/models/system_insights_system_info.rb index b085c76..98424aa 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_system_info.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_system_info.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsSystemInfo attr_accessor :collection_time @@ -49,7 +47,6 @@ class SystemInsightsSystemInfo attr_accessor :uuid - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -74,117 +71,129 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'computer_name' => :'String', - :'cpu_brand' => :'String', - :'cpu_logical_cores' => :'Integer', - :'cpu_microcode' => :'String', - :'cpu_physical_cores' => :'Integer', - :'cpu_subtype' => :'String', - :'cpu_type' => :'String', - :'hardware_model' => :'String', - :'hardware_serial' => :'String', - :'hardware_vendor' => :'String', - :'hardware_version' => :'String', - :'hostname' => :'String', - :'local_hostname' => :'String', - :'physical_memory' => :'String', - :'system_id' => :'String', - :'uuid' => :'String' + :'collection_time' => :'Object', + :'computer_name' => :'Object', + :'cpu_brand' => :'Object', + :'cpu_logical_cores' => :'Object', + :'cpu_microcode' => :'Object', + :'cpu_physical_cores' => :'Object', + :'cpu_subtype' => :'Object', + :'cpu_type' => :'Object', + :'hardware_model' => :'Object', + :'hardware_serial' => :'Object', + :'hardware_vendor' => :'Object', + :'hardware_version' => :'Object', + :'hostname' => :'Object', + :'local_hostname' => :'Object', + :'physical_memory' => :'Object', + :'system_id' => :'Object', + :'uuid' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsSystemInfo` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsSystemInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'computer_name') + if attributes.key?(:'computer_name') self.computer_name = attributes[:'computer_name'] end - if attributes.has_key?(:'cpu_brand') + if attributes.key?(:'cpu_brand') self.cpu_brand = attributes[:'cpu_brand'] end - if attributes.has_key?(:'cpu_logical_cores') + if attributes.key?(:'cpu_logical_cores') self.cpu_logical_cores = attributes[:'cpu_logical_cores'] end - if attributes.has_key?(:'cpu_microcode') + if attributes.key?(:'cpu_microcode') self.cpu_microcode = attributes[:'cpu_microcode'] end - if attributes.has_key?(:'cpu_physical_cores') + if attributes.key?(:'cpu_physical_cores') self.cpu_physical_cores = attributes[:'cpu_physical_cores'] end - if attributes.has_key?(:'cpu_subtype') + if attributes.key?(:'cpu_subtype') self.cpu_subtype = attributes[:'cpu_subtype'] end - if attributes.has_key?(:'cpu_type') + if attributes.key?(:'cpu_type') self.cpu_type = attributes[:'cpu_type'] end - if attributes.has_key?(:'hardware_model') + if attributes.key?(:'hardware_model') self.hardware_model = attributes[:'hardware_model'] end - if attributes.has_key?(:'hardware_serial') + if attributes.key?(:'hardware_serial') self.hardware_serial = attributes[:'hardware_serial'] end - if attributes.has_key?(:'hardware_vendor') + if attributes.key?(:'hardware_vendor') self.hardware_vendor = attributes[:'hardware_vendor'] end - if attributes.has_key?(:'hardware_version') + if attributes.key?(:'hardware_version') self.hardware_version = attributes[:'hardware_version'] end - if attributes.has_key?(:'hostname') + if attributes.key?(:'hostname') self.hostname = attributes[:'hostname'] end - if attributes.has_key?(:'local_hostname') + if attributes.key?(:'local_hostname') self.local_hostname = attributes[:'local_hostname'] end - if attributes.has_key?(:'physical_memory') + if attributes.key?(:'physical_memory') self.physical_memory = attributes[:'physical_memory'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'uuid') + if attributes.key?(:'uuid') self.uuid = attributes[:'uuid'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -218,26 +227,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, computer_name, cpu_brand, cpu_logical_cores, cpu_microcode, cpu_physical_cores, cpu_subtype, cpu_type, hardware_model, hardware_serial, hardware_vendor, hardware_version, hostname, local_hostname, physical_memory, system_id, uuid].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -259,7 +277,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -280,8 +298,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -303,7 +320,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -315,7 +336,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -325,8 +346,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_tpm_info.rb b/jcapiv2/lib/jcapiv2/models/system_insights_tpm_info.rb new file mode 100644 index 0000000..845b5ed --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_tpm_info.rb @@ -0,0 +1,296 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsTpmInfo + attr_accessor :activated + + attr_accessor :collection_time + + attr_accessor :enabled + + attr_accessor :manufacturer_id + + attr_accessor :manufacturer_name + + attr_accessor :manufacturer_version + + attr_accessor :owned + + attr_accessor :physical_presence_version + + attr_accessor :product_name + + attr_accessor :spec_version + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'activated' => :'activated', + :'collection_time' => :'collection_time', + :'enabled' => :'enabled', + :'manufacturer_id' => :'manufacturer_id', + :'manufacturer_name' => :'manufacturer_name', + :'manufacturer_version' => :'manufacturer_version', + :'owned' => :'owned', + :'physical_presence_version' => :'physical_presence_version', + :'product_name' => :'product_name', + :'spec_version' => :'spec_version', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'activated' => :'Object', + :'collection_time' => :'Object', + :'enabled' => :'Object', + :'manufacturer_id' => :'Object', + :'manufacturer_name' => :'Object', + :'manufacturer_version' => :'Object', + :'owned' => :'Object', + :'physical_presence_version' => :'Object', + :'product_name' => :'Object', + :'spec_version' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsTpmInfo` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsTpmInfo`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'activated') + self.activated = attributes[:'activated'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'manufacturer_id') + self.manufacturer_id = attributes[:'manufacturer_id'] + end + + if attributes.key?(:'manufacturer_name') + self.manufacturer_name = attributes[:'manufacturer_name'] + end + + if attributes.key?(:'manufacturer_version') + self.manufacturer_version = attributes[:'manufacturer_version'] + end + + if attributes.key?(:'owned') + self.owned = attributes[:'owned'] + end + + if attributes.key?(:'physical_presence_version') + self.physical_presence_version = attributes[:'physical_presence_version'] + end + + if attributes.key?(:'product_name') + self.product_name = attributes[:'product_name'] + end + + if attributes.key?(:'spec_version') + self.spec_version = attributes[:'spec_version'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + activated == o.activated && + collection_time == o.collection_time && + enabled == o.enabled && + manufacturer_id == o.manufacturer_id && + manufacturer_name == o.manufacturer_name && + manufacturer_version == o.manufacturer_version && + owned == o.owned && + physical_presence_version == o.physical_presence_version && + product_name == o.product_name && + spec_version == o.spec_version && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [activated, collection_time, enabled, manufacturer_id, manufacturer_name, manufacturer_version, owned, physical_presence_version, product_name, spec_version, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_uptime.rb b/jcapiv2/lib/jcapiv2/models/system_insights_uptime.rb index 58f301e..b765d39 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_uptime.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_uptime.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsUptime attr_accessor :collection_time @@ -29,7 +27,6 @@ class SystemInsightsUptime attr_accessor :total_seconds - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -44,67 +41,79 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'days' => :'Integer', - :'hours' => :'Integer', - :'minutes' => :'Integer', - :'seconds' => :'Integer', - :'system_id' => :'String', - :'total_seconds' => :'String' + :'collection_time' => :'Object', + :'days' => :'Object', + :'hours' => :'Object', + :'minutes' => :'Object', + :'seconds' => :'Object', + :'system_id' => :'Object', + :'total_seconds' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsUptime` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsUptime`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'days') + if attributes.key?(:'days') self.days = attributes[:'days'] end - if attributes.has_key?(:'hours') + if attributes.key?(:'hours') self.hours = attributes[:'hours'] end - if attributes.has_key?(:'minutes') + if attributes.key?(:'minutes') self.minutes = attributes[:'minutes'] end - if attributes.has_key?(:'seconds') + if attributes.key?(:'seconds') self.seconds = attributes[:'seconds'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'total_seconds') + if attributes.key?(:'total_seconds') self.total_seconds = attributes[:'total_seconds'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -128,26 +137,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, days, hours, minutes, seconds, system_id, total_seconds].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -169,7 +187,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -190,8 +208,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -213,7 +230,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -225,7 +246,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -235,8 +256,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_usb_devices.rb b/jcapiv2/lib/jcapiv2/models/system_insights_usb_devices.rb index 3e057f9..b841cbe 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_usb_devices.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_usb_devices.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsUsbDevices attr_accessor :_class @@ -43,7 +41,6 @@ class SystemInsightsUsbDevices attr_accessor :version - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -65,102 +62,114 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'_class' => :'String', - :'collection_time' => :'String', - :'model' => :'String', - :'model_id' => :'String', - :'protocol' => :'String', - :'removable' => :'Integer', - :'serial' => :'String', - :'subclass' => :'String', - :'system_id' => :'String', - :'usb_address' => :'Integer', - :'usb_port' => :'Integer', - :'vendor' => :'String', - :'vendor_id' => :'String', - :'version' => :'String' + :'_class' => :'Object', + :'collection_time' => :'Object', + :'model' => :'Object', + :'model_id' => :'Object', + :'protocol' => :'Object', + :'removable' => :'Object', + :'serial' => :'Object', + :'subclass' => :'Object', + :'system_id' => :'Object', + :'usb_address' => :'Object', + :'usb_port' => :'Object', + :'vendor' => :'Object', + :'vendor_id' => :'Object', + :'version' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsUsbDevices` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsUsbDevices`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'class') - self._class = attributes[:'class'] + if attributes.key?(:'_class') + self._class = attributes[:'_class'] end - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'model') + if attributes.key?(:'model') self.model = attributes[:'model'] end - if attributes.has_key?(:'model_id') + if attributes.key?(:'model_id') self.model_id = attributes[:'model_id'] end - if attributes.has_key?(:'protocol') + if attributes.key?(:'protocol') self.protocol = attributes[:'protocol'] end - if attributes.has_key?(:'removable') + if attributes.key?(:'removable') self.removable = attributes[:'removable'] end - if attributes.has_key?(:'serial') + if attributes.key?(:'serial') self.serial = attributes[:'serial'] end - if attributes.has_key?(:'subclass') + if attributes.key?(:'subclass') self.subclass = attributes[:'subclass'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'usb_address') + if attributes.key?(:'usb_address') self.usb_address = attributes[:'usb_address'] end - if attributes.has_key?(:'usb_port') + if attributes.key?(:'usb_port') self.usb_port = attributes[:'usb_port'] end - if attributes.has_key?(:'vendor') + if attributes.key?(:'vendor') self.vendor = attributes[:'vendor'] end - if attributes.has_key?(:'vendor_id') + if attributes.key?(:'vendor_id') self.vendor_id = attributes[:'vendor_id'] end - if attributes.has_key?(:'version') + if attributes.key?(:'version') self.version = attributes[:'version'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -191,26 +200,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [_class, collection_time, model, model_id, protocol, removable, serial, subclass, system_id, usb_address, usb_port, vendor, vendor_id, version].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -232,7 +250,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -253,8 +271,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -276,7 +293,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -288,7 +309,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -298,8 +319,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_user_groups.rb b/jcapiv2/lib/jcapiv2/models/system_insights_user_groups.rb index c785ee1..04b5dc0 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_user_groups.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_user_groups.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsUserGroups attr_accessor :collection_time @@ -23,7 +21,6 @@ class SystemInsightsUserGroups attr_accessor :uid - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -35,52 +32,64 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'gid' => :'String', - :'system_id' => :'String', - :'uid' => :'String' + :'collection_time' => :'Object', + :'gid' => :'Object', + :'system_id' => :'Object', + :'uid' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsUserGroups` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsUserGroups`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'gid') + if attributes.key?(:'gid') self.gid = attributes[:'gid'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'uid') + if attributes.key?(:'uid') self.uid = attributes[:'uid'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -101,26 +110,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [collection_time, gid, system_id, uid].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -142,7 +160,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -163,8 +181,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -186,7 +203,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -198,7 +219,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -208,8 +229,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_user_ssh_keys.rb b/jcapiv2/lib/jcapiv2/models/system_insights_user_ssh_keys.rb new file mode 100644 index 0000000..667e290 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_user_ssh_keys.rb @@ -0,0 +1,242 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsUserSshKeys + attr_accessor :collection_time + + attr_accessor :encrypted + + attr_accessor :path + + attr_accessor :system_id + + attr_accessor :uid + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'encrypted' => :'encrypted', + :'path' => :'path', + :'system_id' => :'system_id', + :'uid' => :'uid' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'encrypted' => :'Object', + :'path' => :'Object', + :'system_id' => :'Object', + :'uid' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsUserSshKeys` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsUserSshKeys`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'encrypted') + self.encrypted = attributes[:'encrypted'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'uid') + self.uid = attributes[:'uid'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + encrypted == o.encrypted && + path == o.path && + system_id == o.system_id && + uid == o.uid + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, encrypted, path, system_id, uid].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_userassist.rb b/jcapiv2/lib/jcapiv2/models/system_insights_userassist.rb new file mode 100644 index 0000000..cfcf0db --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_userassist.rb @@ -0,0 +1,251 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsUserassist + attr_accessor :collection_time + + attr_accessor :count + + attr_accessor :last_execution_time + + attr_accessor :path + + attr_accessor :sid + + attr_accessor :system_id + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'count' => :'count', + :'last_execution_time' => :'last_execution_time', + :'path' => :'path', + :'sid' => :'sid', + :'system_id' => :'system_id' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'count' => :'Object', + :'last_execution_time' => :'Object', + :'path' => :'Object', + :'sid' => :'Object', + :'system_id' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsUserassist` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsUserassist`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'count') + self.count = attributes[:'count'] + end + + if attributes.key?(:'last_execution_time') + self.last_execution_time = attributes[:'last_execution_time'] + end + + if attributes.key?(:'path') + self.path = attributes[:'path'] + end + + if attributes.key?(:'sid') + self.sid = attributes[:'sid'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + count == o.count && + last_execution_time == o.last_execution_time && + path == o.path && + sid == o.sid && + system_id == o.system_id + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, count, last_execution_time, path, sid, system_id].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_users.rb b/jcapiv2/lib/jcapiv2/models/system_insights_users.rb index 5d7772a..3e31377 100644 --- a/jcapiv2/lib/jcapiv2/models/system_insights_users.rb +++ b/jcapiv2/lib/jcapiv2/models/system_insights_users.rb @@ -1,20 +1,24 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class SystemInsightsUsers + # Indicates this account belongs to a AD-managed user + attr_accessor :ad_managed + + # Indicates this account has local administrator privileges + attr_accessor :admin + attr_accessor :collection_time attr_accessor :description @@ -25,8 +29,20 @@ class SystemInsightsUsers attr_accessor :gid_signed + # A Unix timestamp showing the last time this user logged in + attr_accessor :last_login + + # Indicates this account belongs to a JumpCloud-managed user + attr_accessor :managed + + # Indicates this account represents an interactive user account vs. a system or daemon account + attr_accessor :real_user + attr_accessor :shell + # Indicates this account is suspended or locked out + attr_accessor :suspended + attr_accessor :system_id attr_accessor :type @@ -39,16 +55,21 @@ class SystemInsightsUsers attr_accessor :uuid - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { + :'ad_managed' => :'ad_managed', + :'admin' => :'admin', :'collection_time' => :'collection_time', :'description' => :'description', :'directory' => :'directory', :'gid' => :'gid', :'gid_signed' => :'gid_signed', + :'last_login' => :'last_login', + :'managed' => :'managed', + :'real_user' => :'real_user', :'shell' => :'shell', + :'suspended' => :'suspended', :'system_id' => :'system_id', :'type' => :'type', :'uid' => :'uid', @@ -59,92 +80,134 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'collection_time' => :'String', - :'description' => :'String', - :'directory' => :'String', - :'gid' => :'String', - :'gid_signed' => :'String', - :'shell' => :'String', - :'system_id' => :'String', - :'type' => :'String', - :'uid' => :'String', - :'uid_signed' => :'String', - :'username' => :'String', - :'uuid' => :'String' + :'ad_managed' => :'Object', + :'admin' => :'Object', + :'collection_time' => :'Object', + :'description' => :'Object', + :'directory' => :'Object', + :'gid' => :'Object', + :'gid_signed' => :'Object', + :'last_login' => :'Object', + :'managed' => :'Object', + :'real_user' => :'Object', + :'shell' => :'Object', + :'suspended' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object', + :'uid' => :'Object', + :'uid_signed' => :'Object', + :'username' => :'Object', + :'uuid' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsUsers` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsUsers`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'collection_time') + if attributes.key?(:'ad_managed') + self.ad_managed = attributes[:'ad_managed'] + end + + if attributes.key?(:'admin') + self.admin = attributes[:'admin'] + end + + if attributes.key?(:'collection_time') self.collection_time = attributes[:'collection_time'] end - if attributes.has_key?(:'description') + if attributes.key?(:'description') self.description = attributes[:'description'] end - if attributes.has_key?(:'directory') + if attributes.key?(:'directory') self.directory = attributes[:'directory'] end - if attributes.has_key?(:'gid') + if attributes.key?(:'gid') self.gid = attributes[:'gid'] end - if attributes.has_key?(:'gid_signed') + if attributes.key?(:'gid_signed') self.gid_signed = attributes[:'gid_signed'] end - if attributes.has_key?(:'shell') + if attributes.key?(:'last_login') + self.last_login = attributes[:'last_login'] + end + + if attributes.key?(:'managed') + self.managed = attributes[:'managed'] + end + + if attributes.key?(:'real_user') + self.real_user = attributes[:'real_user'] + end + + if attributes.key?(:'shell') self.shell = attributes[:'shell'] end - if attributes.has_key?(:'system_id') + if attributes.key?(:'suspended') + self.suspended = attributes[:'suspended'] + end + + if attributes.key?(:'system_id') self.system_id = attributes[:'system_id'] end - if attributes.has_key?(:'type') + if attributes.key?(:'type') self.type = attributes[:'type'] end - if attributes.has_key?(:'uid') + if attributes.key?(:'uid') self.uid = attributes[:'uid'] end - if attributes.has_key?(:'uid_signed') + if attributes.key?(:'uid_signed') self.uid_signed = attributes[:'uid_signed'] end - if attributes.has_key?(:'username') + if attributes.key?(:'username') self.username = attributes[:'username'] end - if attributes.has_key?(:'uuid') + if attributes.key?(:'uuid') self.uuid = attributes[:'uuid'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -152,12 +215,18 @@ def valid? def ==(o) return true if self.equal?(o) self.class == o.class && + ad_managed == o.ad_managed && + admin == o.admin && collection_time == o.collection_time && description == o.description && directory == o.directory && gid == o.gid && gid_signed == o.gid_signed && + last_login == o.last_login && + managed == o.managed && + real_user == o.real_user && shell == o.shell && + suspended == o.suspended && system_id == o.system_id && type == o.type && uid == o.uid && @@ -173,9 +242,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [collection_time, description, directory, gid, gid_signed, shell, system_id, type, uid, uid_signed, username, uuid].hash + [ad_managed, admin, collection_time, description, directory, gid, gid_signed, last_login, managed, real_user, shell, suspended, system_id, type, uid, uid_signed, username, uuid].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -183,16 +259,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -214,7 +292,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -235,8 +313,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -258,7 +335,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -270,7 +351,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -280,8 +361,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_wifi_networks.rb b/jcapiv2/lib/jcapiv2/models/system_insights_wifi_networks.rb new file mode 100644 index 0000000..1e9b3c9 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_wifi_networks.rb @@ -0,0 +1,323 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsWifiNetworks + attr_accessor :auto_login + + attr_accessor :captive_portal + + attr_accessor :collection_time + + attr_accessor :disabled + + attr_accessor :last_connected + + attr_accessor :network_name + + attr_accessor :passpoint + + attr_accessor :possibly_hidden + + attr_accessor :roaming + + attr_accessor :roaming_profile + + attr_accessor :security_type + + attr_accessor :ssid + + attr_accessor :system_id + + attr_accessor :temporarily_disabled + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'auto_login' => :'auto_login', + :'captive_portal' => :'captive_portal', + :'collection_time' => :'collection_time', + :'disabled' => :'disabled', + :'last_connected' => :'last_connected', + :'network_name' => :'network_name', + :'passpoint' => :'passpoint', + :'possibly_hidden' => :'possibly_hidden', + :'roaming' => :'roaming', + :'roaming_profile' => :'roaming_profile', + :'security_type' => :'security_type', + :'ssid' => :'ssid', + :'system_id' => :'system_id', + :'temporarily_disabled' => :'temporarily_disabled' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'auto_login' => :'Object', + :'captive_portal' => :'Object', + :'collection_time' => :'Object', + :'disabled' => :'Object', + :'last_connected' => :'Object', + :'network_name' => :'Object', + :'passpoint' => :'Object', + :'possibly_hidden' => :'Object', + :'roaming' => :'Object', + :'roaming_profile' => :'Object', + :'security_type' => :'Object', + :'ssid' => :'Object', + :'system_id' => :'Object', + :'temporarily_disabled' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsWifiNetworks` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsWifiNetworks`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'auto_login') + self.auto_login = attributes[:'auto_login'] + end + + if attributes.key?(:'captive_portal') + self.captive_portal = attributes[:'captive_portal'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'disabled') + self.disabled = attributes[:'disabled'] + end + + if attributes.key?(:'last_connected') + self.last_connected = attributes[:'last_connected'] + end + + if attributes.key?(:'network_name') + self.network_name = attributes[:'network_name'] + end + + if attributes.key?(:'passpoint') + self.passpoint = attributes[:'passpoint'] + end + + if attributes.key?(:'possibly_hidden') + self.possibly_hidden = attributes[:'possibly_hidden'] + end + + if attributes.key?(:'roaming') + self.roaming = attributes[:'roaming'] + end + + if attributes.key?(:'roaming_profile') + self.roaming_profile = attributes[:'roaming_profile'] + end + + if attributes.key?(:'security_type') + self.security_type = attributes[:'security_type'] + end + + if attributes.key?(:'ssid') + self.ssid = attributes[:'ssid'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'temporarily_disabled') + self.temporarily_disabled = attributes[:'temporarily_disabled'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + auto_login == o.auto_login && + captive_portal == o.captive_portal && + collection_time == o.collection_time && + disabled == o.disabled && + last_connected == o.last_connected && + network_name == o.network_name && + passpoint == o.passpoint && + possibly_hidden == o.possibly_hidden && + roaming == o.roaming && + roaming_profile == o.roaming_profile && + security_type == o.security_type && + ssid == o.ssid && + system_id == o.system_id && + temporarily_disabled == o.temporarily_disabled + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [auto_login, captive_portal, collection_time, disabled, last_connected, network_name, passpoint, possibly_hidden, roaming, roaming_profile, security_type, ssid, system_id, temporarily_disabled].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_wifi_status.rb b/jcapiv2/lib/jcapiv2/models/system_insights_wifi_status.rb new file mode 100644 index 0000000..383ea57 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_wifi_status.rb @@ -0,0 +1,332 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsWifiStatus + attr_accessor :bssid + + attr_accessor :channel + + attr_accessor :channel_band + + attr_accessor :channel_width + + attr_accessor :collection_time + + attr_accessor :country_code + + attr_accessor :interface + + attr_accessor :mode + + attr_accessor :network_name + + attr_accessor :noise + + attr_accessor :rssi + + attr_accessor :security_type + + attr_accessor :ssid + + attr_accessor :system_id + + attr_accessor :transmit_rate + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'bssid' => :'bssid', + :'channel' => :'channel', + :'channel_band' => :'channel_band', + :'channel_width' => :'channel_width', + :'collection_time' => :'collection_time', + :'country_code' => :'country_code', + :'interface' => :'interface', + :'mode' => :'mode', + :'network_name' => :'network_name', + :'noise' => :'noise', + :'rssi' => :'rssi', + :'security_type' => :'security_type', + :'ssid' => :'ssid', + :'system_id' => :'system_id', + :'transmit_rate' => :'transmit_rate' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'bssid' => :'Object', + :'channel' => :'Object', + :'channel_band' => :'Object', + :'channel_width' => :'Object', + :'collection_time' => :'Object', + :'country_code' => :'Object', + :'interface' => :'Object', + :'mode' => :'Object', + :'network_name' => :'Object', + :'noise' => :'Object', + :'rssi' => :'Object', + :'security_type' => :'Object', + :'ssid' => :'Object', + :'system_id' => :'Object', + :'transmit_rate' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsWifiStatus` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsWifiStatus`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'bssid') + self.bssid = attributes[:'bssid'] + end + + if attributes.key?(:'channel') + self.channel = attributes[:'channel'] + end + + if attributes.key?(:'channel_band') + self.channel_band = attributes[:'channel_band'] + end + + if attributes.key?(:'channel_width') + self.channel_width = attributes[:'channel_width'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'country_code') + self.country_code = attributes[:'country_code'] + end + + if attributes.key?(:'interface') + self.interface = attributes[:'interface'] + end + + if attributes.key?(:'mode') + self.mode = attributes[:'mode'] + end + + if attributes.key?(:'network_name') + self.network_name = attributes[:'network_name'] + end + + if attributes.key?(:'noise') + self.noise = attributes[:'noise'] + end + + if attributes.key?(:'rssi') + self.rssi = attributes[:'rssi'] + end + + if attributes.key?(:'security_type') + self.security_type = attributes[:'security_type'] + end + + if attributes.key?(:'ssid') + self.ssid = attributes[:'ssid'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'transmit_rate') + self.transmit_rate = attributes[:'transmit_rate'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + bssid == o.bssid && + channel == o.channel && + channel_band == o.channel_band && + channel_width == o.channel_width && + collection_time == o.collection_time && + country_code == o.country_code && + interface == o.interface && + mode == o.mode && + network_name == o.network_name && + noise == o.noise && + rssi == o.rssi && + security_type == o.security_type && + ssid == o.ssid && + system_id == o.system_id && + transmit_rate == o.transmit_rate + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [bssid, channel, channel_band, channel_width, collection_time, country_code, interface, mode, network_name, noise, rssi, security_type, ssid, system_id, transmit_rate].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_windows_crashes.rb b/jcapiv2/lib/jcapiv2/models/system_insights_windows_crashes.rb deleted file mode 100644 index cf211ce..0000000 --- a/jcapiv2/lib/jcapiv2/models/system_insights_windows_crashes.rb +++ /dev/null @@ -1,368 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SystemInsightsWindowsCrashes - attr_accessor :build_number - - attr_accessor :command_line - - attr_accessor :crash_path - - attr_accessor :current_directory - - attr_accessor :datetime - - attr_accessor :exception_address - - attr_accessor :exception_code - - attr_accessor :exception_message - - attr_accessor :machine_name - - attr_accessor :major_version - - attr_accessor :minor_version - - attr_accessor :_module - - attr_accessor :path - - attr_accessor :pid - - attr_accessor :process_uptime - - attr_accessor :registers - - attr_accessor :stack_trace - - attr_accessor :tid - - attr_accessor :type - - attr_accessor :username - - attr_accessor :version - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'build_number' => :'build_number', - :'command_line' => :'command_line', - :'crash_path' => :'crash_path', - :'current_directory' => :'current_directory', - :'datetime' => :'datetime', - :'exception_address' => :'exception_address', - :'exception_code' => :'exception_code', - :'exception_message' => :'exception_message', - :'machine_name' => :'machine_name', - :'major_version' => :'major_version', - :'minor_version' => :'minor_version', - :'_module' => :'module', - :'path' => :'path', - :'pid' => :'pid', - :'process_uptime' => :'process_uptime', - :'registers' => :'registers', - :'stack_trace' => :'stack_trace', - :'tid' => :'tid', - :'type' => :'type', - :'username' => :'username', - :'version' => :'version' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'build_number' => :'Integer', - :'command_line' => :'String', - :'crash_path' => :'String', - :'current_directory' => :'String', - :'datetime' => :'String', - :'exception_address' => :'String', - :'exception_code' => :'String', - :'exception_message' => :'String', - :'machine_name' => :'String', - :'major_version' => :'Integer', - :'minor_version' => :'Integer', - :'_module' => :'String', - :'path' => :'String', - :'pid' => :'String', - :'process_uptime' => :'String', - :'registers' => :'String', - :'stack_trace' => :'String', - :'tid' => :'String', - :'type' => :'String', - :'username' => :'String', - :'version' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'build_number') - self.build_number = attributes[:'build_number'] - end - - if attributes.has_key?(:'command_line') - self.command_line = attributes[:'command_line'] - end - - if attributes.has_key?(:'crash_path') - self.crash_path = attributes[:'crash_path'] - end - - if attributes.has_key?(:'current_directory') - self.current_directory = attributes[:'current_directory'] - end - - if attributes.has_key?(:'datetime') - self.datetime = attributes[:'datetime'] - end - - if attributes.has_key?(:'exception_address') - self.exception_address = attributes[:'exception_address'] - end - - if attributes.has_key?(:'exception_code') - self.exception_code = attributes[:'exception_code'] - end - - if attributes.has_key?(:'exception_message') - self.exception_message = attributes[:'exception_message'] - end - - if attributes.has_key?(:'machine_name') - self.machine_name = attributes[:'machine_name'] - end - - if attributes.has_key?(:'major_version') - self.major_version = attributes[:'major_version'] - end - - if attributes.has_key?(:'minor_version') - self.minor_version = attributes[:'minor_version'] - end - - if attributes.has_key?(:'module') - self._module = attributes[:'module'] - end - - if attributes.has_key?(:'path') - self.path = attributes[:'path'] - end - - if attributes.has_key?(:'pid') - self.pid = attributes[:'pid'] - end - - if attributes.has_key?(:'process_uptime') - self.process_uptime = attributes[:'process_uptime'] - end - - if attributes.has_key?(:'registers') - self.registers = attributes[:'registers'] - end - - if attributes.has_key?(:'stack_trace') - self.stack_trace = attributes[:'stack_trace'] - end - - if attributes.has_key?(:'tid') - self.tid = attributes[:'tid'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - if attributes.has_key?(:'username') - self.username = attributes[:'username'] - end - - if attributes.has_key?(:'version') - self.version = attributes[:'version'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - build_number == o.build_number && - command_line == o.command_line && - crash_path == o.crash_path && - current_directory == o.current_directory && - datetime == o.datetime && - exception_address == o.exception_address && - exception_code == o.exception_code && - exception_message == o.exception_message && - machine_name == o.machine_name && - major_version == o.major_version && - minor_version == o.minor_version && - _module == o._module && - path == o.path && - pid == o.pid && - process_uptime == o.process_uptime && - registers == o.registers && - stack_trace == o.stack_trace && - tid == o.tid && - type == o.type && - username == o.username && - version == o.version - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [build_number, command_line, crash_path, current_directory, datetime, exception_address, exception_code, exception_message, machine_name, major_version, minor_version, _module, path, pid, process_uptime, registers, stack_trace, tid, type, username, version].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_windows_security_center.rb b/jcapiv2/lib/jcapiv2/models/system_insights_windows_security_center.rb new file mode 100644 index 0000000..beaa42e --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_windows_security_center.rb @@ -0,0 +1,278 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsWindowsSecurityCenter + attr_accessor :antispyware + + attr_accessor :antivirus + + attr_accessor :autoupdate + + attr_accessor :collection_time + + attr_accessor :firewall + + attr_accessor :internet_settings + + attr_accessor :system_id + + attr_accessor :user_account_control + + attr_accessor :windows_security_center_service + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'antispyware' => :'antispyware', + :'antivirus' => :'antivirus', + :'autoupdate' => :'autoupdate', + :'collection_time' => :'collection_time', + :'firewall' => :'firewall', + :'internet_settings' => :'internet_settings', + :'system_id' => :'system_id', + :'user_account_control' => :'user_account_control', + :'windows_security_center_service' => :'windows_security_center_service' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'antispyware' => :'Object', + :'antivirus' => :'Object', + :'autoupdate' => :'Object', + :'collection_time' => :'Object', + :'firewall' => :'Object', + :'internet_settings' => :'Object', + :'system_id' => :'Object', + :'user_account_control' => :'Object', + :'windows_security_center_service' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsWindowsSecurityCenter` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsWindowsSecurityCenter`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'antispyware') + self.antispyware = attributes[:'antispyware'] + end + + if attributes.key?(:'antivirus') + self.antivirus = attributes[:'antivirus'] + end + + if attributes.key?(:'autoupdate') + self.autoupdate = attributes[:'autoupdate'] + end + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'firewall') + self.firewall = attributes[:'firewall'] + end + + if attributes.key?(:'internet_settings') + self.internet_settings = attributes[:'internet_settings'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'user_account_control') + self.user_account_control = attributes[:'user_account_control'] + end + + if attributes.key?(:'windows_security_center_service') + self.windows_security_center_service = attributes[:'windows_security_center_service'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + antispyware == o.antispyware && + antivirus == o.antivirus && + autoupdate == o.autoupdate && + collection_time == o.collection_time && + firewall == o.firewall && + internet_settings == o.internet_settings && + system_id == o.system_id && + user_account_control == o.user_account_control && + windows_security_center_service == o.windows_security_center_service + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [antispyware, antivirus, autoupdate, collection_time, firewall, internet_settings, system_id, user_account_control, windows_security_center_service].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/system_insights_windows_security_products.rb b/jcapiv2/lib/jcapiv2/models/system_insights_windows_security_products.rb new file mode 100644 index 0000000..243556c --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/system_insights_windows_security_products.rb @@ -0,0 +1,269 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class SystemInsightsWindowsSecurityProducts + attr_accessor :collection_time + + attr_accessor :name + + attr_accessor :remediation_path + + attr_accessor :signatures_up_to_date + + attr_accessor :state + + attr_accessor :state_timestamp + + attr_accessor :system_id + + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'collection_time' => :'collection_time', + :'name' => :'name', + :'remediation_path' => :'remediation_path', + :'signatures_up_to_date' => :'signatures_up_to_date', + :'state' => :'state', + :'state_timestamp' => :'state_timestamp', + :'system_id' => :'system_id', + :'type' => :'type' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'collection_time' => :'Object', + :'name' => :'Object', + :'remediation_path' => :'Object', + :'signatures_up_to_date' => :'Object', + :'state' => :'Object', + :'state_timestamp' => :'Object', + :'system_id' => :'Object', + :'type' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::SystemInsightsWindowsSecurityProducts` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::SystemInsightsWindowsSecurityProducts`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'collection_time') + self.collection_time = attributes[:'collection_time'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'remediation_path') + self.remediation_path = attributes[:'remediation_path'] + end + + if attributes.key?(:'signatures_up_to_date') + self.signatures_up_to_date = attributes[:'signatures_up_to_date'] + end + + if attributes.key?(:'state') + self.state = attributes[:'state'] + end + + if attributes.key?(:'state_timestamp') + self.state_timestamp = attributes[:'state_timestamp'] + end + + if attributes.key?(:'system_id') + self.system_id = attributes[:'system_id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + collection_time == o.collection_time && + name == o.name && + remediation_path == o.remediation_path && + signatures_up_to_date == o.signatures_up_to_date && + state == o.state && + state_timestamp == o.state_timestamp && + system_id == o.system_id && + type == o.type + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [collection_time, name, remediation_path, signatures_up_to_date, state, state_timestamp, system_id, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/systemfdekey.rb b/jcapiv2/lib/jcapiv2/models/systemfdekey.rb index b0c7209..1bd75fa 100644 --- a/jcapiv2/lib/jcapiv2/models/systemfdekey.rb +++ b/jcapiv2/lib/jcapiv2/models/systemfdekey.rb @@ -1,23 +1,20 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class Systemfdekey attr_accessor :key - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -26,24 +23,36 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'key' => :'String' + :'key' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::Systemfdekey` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::Systemfdekey`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'key') + if attributes.key?(:'key') self.key = attributes[:'key'] end - end # Show invalid properties with the reasons. Usually used together with valid? @@ -51,17 +60,17 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @key.nil? - invalid_properties.push("invalid value for 'key', key cannot be nil.") + invalid_properties.push('invalid value for "key", key cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? return false if @key.nil? - return true + true end # Checks equality by comparing each attribute. @@ -79,26 +88,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [key].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -120,7 +138,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -141,8 +159,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -164,7 +181,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -176,7 +197,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -186,8 +207,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/systemuser.rb b/jcapiv2/lib/jcapiv2/models/systemuser.rb deleted file mode 100644 index f5a63d8..0000000 --- a/jcapiv2/lib/jcapiv2/models/systemuser.rb +++ /dev/null @@ -1,827 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class Systemuser - attr_accessor :_id - - attr_accessor :account_locked - - attr_accessor :activated - - attr_accessor :allow_public_key - - attr_accessor :associated_tag_count - - attr_accessor :attributes - - attr_accessor :company - - attr_accessor :cost_center - - attr_accessor :created - - attr_accessor :department - - attr_accessor :description - - attr_accessor :displayname - - attr_accessor :email - - # Must be unique per user. - attr_accessor :employee_identifier - - attr_accessor :employee_type - - attr_accessor :enable_managed_uid - - attr_accessor :enable_user_portal_multifactor - - attr_accessor :external_dn - - attr_accessor :external_source_type - - attr_accessor :externally_managed - - attr_accessor :firstname - - attr_accessor :job_title - - attr_accessor :lastname - - attr_accessor :ldap_binding_user - - attr_accessor :location - - attr_accessor :mfa - - attr_accessor :middlename - - attr_accessor :password_expiration_date - - attr_accessor :password_expired - - attr_accessor :password_never_expires - - attr_accessor :passwordless_sudo - - attr_accessor :public_key - - attr_accessor :samba_service_user - - attr_accessor :ssh_keys - - attr_accessor :sudo - - attr_accessor :suspended - - attr_accessor :tags - - attr_accessor :totp_enabled - - attr_accessor :unix_guid - - attr_accessor :unix_uid - - attr_accessor :username - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'_id' => :'_id', - :'account_locked' => :'account_locked', - :'activated' => :'activated', - :'allow_public_key' => :'allow_public_key', - :'associated_tag_count' => :'associatedTagCount', - :'attributes' => :'attributes', - :'company' => :'company', - :'cost_center' => :'costCenter', - :'created' => :'created', - :'department' => :'department', - :'description' => :'description', - :'displayname' => :'displayname', - :'email' => :'email', - :'employee_identifier' => :'employeeIdentifier', - :'employee_type' => :'employeeType', - :'enable_managed_uid' => :'enable_managed_uid', - :'enable_user_portal_multifactor' => :'enable_user_portal_multifactor', - :'external_dn' => :'external_dn', - :'external_source_type' => :'external_source_type', - :'externally_managed' => :'externally_managed', - :'firstname' => :'firstname', - :'job_title' => :'jobTitle', - :'lastname' => :'lastname', - :'ldap_binding_user' => :'ldap_binding_user', - :'location' => :'location', - :'mfa' => :'mfa', - :'middlename' => :'middlename', - :'password_expiration_date' => :'password_expiration_date', - :'password_expired' => :'password_expired', - :'password_never_expires' => :'password_never_expires', - :'passwordless_sudo' => :'passwordless_sudo', - :'public_key' => :'public_key', - :'samba_service_user' => :'samba_service_user', - :'ssh_keys' => :'ssh_keys', - :'sudo' => :'sudo', - :'suspended' => :'suspended', - :'tags' => :'tags', - :'totp_enabled' => :'totp_enabled', - :'unix_guid' => :'unix_guid', - :'unix_uid' => :'unix_uid', - :'username' => :'username' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'_id' => :'String', - :'account_locked' => :'BOOLEAN', - :'activated' => :'BOOLEAN', - :'allow_public_key' => :'BOOLEAN', - :'associated_tag_count' => :'Integer', - :'attributes' => :'Array', - :'company' => :'String', - :'cost_center' => :'String', - :'created' => :'String', - :'department' => :'String', - :'description' => :'String', - :'displayname' => :'String', - :'email' => :'String', - :'employee_identifier' => :'String', - :'employee_type' => :'String', - :'enable_managed_uid' => :'BOOLEAN', - :'enable_user_portal_multifactor' => :'BOOLEAN', - :'external_dn' => :'String', - :'external_source_type' => :'String', - :'externally_managed' => :'BOOLEAN', - :'firstname' => :'String', - :'job_title' => :'String', - :'lastname' => :'String', - :'ldap_binding_user' => :'BOOLEAN', - :'location' => :'String', - :'mfa' => :'Mfa', - :'middlename' => :'String', - :'password_expiration_date' => :'String', - :'password_expired' => :'BOOLEAN', - :'password_never_expires' => :'BOOLEAN', - :'passwordless_sudo' => :'BOOLEAN', - :'public_key' => :'String', - :'samba_service_user' => :'BOOLEAN', - :'ssh_keys' => :'Array', - :'sudo' => :'BOOLEAN', - :'suspended' => :'BOOLEAN', - :'tags' => :'Array', - :'totp_enabled' => :'BOOLEAN', - :'unix_guid' => :'Integer', - :'unix_uid' => :'Integer', - :'username' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'_id') - self._id = attributes[:'_id'] - end - - if attributes.has_key?(:'account_locked') - self.account_locked = attributes[:'account_locked'] - end - - if attributes.has_key?(:'activated') - self.activated = attributes[:'activated'] - end - - if attributes.has_key?(:'allow_public_key') - self.allow_public_key = attributes[:'allow_public_key'] - end - - if attributes.has_key?(:'associatedTagCount') - self.associated_tag_count = attributes[:'associatedTagCount'] - end - - if attributes.has_key?(:'attributes') - if (value = attributes[:'attributes']).is_a?(Array) - self.attributes = value - end - end - - if attributes.has_key?(:'company') - self.company = attributes[:'company'] - end - - if attributes.has_key?(:'costCenter') - self.cost_center = attributes[:'costCenter'] - end - - if attributes.has_key?(:'created') - self.created = attributes[:'created'] - end - - if attributes.has_key?(:'department') - self.department = attributes[:'department'] - end - - if attributes.has_key?(:'description') - self.description = attributes[:'description'] - end - - if attributes.has_key?(:'displayname') - self.displayname = attributes[:'displayname'] - end - - if attributes.has_key?(:'email') - self.email = attributes[:'email'] - end - - if attributes.has_key?(:'employeeIdentifier') - self.employee_identifier = attributes[:'employeeIdentifier'] - end - - if attributes.has_key?(:'employeeType') - self.employee_type = attributes[:'employeeType'] - end - - if attributes.has_key?(:'enable_managed_uid') - self.enable_managed_uid = attributes[:'enable_managed_uid'] - end - - if attributes.has_key?(:'enable_user_portal_multifactor') - self.enable_user_portal_multifactor = attributes[:'enable_user_portal_multifactor'] - end - - if attributes.has_key?(:'external_dn') - self.external_dn = attributes[:'external_dn'] - end - - if attributes.has_key?(:'external_source_type') - self.external_source_type = attributes[:'external_source_type'] - end - - if attributes.has_key?(:'externally_managed') - self.externally_managed = attributes[:'externally_managed'] - end - - if attributes.has_key?(:'firstname') - self.firstname = attributes[:'firstname'] - end - - if attributes.has_key?(:'jobTitle') - self.job_title = attributes[:'jobTitle'] - end - - if attributes.has_key?(:'lastname') - self.lastname = attributes[:'lastname'] - end - - if attributes.has_key?(:'ldap_binding_user') - self.ldap_binding_user = attributes[:'ldap_binding_user'] - end - - if attributes.has_key?(:'location') - self.location = attributes[:'location'] - end - - if attributes.has_key?(:'mfa') - self.mfa = attributes[:'mfa'] - end - - if attributes.has_key?(:'middlename') - self.middlename = attributes[:'middlename'] - end - - if attributes.has_key?(:'password_expiration_date') - self.password_expiration_date = attributes[:'password_expiration_date'] - end - - if attributes.has_key?(:'password_expired') - self.password_expired = attributes[:'password_expired'] - end - - if attributes.has_key?(:'password_never_expires') - self.password_never_expires = attributes[:'password_never_expires'] - end - - if attributes.has_key?(:'passwordless_sudo') - self.passwordless_sudo = attributes[:'passwordless_sudo'] - end - - if attributes.has_key?(:'public_key') - self.public_key = attributes[:'public_key'] - end - - if attributes.has_key?(:'samba_service_user') - self.samba_service_user = attributes[:'samba_service_user'] - end - - if attributes.has_key?(:'ssh_keys') - if (value = attributes[:'ssh_keys']).is_a?(Array) - self.ssh_keys = value - end - end - - if attributes.has_key?(:'sudo') - self.sudo = attributes[:'sudo'] - end - - if attributes.has_key?(:'suspended') - self.suspended = attributes[:'suspended'] - end - - if attributes.has_key?(:'tags') - if (value = attributes[:'tags']).is_a?(Array) - self.tags = value - end - end - - if attributes.has_key?(:'totp_enabled') - self.totp_enabled = attributes[:'totp_enabled'] - end - - if attributes.has_key?(:'unix_guid') - self.unix_guid = attributes[:'unix_guid'] - end - - if attributes.has_key?(:'unix_uid') - self.unix_uid = attributes[:'unix_uid'] - end - - if attributes.has_key?(:'username') - self.username = attributes[:'username'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if !@associated_tag_count.nil? && @associated_tag_count < 0 - invalid_properties.push("invalid value for 'associated_tag_count', must be greater than or equal to 0.") - end - - if !@company.nil? && @company.to_s.length > 1024 - invalid_properties.push("invalid value for 'company', the character length must be smaller than or equal to 1024.") - end - - if !@cost_center.nil? && @cost_center.to_s.length > 1024 - invalid_properties.push("invalid value for 'cost_center', the character length must be smaller than or equal to 1024.") - end - - if !@department.nil? && @department.to_s.length > 1024 - invalid_properties.push("invalid value for 'department', the character length must be smaller than or equal to 1024.") - end - - if !@description.nil? && @description.to_s.length > 1024 - invalid_properties.push("invalid value for 'description', the character length must be smaller than or equal to 1024.") - end - - if !@displayname.nil? && @displayname.to_s.length > 1024 - invalid_properties.push("invalid value for 'displayname', the character length must be smaller than or equal to 1024.") - end - - if !@email.nil? && @email.to_s.length > 1024 - invalid_properties.push("invalid value for 'email', the character length must be smaller than or equal to 1024.") - end - - if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - invalid_properties.push("invalid value for 'employee_identifier', the character length must be smaller than or equal to 256.") - end - - if !@employee_type.nil? && @employee_type.to_s.length > 1024 - invalid_properties.push("invalid value for 'employee_type', the character length must be smaller than or equal to 1024.") - end - - if !@firstname.nil? && @firstname.to_s.length > 1024 - invalid_properties.push("invalid value for 'firstname', the character length must be smaller than or equal to 1024.") - end - - if !@job_title.nil? && @job_title.to_s.length > 1024 - invalid_properties.push("invalid value for 'job_title', the character length must be smaller than or equal to 1024.") - end - - if !@lastname.nil? && @lastname.to_s.length > 1024 - invalid_properties.push("invalid value for 'lastname', the character length must be smaller than or equal to 1024.") - end - - if !@location.nil? && @location.to_s.length > 1024 - invalid_properties.push("invalid value for 'location', the character length must be smaller than or equal to 1024.") - end - - if !@middlename.nil? && @middlename.to_s.length > 1024 - invalid_properties.push("invalid value for 'middlename', the character length must be smaller than or equal to 1024.") - end - - if !@unix_guid.nil? && @unix_guid < 1 - invalid_properties.push("invalid value for 'unix_guid', must be greater than or equal to 1.") - end - - if !@unix_uid.nil? && @unix_uid < 1 - invalid_properties.push("invalid value for 'unix_uid', must be greater than or equal to 1.") - end - - if !@username.nil? && @username.to_s.length > 1024 - invalid_properties.push("invalid value for 'username', the character length must be smaller than or equal to 1024.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if !@associated_tag_count.nil? && @associated_tag_count < 0 - return false if !@company.nil? && @company.to_s.length > 1024 - return false if !@cost_center.nil? && @cost_center.to_s.length > 1024 - return false if !@department.nil? && @department.to_s.length > 1024 - return false if !@description.nil? && @description.to_s.length > 1024 - return false if !@displayname.nil? && @displayname.to_s.length > 1024 - return false if !@email.nil? && @email.to_s.length > 1024 - return false if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - return false if !@employee_type.nil? && @employee_type.to_s.length > 1024 - return false if !@firstname.nil? && @firstname.to_s.length > 1024 - return false if !@job_title.nil? && @job_title.to_s.length > 1024 - return false if !@lastname.nil? && @lastname.to_s.length > 1024 - return false if !@location.nil? && @location.to_s.length > 1024 - return false if !@middlename.nil? && @middlename.to_s.length > 1024 - return false if !@unix_guid.nil? && @unix_guid < 1 - return false if !@unix_uid.nil? && @unix_uid < 1 - return false if !@username.nil? && @username.to_s.length > 1024 - return true - end - - # Custom attribute writer method with validation - # @param [Object] associated_tag_count Value to be assigned - def associated_tag_count=(associated_tag_count) - - if !associated_tag_count.nil? && associated_tag_count < 0 - fail ArgumentError, "invalid value for 'associated_tag_count', must be greater than or equal to 0." - end - - @associated_tag_count = associated_tag_count - end - - # Custom attribute writer method with validation - # @param [Object] company Value to be assigned - def company=(company) - - if !company.nil? && company.to_s.length > 1024 - fail ArgumentError, "invalid value for 'company', the character length must be smaller than or equal to 1024." - end - - @company = company - end - - # Custom attribute writer method with validation - # @param [Object] cost_center Value to be assigned - def cost_center=(cost_center) - - if !cost_center.nil? && cost_center.to_s.length > 1024 - fail ArgumentError, "invalid value for 'cost_center', the character length must be smaller than or equal to 1024." - end - - @cost_center = cost_center - end - - # Custom attribute writer method with validation - # @param [Object] department Value to be assigned - def department=(department) - - if !department.nil? && department.to_s.length > 1024 - fail ArgumentError, "invalid value for 'department', the character length must be smaller than or equal to 1024." - end - - @department = department - end - - # Custom attribute writer method with validation - # @param [Object] description Value to be assigned - def description=(description) - - if !description.nil? && description.to_s.length > 1024 - fail ArgumentError, "invalid value for 'description', the character length must be smaller than or equal to 1024." - end - - @description = description - end - - # Custom attribute writer method with validation - # @param [Object] displayname Value to be assigned - def displayname=(displayname) - - if !displayname.nil? && displayname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'displayname', the character length must be smaller than or equal to 1024." - end - - @displayname = displayname - end - - # Custom attribute writer method with validation - # @param [Object] email Value to be assigned - def email=(email) - - if !email.nil? && email.to_s.length > 1024 - fail ArgumentError, "invalid value for 'email', the character length must be smaller than or equal to 1024." - end - - @email = email - end - - # Custom attribute writer method with validation - # @param [Object] employee_identifier Value to be assigned - def employee_identifier=(employee_identifier) - - if !employee_identifier.nil? && employee_identifier.to_s.length > 256 - fail ArgumentError, "invalid value for 'employee_identifier', the character length must be smaller than or equal to 256." - end - - @employee_identifier = employee_identifier - end - - # Custom attribute writer method with validation - # @param [Object] employee_type Value to be assigned - def employee_type=(employee_type) - - if !employee_type.nil? && employee_type.to_s.length > 1024 - fail ArgumentError, "invalid value for 'employee_type', the character length must be smaller than or equal to 1024." - end - - @employee_type = employee_type - end - - # Custom attribute writer method with validation - # @param [Object] firstname Value to be assigned - def firstname=(firstname) - - if !firstname.nil? && firstname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'firstname', the character length must be smaller than or equal to 1024." - end - - @firstname = firstname - end - - # Custom attribute writer method with validation - # @param [Object] job_title Value to be assigned - def job_title=(job_title) - - if !job_title.nil? && job_title.to_s.length > 1024 - fail ArgumentError, "invalid value for 'job_title', the character length must be smaller than or equal to 1024." - end - - @job_title = job_title - end - - # Custom attribute writer method with validation - # @param [Object] lastname Value to be assigned - def lastname=(lastname) - - if !lastname.nil? && lastname.to_s.length > 1024 - fail ArgumentError, "invalid value for 'lastname', the character length must be smaller than or equal to 1024." - end - - @lastname = lastname - end - - # Custom attribute writer method with validation - # @param [Object] location Value to be assigned - def location=(location) - - if !location.nil? && location.to_s.length > 1024 - fail ArgumentError, "invalid value for 'location', the character length must be smaller than or equal to 1024." - end - - @location = location - end - - # Custom attribute writer method with validation - # @param [Object] middlename Value to be assigned - def middlename=(middlename) - - if !middlename.nil? && middlename.to_s.length > 1024 - fail ArgumentError, "invalid value for 'middlename', the character length must be smaller than or equal to 1024." - end - - @middlename = middlename - end - - # Custom attribute writer method with validation - # @param [Object] unix_guid Value to be assigned - def unix_guid=(unix_guid) - - if !unix_guid.nil? && unix_guid < 1 - fail ArgumentError, "invalid value for 'unix_guid', must be greater than or equal to 1." - end - - @unix_guid = unix_guid - end - - # Custom attribute writer method with validation - # @param [Object] unix_uid Value to be assigned - def unix_uid=(unix_uid) - - if !unix_uid.nil? && unix_uid < 1 - fail ArgumentError, "invalid value for 'unix_uid', must be greater than or equal to 1." - end - - @unix_uid = unix_uid - end - - # Custom attribute writer method with validation - # @param [Object] username Value to be assigned - def username=(username) - - if !username.nil? && username.to_s.length > 1024 - fail ArgumentError, "invalid value for 'username', the character length must be smaller than or equal to 1024." - end - - @username = username - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - _id == o._id && - account_locked == o.account_locked && - activated == o.activated && - allow_public_key == o.allow_public_key && - associated_tag_count == o.associated_tag_count && - attributes == o.attributes && - company == o.company && - cost_center == o.cost_center && - created == o.created && - department == o.department && - description == o.description && - displayname == o.displayname && - email == o.email && - employee_identifier == o.employee_identifier && - employee_type == o.employee_type && - enable_managed_uid == o.enable_managed_uid && - enable_user_portal_multifactor == o.enable_user_portal_multifactor && - external_dn == o.external_dn && - external_source_type == o.external_source_type && - externally_managed == o.externally_managed && - firstname == o.firstname && - job_title == o.job_title && - lastname == o.lastname && - ldap_binding_user == o.ldap_binding_user && - location == o.location && - mfa == o.mfa && - middlename == o.middlename && - password_expiration_date == o.password_expiration_date && - password_expired == o.password_expired && - password_never_expires == o.password_never_expires && - passwordless_sudo == o.passwordless_sudo && - public_key == o.public_key && - samba_service_user == o.samba_service_user && - ssh_keys == o.ssh_keys && - sudo == o.sudo && - suspended == o.suspended && - tags == o.tags && - totp_enabled == o.totp_enabled && - unix_guid == o.unix_guid && - unix_uid == o.unix_uid && - username == o.username - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [_id, account_locked, activated, allow_public_key, associated_tag_count, attributes, company, cost_center, created, department, description, displayname, email, employee_identifier, employee_type, enable_managed_uid, enable_user_portal_multifactor, external_dn, external_source_type, externally_managed, firstname, job_title, lastname, ldap_binding_user, location, mfa, middlename, password_expiration_date, password_expired, password_never_expires, passwordless_sudo, public_key, samba_service_user, ssh_keys, sudo, suspended, tags, totp_enabled, unix_guid, unix_uid, username].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/systemuserputpost.rb b/jcapiv2/lib/jcapiv2/models/systemuserputpost.rb deleted file mode 100644 index 17a9aac..0000000 --- a/jcapiv2/lib/jcapiv2/models/systemuserputpost.rb +++ /dev/null @@ -1,625 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class Systemuserputpost - attr_accessor :account_locked - - attr_accessor :activated - - attr_accessor :addresses - - attr_accessor :allow_public_key - - attr_accessor :attributes - - attr_accessor :company - - attr_accessor :cost_center - - attr_accessor :department - - attr_accessor :description - - attr_accessor :displayname - - attr_accessor :email - - # Must be unique per user. - attr_accessor :employee_identifier - - attr_accessor :employee_type - - attr_accessor :enable_managed_uid - - attr_accessor :enable_user_portal_multifactor - - attr_accessor :external_dn - - attr_accessor :external_source_type - - attr_accessor :externally_managed - - attr_accessor :firstname - - attr_accessor :job_title - - attr_accessor :lastname - - attr_accessor :ldap_binding_user - - attr_accessor :location - - attr_accessor :mfa - - attr_accessor :middlename - - attr_accessor :password - - attr_accessor :password_never_expires - - attr_accessor :passwordless_sudo - - attr_accessor :phone_numbers - - attr_accessor :public_key - - attr_accessor :relationships - - attr_accessor :samba_service_user - - attr_accessor :sudo - - attr_accessor :suspended - - attr_accessor :tags - - attr_accessor :unix_guid - - attr_accessor :unix_uid - - attr_accessor :username - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'account_locked' => :'account_locked', - :'activated' => :'activated', - :'addresses' => :'addresses', - :'allow_public_key' => :'allow_public_key', - :'attributes' => :'attributes', - :'company' => :'company', - :'cost_center' => :'costCenter', - :'department' => :'department', - :'description' => :'description', - :'displayname' => :'displayname', - :'email' => :'email', - :'employee_identifier' => :'employeeIdentifier', - :'employee_type' => :'employeeType', - :'enable_managed_uid' => :'enable_managed_uid', - :'enable_user_portal_multifactor' => :'enable_user_portal_multifactor', - :'external_dn' => :'external_dn', - :'external_source_type' => :'external_source_type', - :'externally_managed' => :'externally_managed', - :'firstname' => :'firstname', - :'job_title' => :'jobTitle', - :'lastname' => :'lastname', - :'ldap_binding_user' => :'ldap_binding_user', - :'location' => :'location', - :'mfa' => :'mfa', - :'middlename' => :'middlename', - :'password' => :'password', - :'password_never_expires' => :'password_never_expires', - :'passwordless_sudo' => :'passwordless_sudo', - :'phone_numbers' => :'phoneNumbers', - :'public_key' => :'public_key', - :'relationships' => :'relationships', - :'samba_service_user' => :'samba_service_user', - :'sudo' => :'sudo', - :'suspended' => :'suspended', - :'tags' => :'tags', - :'unix_guid' => :'unix_guid', - :'unix_uid' => :'unix_uid', - :'username' => :'username' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'account_locked' => :'BOOLEAN', - :'activated' => :'BOOLEAN', - :'addresses' => :'Array', - :'allow_public_key' => :'BOOLEAN', - :'attributes' => :'Array', - :'company' => :'String', - :'cost_center' => :'String', - :'department' => :'String', - :'description' => :'String', - :'displayname' => :'String', - :'email' => :'String', - :'employee_identifier' => :'String', - :'employee_type' => :'String', - :'enable_managed_uid' => :'BOOLEAN', - :'enable_user_portal_multifactor' => :'BOOLEAN', - :'external_dn' => :'String', - :'external_source_type' => :'String', - :'externally_managed' => :'BOOLEAN', - :'firstname' => :'String', - :'job_title' => :'String', - :'lastname' => :'String', - :'ldap_binding_user' => :'BOOLEAN', - :'location' => :'String', - :'mfa' => :'Mfa', - :'middlename' => :'String', - :'password' => :'String', - :'password_never_expires' => :'BOOLEAN', - :'passwordless_sudo' => :'BOOLEAN', - :'phone_numbers' => :'Array', - :'public_key' => :'String', - :'relationships' => :'Array', - :'samba_service_user' => :'BOOLEAN', - :'sudo' => :'BOOLEAN', - :'suspended' => :'BOOLEAN', - :'tags' => :'Array', - :'unix_guid' => :'Integer', - :'unix_uid' => :'Integer', - :'username' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'account_locked') - self.account_locked = attributes[:'account_locked'] - end - - if attributes.has_key?(:'activated') - self.activated = attributes[:'activated'] - end - - if attributes.has_key?(:'addresses') - if (value = attributes[:'addresses']).is_a?(Array) - self.addresses = value - end - end - - if attributes.has_key?(:'allow_public_key') - self.allow_public_key = attributes[:'allow_public_key'] - end - - if attributes.has_key?(:'attributes') - if (value = attributes[:'attributes']).is_a?(Array) - self.attributes = value - end - end - - if attributes.has_key?(:'company') - self.company = attributes[:'company'] - end - - if attributes.has_key?(:'costCenter') - self.cost_center = attributes[:'costCenter'] - end - - if attributes.has_key?(:'department') - self.department = attributes[:'department'] - end - - if attributes.has_key?(:'description') - self.description = attributes[:'description'] - end - - if attributes.has_key?(:'displayname') - self.displayname = attributes[:'displayname'] - end - - if attributes.has_key?(:'email') - self.email = attributes[:'email'] - end - - if attributes.has_key?(:'employeeIdentifier') - self.employee_identifier = attributes[:'employeeIdentifier'] - end - - if attributes.has_key?(:'employeeType') - self.employee_type = attributes[:'employeeType'] - end - - if attributes.has_key?(:'enable_managed_uid') - self.enable_managed_uid = attributes[:'enable_managed_uid'] - end - - if attributes.has_key?(:'enable_user_portal_multifactor') - self.enable_user_portal_multifactor = attributes[:'enable_user_portal_multifactor'] - end - - if attributes.has_key?(:'external_dn') - self.external_dn = attributes[:'external_dn'] - end - - if attributes.has_key?(:'external_source_type') - self.external_source_type = attributes[:'external_source_type'] - end - - if attributes.has_key?(:'externally_managed') - self.externally_managed = attributes[:'externally_managed'] - end - - if attributes.has_key?(:'firstname') - self.firstname = attributes[:'firstname'] - end - - if attributes.has_key?(:'jobTitle') - self.job_title = attributes[:'jobTitle'] - end - - if attributes.has_key?(:'lastname') - self.lastname = attributes[:'lastname'] - end - - if attributes.has_key?(:'ldap_binding_user') - self.ldap_binding_user = attributes[:'ldap_binding_user'] - end - - if attributes.has_key?(:'location') - self.location = attributes[:'location'] - end - - if attributes.has_key?(:'mfa') - self.mfa = attributes[:'mfa'] - end - - if attributes.has_key?(:'middlename') - self.middlename = attributes[:'middlename'] - end - - if attributes.has_key?(:'password') - self.password = attributes[:'password'] - end - - if attributes.has_key?(:'password_never_expires') - self.password_never_expires = attributes[:'password_never_expires'] - end - - if attributes.has_key?(:'passwordless_sudo') - self.passwordless_sudo = attributes[:'passwordless_sudo'] - end - - if attributes.has_key?(:'phoneNumbers') - if (value = attributes[:'phoneNumbers']).is_a?(Array) - self.phone_numbers = value - end - end - - if attributes.has_key?(:'public_key') - self.public_key = attributes[:'public_key'] - end - - if attributes.has_key?(:'relationships') - if (value = attributes[:'relationships']).is_a?(Array) - self.relationships = value - end - end - - if attributes.has_key?(:'samba_service_user') - self.samba_service_user = attributes[:'samba_service_user'] - end - - if attributes.has_key?(:'sudo') - self.sudo = attributes[:'sudo'] - end - - if attributes.has_key?(:'suspended') - self.suspended = attributes[:'suspended'] - end - - if attributes.has_key?(:'tags') - if (value = attributes[:'tags']).is_a?(Array) - self.tags = value - end - end - - if attributes.has_key?(:'unix_guid') - self.unix_guid = attributes[:'unix_guid'] - end - - if attributes.has_key?(:'unix_uid') - self.unix_uid = attributes[:'unix_uid'] - end - - if attributes.has_key?(:'username') - self.username = attributes[:'username'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if !@description.nil? && @description.to_s.length > 1024 - invalid_properties.push("invalid value for 'description', the character length must be smaller than or equal to 1024.") - end - - if @email.nil? - invalid_properties.push("invalid value for 'email', email cannot be nil.") - end - - if @email.to_s.length > 1024 - invalid_properties.push("invalid value for 'email', the character length must be smaller than or equal to 1024.") - end - - if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - invalid_properties.push("invalid value for 'employee_identifier', the character length must be smaller than or equal to 256.") - end - - if !@unix_guid.nil? && @unix_guid < 1 - invalid_properties.push("invalid value for 'unix_guid', must be greater than or equal to 1.") - end - - if !@unix_uid.nil? && @unix_uid < 1 - invalid_properties.push("invalid value for 'unix_uid', must be greater than or equal to 1.") - end - - if @username.nil? - invalid_properties.push("invalid value for 'username', username cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if !@description.nil? && @description.to_s.length > 1024 - return false if @email.nil? - return false if @email.to_s.length > 1024 - return false if !@employee_identifier.nil? && @employee_identifier.to_s.length > 256 - return false if !@unix_guid.nil? && @unix_guid < 1 - return false if !@unix_uid.nil? && @unix_uid < 1 - return false if @username.nil? - return true - end - - # Custom attribute writer method with validation - # @param [Object] description Value to be assigned - def description=(description) - - if !description.nil? && description.to_s.length > 1024 - fail ArgumentError, "invalid value for 'description', the character length must be smaller than or equal to 1024." - end - - @description = description - end - - # Custom attribute writer method with validation - # @param [Object] email Value to be assigned - def email=(email) - if email.nil? - fail ArgumentError, "email cannot be nil" - end - - if email.to_s.length > 1024 - fail ArgumentError, "invalid value for 'email', the character length must be smaller than or equal to 1024." - end - - @email = email - end - - # Custom attribute writer method with validation - # @param [Object] employee_identifier Value to be assigned - def employee_identifier=(employee_identifier) - - if !employee_identifier.nil? && employee_identifier.to_s.length > 256 - fail ArgumentError, "invalid value for 'employee_identifier', the character length must be smaller than or equal to 256." - end - - @employee_identifier = employee_identifier - end - - # Custom attribute writer method with validation - # @param [Object] unix_guid Value to be assigned - def unix_guid=(unix_guid) - - if !unix_guid.nil? && unix_guid < 1 - fail ArgumentError, "invalid value for 'unix_guid', must be greater than or equal to 1." - end - - @unix_guid = unix_guid - end - - # Custom attribute writer method with validation - # @param [Object] unix_uid Value to be assigned - def unix_uid=(unix_uid) - - if !unix_uid.nil? && unix_uid < 1 - fail ArgumentError, "invalid value for 'unix_uid', must be greater than or equal to 1." - end - - @unix_uid = unix_uid - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - account_locked == o.account_locked && - activated == o.activated && - addresses == o.addresses && - allow_public_key == o.allow_public_key && - attributes == o.attributes && - company == o.company && - cost_center == o.cost_center && - department == o.department && - description == o.description && - displayname == o.displayname && - email == o.email && - employee_identifier == o.employee_identifier && - employee_type == o.employee_type && - enable_managed_uid == o.enable_managed_uid && - enable_user_portal_multifactor == o.enable_user_portal_multifactor && - external_dn == o.external_dn && - external_source_type == o.external_source_type && - externally_managed == o.externally_managed && - firstname == o.firstname && - job_title == o.job_title && - lastname == o.lastname && - ldap_binding_user == o.ldap_binding_user && - location == o.location && - mfa == o.mfa && - middlename == o.middlename && - password == o.password && - password_never_expires == o.password_never_expires && - passwordless_sudo == o.passwordless_sudo && - phone_numbers == o.phone_numbers && - public_key == o.public_key && - relationships == o.relationships && - samba_service_user == o.samba_service_user && - sudo == o.sudo && - suspended == o.suspended && - tags == o.tags && - unix_guid == o.unix_guid && - unix_uid == o.unix_uid && - username == o.username - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [account_locked, activated, addresses, allow_public_key, attributes, company, cost_center, department, description, displayname, email, employee_identifier, employee_type, enable_managed_uid, enable_user_portal_multifactor, external_dn, external_source_type, externally_managed, firstname, job_title, lastname, ldap_binding_user, location, mfa, middlename, password, password_never_expires, passwordless_sudo, phone_numbers, public_key, relationships, samba_service_user, sudo, suspended, tags, unix_guid, unix_uid, username].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/systemuserputpost_addresses.rb b/jcapiv2/lib/jcapiv2/models/systemuserputpost_addresses.rb deleted file mode 100644 index 29e167f..0000000 --- a/jcapiv2/lib/jcapiv2/models/systemuserputpost_addresses.rb +++ /dev/null @@ -1,251 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SystemuserputpostAddresses - attr_accessor :country - - attr_accessor :extended_address - - attr_accessor :locality - - attr_accessor :po_box - - attr_accessor :postal_code - - attr_accessor :region - - attr_accessor :street_address - - attr_accessor :type - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'country' => :'country', - :'extended_address' => :'extendedAddress', - :'locality' => :'locality', - :'po_box' => :'poBox', - :'postal_code' => :'postalCode', - :'region' => :'region', - :'street_address' => :'streetAddress', - :'type' => :'type' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'country' => :'String', - :'extended_address' => :'String', - :'locality' => :'String', - :'po_box' => :'String', - :'postal_code' => :'String', - :'region' => :'String', - :'street_address' => :'String', - :'type' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'country') - self.country = attributes[:'country'] - end - - if attributes.has_key?(:'extendedAddress') - self.extended_address = attributes[:'extendedAddress'] - end - - if attributes.has_key?(:'locality') - self.locality = attributes[:'locality'] - end - - if attributes.has_key?(:'poBox') - self.po_box = attributes[:'poBox'] - end - - if attributes.has_key?(:'postalCode') - self.postal_code = attributes[:'postalCode'] - end - - if attributes.has_key?(:'region') - self.region = attributes[:'region'] - end - - if attributes.has_key?(:'streetAddress') - self.street_address = attributes[:'streetAddress'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - country == o.country && - extended_address == o.extended_address && - locality == o.locality && - po_box == o.po_box && - postal_code == o.postal_code && - region == o.region && - street_address == o.street_address && - type == o.type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [country, extended_address, locality, po_box, postal_code, region, street_address, type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/systemuserputpost_phone_numbers.rb b/jcapiv2/lib/jcapiv2/models/systemuserputpost_phone_numbers.rb deleted file mode 100644 index 71a7784..0000000 --- a/jcapiv2/lib/jcapiv2/models/systemuserputpost_phone_numbers.rb +++ /dev/null @@ -1,197 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class SystemuserputpostPhoneNumbers - attr_accessor :number - - attr_accessor :type - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'number' => :'number', - :'type' => :'type' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'number' => :'String', - :'type' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'number') - self.number = attributes[:'number'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - number == o.number && - type == o.type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [number, type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/ticketing_integration_alert.rb b/jcapiv2/lib/jcapiv2/models/ticketing_integration_alert.rb new file mode 100644 index 0000000..d0228df --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/ticketing_integration_alert.rb @@ -0,0 +1,233 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class TicketingIntegrationAlert + attr_accessor :category + + attr_accessor :description + + attr_accessor :id + + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'category' => :'category', + :'description' => :'description', + :'id' => :'id', + :'name' => :'name' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'category' => :'Object', + :'description' => :'Object', + :'id' => :'Object', + :'name' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::TicketingIntegrationAlert` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::TicketingIntegrationAlert`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'category') + self.category = attributes[:'category'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + category == o.category && + description == o.description && + id == o.id && + name == o.name + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [category, description, id, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/ticketing_integration_alerts_resp.rb b/jcapiv2/lib/jcapiv2/models/ticketing_integration_alerts_resp.rb new file mode 100644 index 0000000..293bb13 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/ticketing_integration_alerts_resp.rb @@ -0,0 +1,213 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class TicketingIntegrationAlertsResp + attr_accessor :records + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'records' => :'records' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'records' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::TicketingIntegrationAlertsResp` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::TicketingIntegrationAlertsResp`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'records') + if (value = attributes[:'records']).is_a?(Array) + self.records = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + if @records.nil? + invalid_properties.push('invalid value for "records", records cannot be nil.') + end + + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + return false if @records.nil? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + records == o.records + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [records].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/user.rb b/jcapiv2/lib/jcapiv2/models/user.rb new file mode 100644 index 0000000..e1c0123 --- /dev/null +++ b/jcapiv2/lib/jcapiv2/models/user.rb @@ -0,0 +1,319 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'date' + +module JCAPIv2 + class User + attr_accessor :addresses + + attr_accessor :alternate_email + + attr_accessor :company + + attr_accessor :cost_center + + attr_accessor :department + + attr_accessor :email + + # Must be unique per user. + attr_accessor :employee_identifier + + attr_accessor :employee_type + + attr_accessor :firstname + + attr_accessor :job_title + + attr_accessor :lastname + + attr_accessor :location + + attr_accessor :phone_numbers + + # Attribute mapping from ruby-style variable name to JSON key. + def self.attribute_map + { + :'addresses' => :'addresses', + :'alternate_email' => :'alternateEmail', + :'company' => :'company', + :'cost_center' => :'costCenter', + :'department' => :'department', + :'email' => :'email', + :'employee_identifier' => :'employeeIdentifier', + :'employee_type' => :'employeeType', + :'firstname' => :'firstname', + :'job_title' => :'jobTitle', + :'lastname' => :'lastname', + :'location' => :'location', + :'phone_numbers' => :'phoneNumbers' + } + end + + # Attribute type mapping. + def self.openapi_types + { + :'addresses' => :'Object', + :'alternate_email' => :'Object', + :'company' => :'Object', + :'cost_center' => :'Object', + :'department' => :'Object', + :'email' => :'Object', + :'employee_identifier' => :'Object', + :'employee_type' => :'Object', + :'firstname' => :'Object', + :'job_title' => :'Object', + :'lastname' => :'Object', + :'location' => :'Object', + :'phone_numbers' => :'Object' + } + end + + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + + # Initializes the object + # @param [Hash] attributes Model attributes in the form of hash + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::User` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::User`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'addresses') + if (value = attributes[:'addresses']).is_a?(Array) + self.addresses = value + end + end + + if attributes.key?(:'alternate_email') + self.alternate_email = attributes[:'alternate_email'] + end + + if attributes.key?(:'company') + self.company = attributes[:'company'] + end + + if attributes.key?(:'cost_center') + self.cost_center = attributes[:'cost_center'] + end + + if attributes.key?(:'department') + self.department = attributes[:'department'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'employee_identifier') + self.employee_identifier = attributes[:'employee_identifier'] + end + + if attributes.key?(:'employee_type') + self.employee_type = attributes[:'employee_type'] + end + + if attributes.key?(:'firstname') + self.firstname = attributes[:'firstname'] + end + + if attributes.key?(:'job_title') + self.job_title = attributes[:'job_title'] + end + + if attributes.key?(:'lastname') + self.lastname = attributes[:'lastname'] + end + + if attributes.key?(:'location') + self.location = attributes[:'location'] + end + + if attributes.key?(:'phone_numbers') + if (value = attributes[:'phone_numbers']).is_a?(Array) + self.phone_numbers = value + end + end + end + + # Show invalid properties with the reasons. Usually used together with valid? + # @return Array for valid properties with the reasons + def list_invalid_properties + invalid_properties = Array.new + invalid_properties + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + def valid? + true + end + + # Checks equality by comparing each attribute. + # @param [Object] Object to be compared + def ==(o) + return true if self.equal?(o) + self.class == o.class && + addresses == o.addresses && + alternate_email == o.alternate_email && + company == o.company && + cost_center == o.cost_center && + department == o.department && + email == o.email && + employee_identifier == o.employee_identifier && + employee_type == o.employee_type && + firstname == o.firstname && + job_title == o.job_title && + lastname == o.lastname && + location == o.location && + phone_numbers == o.phone_numbers + end + + # @see the `==` method + # @param [Object] Object to be compared + def eql?(o) + self == o + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + def hash + [addresses, alternate_email, company, cost_center, department, email, employee_identifier, employee_type, firstname, job_title, lastname, location, phone_numbers].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def build_from_hash(attributes) + return nil unless attributes.is_a?(Hash) + self.class.openapi_types.each_pair do |key, type| + if type =~ /\AArray<(.*)>/i + # check to ensure the input is an array given that the attribute + # is documented as an array but the input is not + if attributes[self.class.attribute_map[key]].is_a?(Array) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) + end + elsif !attributes[self.class.attribute_map[key]].nil? + self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end + end + + self + end + + # Deserializes the data based on type + # @param string type Data type + # @param string value Value to be deserialized + # @return [Object] Deserialized data + def _deserialize(type, value) + case type.to_sym + when :DateTime + DateTime.parse(value) + when :Date + Date.parse(value) + when :String + value.to_s + when :Integer + value.to_i + when :Float + value.to_f + when :Boolean + if value.to_s =~ /\A(true|t|yes|y|1)\z/i + true + else + false + end + when :Object + # generic object (usually a Hash), return directly + value + when /\AArray<(?.+)>\z/ + inner_type = Regexp.last_match[:inner_type] + value.map { |v| _deserialize(inner_type, v) } + when /\AHash<(?.+?), (?.+)>\z/ + k_type = Regexp.last_match[:k_type] + v_type = Regexp.last_match[:v_type] + {}.tap do |hash| + value.each do |k, v| + hash[_deserialize(k_type, k)] = _deserialize(v_type, v) + end + end + else # model + JCAPIv2.const_get(type).build_from_hash(value) + end + end + + # Returns the string representation of the object + # @return [String] String presentation of the object + def to_s + to_hash.to_s + end + + # to_body is an alias to to_hash (backward compatibility) + # @return [Hash] Returns the object in the form of hash + def to_body + to_hash + end + + # Returns the object in the form of hash + # @return [Hash] Returns the object in the form of hash + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + hash + end + + # Outputs non-array value in the form of hash + # For object, use to_hash. Otherwise, just return the value + # @param [Object] value Any valid value + # @return [Hash] Returns the value in the form of hash + def _to_hash(value) + if value.is_a?(Array) + value.compact.map { |v| _to_hash(v) } + elsif value.is_a?(Hash) + {}.tap do |hash| + value.each { |k, v| hash[k] = _to_hash(v) } + end + elsif value.respond_to? :to_hash + value.to_hash + else + value + end + end end +end diff --git a/jcapiv2/lib/jcapiv2/models/user_graph_management_req.rb b/jcapiv2/lib/jcapiv2/models/user_graph_management_req.rb deleted file mode 100644 index 4995d28..0000000 --- a/jcapiv2/lib/jcapiv2/models/user_graph_management_req.rb +++ /dev/null @@ -1,277 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class UserGraphManagementReq - attr_accessor :attributes - - # The ObjectID of graph object being added or removed as an association. - attr_accessor :id - - # How to modify the graph connection. - attr_accessor :op - - attr_accessor :type - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'attributes' => :'attributes', - :'id' => :'id', - :'op' => :'op', - :'type' => :'type' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'attributes' => :'SystemGraphManagementReqAttributes', - :'id' => :'String', - :'op' => :'String', - :'type' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'attributes') - self.attributes = attributes[:'attributes'] - end - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'op') - self.op = attributes[:'op'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - if @op.nil? - invalid_properties.push("invalid value for 'op', op cannot be nil.") - end - - if @type.nil? - invalid_properties.push("invalid value for 'type', type cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @id.nil? - return false if @op.nil? - op_validator = EnumAttributeValidator.new('String', ["add", "remove", "update"]) - return false unless op_validator.valid?(@op) - return false if @type.nil? - type_validator = EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "system", "system_group"]) - return false unless type_validator.valid?(@type) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] op Object to be assigned - def op=(op) - validator = EnumAttributeValidator.new('String', ["add", "remove", "update"]) - unless validator.valid?(op) - fail ArgumentError, "invalid value for 'op', must be one of #{validator.allowable_values}." - end - @op = op - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] type Object to be assigned - def type=(type) - validator = EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "system", "system_group"]) - unless validator.valid?(type) - fail ArgumentError, "invalid value for 'type', must be one of #{validator.allowable_values}." - end - @type = type - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - attributes == o.attributes && - id == o.id && - op == o.op && - type == o.type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [attributes, id, op, type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/user_group.rb b/jcapiv2/lib/jcapiv2/models/user_group.rb index 9665cb7..74f85b6 100644 --- a/jcapiv2/lib/jcapiv2/models/user_group.rb +++ b/jcapiv2/lib/jcapiv2/models/user_group.rb @@ -1,28 +1,44 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class UserGroup attr_accessor :attributes + # Description of a User Group + attr_accessor :description + + # Email address of a User Group + attr_accessor :email + # ObjectId uniquely identifying a User Group. attr_accessor :id + attr_accessor :member_query + + # Array of GraphObjects exempted from the query + attr_accessor :member_query_exemptions + + # True if notification emails are to be sent for membership suggestions. + attr_accessor :member_suggestions_notify + + attr_accessor :membership_method + # Display name of a User Group. attr_accessor :name + attr_accessor :suggestion_counts + # The type of the group. attr_accessor :type @@ -52,69 +68,125 @@ def valid?(value) def self.attribute_map { :'attributes' => :'attributes', + :'description' => :'description', + :'email' => :'email', :'id' => :'id', + :'member_query' => :'memberQuery', + :'member_query_exemptions' => :'memberQueryExemptions', + :'member_suggestions_notify' => :'memberSuggestionsNotify', + :'membership_method' => :'membershipMethod', :'name' => :'name', + :'suggestion_counts' => :'suggestionCounts', :'type' => :'type' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'attributes' => :'UserGroupAttributes', - :'id' => :'String', - :'name' => :'String', - :'type' => :'String' + :'attributes' => :'Object', + :'description' => :'Object', + :'email' => :'Object', + :'id' => :'Object', + :'member_query' => :'Object', + :'member_query_exemptions' => :'Object', + :'member_suggestions_notify' => :'Object', + :'membership_method' => :'Object', + :'name' => :'Object', + :'suggestion_counts' => :'Object', + :'type' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::UserGroup` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::UserGroup`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'attributes') + if attributes.key?(:'attributes') self.attributes = attributes[:'attributes'] end - if attributes.has_key?(:'id') + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'name') + if attributes.key?(:'member_query') + self.member_query = attributes[:'member_query'] + end + + if attributes.key?(:'member_query_exemptions') + if (value = attributes[:'member_query_exemptions']).is_a?(Array) + self.member_query_exemptions = value + end + end + + if attributes.key?(:'member_suggestions_notify') + self.member_suggestions_notify = attributes[:'member_suggestions_notify'] + end + + if attributes.key?(:'membership_method') + self.membership_method = attributes[:'membership_method'] + end + + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'type') - self.type = attributes[:'type'] + if attributes.key?(:'suggestion_counts') + self.suggestion_counts = attributes[:'suggestion_counts'] end + if attributes.key?(:'type') + self.type = attributes[:'type'] + end end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - type_validator = EnumAttributeValidator.new('String', ["user_group"]) + type_validator = EnumAttributeValidator.new('Object', ['user_group']) return false unless type_validator.valid?(@type) - return true + true end # Custom attribute writer method checking allowed values (enum). # @param [Object] type Object to be assigned def type=(type) - validator = EnumAttributeValidator.new('String', ["user_group"]) + validator = EnumAttributeValidator.new('Object', ['user_group']) unless validator.valid?(type) - fail ArgumentError, "invalid value for 'type', must be one of #{validator.allowable_values}." + fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}." end @type = type end @@ -125,8 +197,15 @@ def ==(o) return true if self.equal?(o) self.class == o.class && attributes == o.attributes && + description == o.description && + email == o.email && id == o.id && + member_query == o.member_query && + member_query_exemptions == o.member_query_exemptions && + member_suggestions_notify == o.member_suggestions_notify && + membership_method == o.membership_method && name == o.name && + suggestion_counts == o.suggestion_counts && type == o.type end @@ -137,9 +216,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [attributes, id, name, type].hash + [attributes, description, email, id, member_query, member_query_exemptions, member_suggestions_notify, membership_method, name, suggestion_counts, type].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -147,16 +233,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -178,7 +266,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -199,8 +287,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -222,7 +309,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -234,7 +325,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -244,8 +335,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/user_group_attributes.rb b/jcapiv2/lib/jcapiv2/models/user_group_attributes.rb deleted file mode 100644 index d96543d..0000000 --- a/jcapiv2/lib/jcapiv2/models/user_group_attributes.rb +++ /dev/null @@ -1,199 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class UserGroupAttributes - attr_accessor :posix_groups - - attr_accessor :samba_enabled - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'posix_groups' => :'posixGroups', - :'samba_enabled' => :'sambaEnabled' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'posix_groups' => :'Array', - :'samba_enabled' => :'BOOLEAN' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'posixGroups') - if (value = attributes[:'posixGroups']).is_a?(Array) - self.posix_groups = value - end - end - - if attributes.has_key?(:'sambaEnabled') - self.samba_enabled = attributes[:'sambaEnabled'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - posix_groups == o.posix_groups && - samba_enabled == o.samba_enabled - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [posix_groups, samba_enabled].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/user_group_attributes_posix_groups.rb b/jcapiv2/lib/jcapiv2/models/user_group_attributes_posix_groups.rb deleted file mode 100644 index f726ec4..0000000 --- a/jcapiv2/lib/jcapiv2/models/user_group_attributes_posix_groups.rb +++ /dev/null @@ -1,197 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class UserGroupAttributesPosixGroups - attr_accessor :id - - attr_accessor :name - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'id' => :'id', - :'name' => :'name' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'id' => :'Integer', - :'name' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - id == o.id && - name == o.name - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [id, name].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/user_group_graph_management_req.rb b/jcapiv2/lib/jcapiv2/models/user_group_graph_management_req.rb deleted file mode 100644 index 154729e..0000000 --- a/jcapiv2/lib/jcapiv2/models/user_group_graph_management_req.rb +++ /dev/null @@ -1,269 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class UserGroupGraphManagementReq - # The ObjectID of graph object being added or removed as an association. - attr_accessor :id - - # How to modify the graph connection. - attr_accessor :op - - # The graph type - attr_accessor :type - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'id' => :'id', - :'op' => :'op', - :'type' => :'type' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'id' => :'String', - :'op' => :'String', - :'type' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'op') - self.op = attributes[:'op'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - if @op.nil? - invalid_properties.push("invalid value for 'op', op cannot be nil.") - end - - if @type.nil? - invalid_properties.push("invalid value for 'type', type cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @id.nil? - return false if @op.nil? - op_validator = EnumAttributeValidator.new('String', ["add", "remove", "update"]) - return false unless op_validator.valid?(@op) - return false if @type.nil? - type_validator = EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "system", "system_group"]) - return false unless type_validator.valid?(@type) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] op Object to be assigned - def op=(op) - validator = EnumAttributeValidator.new('String', ["add", "remove", "update"]) - unless validator.valid?(op) - fail ArgumentError, "invalid value for 'op', must be one of #{validator.allowable_values}." - end - @op = op - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] type Object to be assigned - def type=(type) - validator = EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "system", "system_group"]) - unless validator.valid?(type) - fail ArgumentError, "invalid value for 'type', must be one of #{validator.allowable_values}." - end - @type = type - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - id == o.id && - op == o.op && - type == o.type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [id, op, type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/user_group_members_req.rb b/jcapiv2/lib/jcapiv2/models/user_group_members_req.rb deleted file mode 100644 index 81e1fc1..0000000 --- a/jcapiv2/lib/jcapiv2/models/user_group_members_req.rb +++ /dev/null @@ -1,269 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class UserGroupMembersReq - # The ObjectID of member being added or removed. - attr_accessor :id - - # How to modify the membership connection. - attr_accessor :op - - # The member type. - attr_accessor :type - - class EnumAttributeValidator - attr_reader :datatype - attr_reader :allowable_values - - def initialize(datatype, allowable_values) - @allowable_values = allowable_values.map do |value| - case datatype.to_s - when /Integer/i - value.to_i - when /Float/i - value.to_f - else - value - end - end - end - - def valid?(value) - !value || allowable_values.include?(value) - end - end - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'id' => :'id', - :'op' => :'op', - :'type' => :'type' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'id' => :'String', - :'op' => :'String', - :'type' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'id') - self.id = attributes[:'id'] - end - - if attributes.has_key?(:'op') - self.op = attributes[:'op'] - end - - if attributes.has_key?(:'type') - self.type = attributes[:'type'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - if @id.nil? - invalid_properties.push("invalid value for 'id', id cannot be nil.") - end - - if @op.nil? - invalid_properties.push("invalid value for 'op', op cannot be nil.") - end - - if @type.nil? - invalid_properties.push("invalid value for 'type', type cannot be nil.") - end - - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return false if @id.nil? - return false if @op.nil? - op_validator = EnumAttributeValidator.new('String', ["add", "remove"]) - return false unless op_validator.valid?(@op) - return false if @type.nil? - type_validator = EnumAttributeValidator.new('String', ["user"]) - return false unless type_validator.valid?(@type) - return true - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] op Object to be assigned - def op=(op) - validator = EnumAttributeValidator.new('String', ["add", "remove"]) - unless validator.valid?(op) - fail ArgumentError, "invalid value for 'op', must be one of #{validator.allowable_values}." - end - @op = op - end - - # Custom attribute writer method checking allowed values (enum). - # @param [Object] type Object to be assigned - def type=(type) - validator = EnumAttributeValidator.new('String', ["user"]) - unless validator.valid?(type) - fail ArgumentError, "invalid value for 'type', must be one of #{validator.allowable_values}." - end - @type = type - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - id == o.id && - op == o.op && - type == o.type - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [id, op, type].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/user_group_post.rb b/jcapiv2/lib/jcapiv2/models/user_group_post.rb index f4e0a46..b2d4767 100644 --- a/jcapiv2/lib/jcapiv2/models/user_group_post.rb +++ b/jcapiv2/lib/jcapiv2/models/user_group_post.rb @@ -1,58 +1,121 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class UserGroupPost attr_accessor :attributes + # Description of a User Group + attr_accessor :description + + # Email address of a User Group + attr_accessor :email + + attr_accessor :member_query + + # Array of GraphObjects exempted from the query + attr_accessor :member_query_exemptions + + # True if notification emails are to be sent for membership suggestions. + attr_accessor :member_suggestions_notify + + attr_accessor :membership_method + # Display name of a User Group. attr_accessor :name - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'attributes' => :'attributes', + :'description' => :'description', + :'email' => :'email', + :'member_query' => :'memberQuery', + :'member_query_exemptions' => :'memberQueryExemptions', + :'member_suggestions_notify' => :'memberSuggestionsNotify', + :'membership_method' => :'membershipMethod', :'name' => :'name' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'attributes' => :'UserGroupAttributes', - :'name' => :'String' + :'attributes' => :'Object', + :'description' => :'Object', + :'email' => :'Object', + :'member_query' => :'Object', + :'member_query_exemptions' => :'Object', + :'member_suggestions_notify' => :'Object', + :'membership_method' => :'Object', + :'name' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::UserGroupPost` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::UserGroupPost`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'attributes') + if attributes.key?(:'attributes') self.attributes = attributes[:'attributes'] end - if attributes.has_key?(:'name') - self.name = attributes[:'name'] + if attributes.key?(:'description') + self.description = attributes[:'description'] end + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'member_query') + self.member_query = attributes[:'member_query'] + end + + if attributes.key?(:'member_query_exemptions') + if (value = attributes[:'member_query_exemptions']).is_a?(Array) + self.member_query_exemptions = value + end + end + + if attributes.key?(:'member_suggestions_notify') + self.member_suggestions_notify = attributes[:'member_suggestions_notify'] + end + + if attributes.key?(:'membership_method') + self.membership_method = attributes[:'membership_method'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end end # Show invalid properties with the reasons. Usually used together with valid? @@ -60,17 +123,17 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") + invalid_properties.push('invalid value for "name", name cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? return false if @name.nil? - return true + true end # Checks equality by comparing each attribute. @@ -79,6 +142,12 @@ def ==(o) return true if self.equal?(o) self.class == o.class && attributes == o.attributes && + description == o.description && + email == o.email && + member_query == o.member_query && + member_query_exemptions == o.member_query_exemptions && + member_suggestions_notify == o.member_suggestions_notify && + membership_method == o.membership_method && name == o.name end @@ -89,9 +158,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [attributes, name].hash + [attributes, description, email, member_query, member_query_exemptions, member_suggestions_notify, membership_method, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -99,16 +175,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -130,7 +208,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -151,8 +229,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -174,7 +251,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -186,7 +267,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -196,8 +277,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/user_group_put.rb b/jcapiv2/lib/jcapiv2/models/user_group_put.rb index e3d83ac..4498283 100644 --- a/jcapiv2/lib/jcapiv2/models/user_group_put.rb +++ b/jcapiv2/lib/jcapiv2/models/user_group_put.rb @@ -1,58 +1,121 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class UserGroupPut attr_accessor :attributes + # Description of a User Group + attr_accessor :description + + # Email address of a User Group + attr_accessor :email + + attr_accessor :member_query + + # Array of GraphObjects exempted from the query + attr_accessor :member_query_exemptions + + # True if notification emails are to be sent for membership suggestions. + attr_accessor :member_suggestions_notify + + attr_accessor :membership_method + # Display name of a User Group. attr_accessor :name - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { :'attributes' => :'attributes', + :'description' => :'description', + :'email' => :'email', + :'member_query' => :'memberQuery', + :'member_query_exemptions' => :'memberQueryExemptions', + :'member_suggestions_notify' => :'memberSuggestionsNotify', + :'membership_method' => :'membershipMethod', :'name' => :'name' } end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'attributes' => :'UserGroupAttributes', - :'name' => :'String' + :'attributes' => :'Object', + :'description' => :'Object', + :'email' => :'Object', + :'member_query' => :'Object', + :'member_query_exemptions' => :'Object', + :'member_suggestions_notify' => :'Object', + :'membership_method' => :'Object', + :'name' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::UserGroupPut` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::UserGroupPut`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'attributes') + if attributes.key?(:'attributes') self.attributes = attributes[:'attributes'] end - if attributes.has_key?(:'name') - self.name = attributes[:'name'] + if attributes.key?(:'description') + self.description = attributes[:'description'] end + if attributes.key?(:'email') + self.email = attributes[:'email'] + end + + if attributes.key?(:'member_query') + self.member_query = attributes[:'member_query'] + end + + if attributes.key?(:'member_query_exemptions') + if (value = attributes[:'member_query_exemptions']).is_a?(Array) + self.member_query_exemptions = value + end + end + + if attributes.key?(:'member_suggestions_notify') + self.member_suggestions_notify = attributes[:'member_suggestions_notify'] + end + + if attributes.key?(:'membership_method') + self.membership_method = attributes[:'membership_method'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end end # Show invalid properties with the reasons. Usually used together with valid? @@ -60,17 +123,17 @@ def initialize(attributes = {}) def list_invalid_properties invalid_properties = Array.new if @name.nil? - invalid_properties.push("invalid value for 'name', name cannot be nil.") + invalid_properties.push('invalid value for "name", name cannot be nil.') end - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? return false if @name.nil? - return true + true end # Checks equality by comparing each attribute. @@ -79,6 +142,12 @@ def ==(o) return true if self.equal?(o) self.class == o.class && attributes == o.attributes && + description == o.description && + email == o.email && + member_query == o.member_query && + member_query_exemptions == o.member_query_exemptions && + member_suggestions_notify == o.member_suggestions_notify && + membership_method == o.membership_method && name == o.name end @@ -89,9 +158,16 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash - [attributes, name].hash + [attributes, description, email, member_query, member_query_exemptions, member_suggestions_notify, membership_method, name].hash + end + + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) end # Builds the object from hash @@ -99,16 +175,18 @@ def hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -130,7 +208,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -151,8 +229,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -174,7 +251,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -186,7 +267,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -196,8 +277,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/workday_fields.rb b/jcapiv2/lib/jcapiv2/models/workday_fields.rb index d0643e3..53fddd8 100644 --- a/jcapiv2/lib/jcapiv2/models/workday_fields.rb +++ b/jcapiv2/lib/jcapiv2/models/workday_fields.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class WorkdayFields attr_accessor :name attr_accessor :report_url - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'name' => :'String', - :'report_url' => :'String' + :'name' => :'Object', + :'report_url' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::WorkdayFields` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::WorkdayFields`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'reportUrl') - self.report_url = attributes[:'reportUrl'] + if attributes.key?(:'report_url') + self.report_url = attributes[:'report_url'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [name, report_url].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/workday_input.rb b/jcapiv2/lib/jcapiv2/models/workday_input.rb index aea9b97..0478dd5 100644 --- a/jcapiv2/lib/jcapiv2/models/workday_input.rb +++ b/jcapiv2/lib/jcapiv2/models/workday_input.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class WorkdayInput attr_accessor :auth @@ -21,7 +19,6 @@ class WorkdayInput attr_accessor :report_url - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -32,47 +29,59 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'auth' => :'AuthInput', - :'name' => :'String', - :'report_url' => :'String' + :'auth' => :'Object', + :'name' => :'Object', + :'report_url' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::WorkdayInput` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::WorkdayInput`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'auth') + if attributes.key?(:'auth') self.auth = attributes[:'auth'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'reportUrl') - self.report_url = attributes[:'reportUrl'] + if attributes.key?(:'report_url') + self.report_url = attributes[:'report_url'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -92,26 +101,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [auth, name, report_url].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -133,7 +151,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -154,8 +172,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -177,7 +194,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -189,7 +210,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -199,8 +220,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/workday_output.rb b/jcapiv2/lib/jcapiv2/models/workday_output.rb index 3ee365f..630d77c 100644 --- a/jcapiv2/lib/jcapiv2/models/workday_output.rb +++ b/jcapiv2/lib/jcapiv2/models/workday_output.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class WorkdayOutput attr_accessor :auth @@ -25,7 +23,6 @@ class WorkdayOutput attr_accessor :report_url - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -38,57 +35,69 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'auth' => :'WorkdayoutputAuth', - :'id' => :'String', - :'last_import' => :'String', - :'name' => :'String', - :'report_url' => :'String' + :'auth' => :'Object', + :'id' => :'Object', + :'last_import' => :'Object', + :'name' => :'Object', + :'report_url' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::WorkdayOutput` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::WorkdayOutput`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'auth') + if attributes.key?(:'auth') self.auth = attributes[:'auth'] end - if attributes.has_key?(:'id') + if attributes.key?(:'id') self.id = attributes[:'id'] end - if attributes.has_key?(:'lastImport') - self.last_import = attributes[:'lastImport'] + if attributes.key?(:'last_import') + self.last_import = attributes[:'last_import'] end - if attributes.has_key?(:'name') + if attributes.key?(:'name') self.name = attributes[:'name'] end - if attributes.has_key?(:'reportUrl') - self.report_url = attributes[:'reportUrl'] + if attributes.key?(:'report_url') + self.report_url = attributes[:'report_url'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -110,26 +119,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [auth, id, last_import, name, report_url].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -151,7 +169,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -172,8 +190,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -195,7 +212,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -207,7 +228,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -217,8 +238,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/workday_request.rb b/jcapiv2/lib/jcapiv2/models/workday_request.rb deleted file mode 100644 index af7e573..0000000 --- a/jcapiv2/lib/jcapiv2/models/workday_request.rb +++ /dev/null @@ -1,197 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'date' - -module JCAPIv2 - - class WorkdayRequest - attr_accessor :name - - attr_accessor :object_id - - - # Attribute mapping from ruby-style variable name to JSON key. - def self.attribute_map - { - :'name' => :'name', - :'object_id' => :'objectId' - } - end - - # Attribute type mapping. - def self.swagger_types - { - :'name' => :'String', - :'object_id' => :'String' - } - end - - # Initializes the object - # @param [Hash] attributes Model attributes in the form of hash - def initialize(attributes = {}) - return unless attributes.is_a?(Hash) - - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} - - if attributes.has_key?(:'name') - self.name = attributes[:'name'] - end - - if attributes.has_key?(:'objectId') - self.object_id = attributes[:'objectId'] - end - - end - - # Show invalid properties with the reasons. Usually used together with valid? - # @return Array for valid properties with the reasons - def list_invalid_properties - invalid_properties = Array.new - return invalid_properties - end - - # Check to see if the all the properties in the model are valid - # @return true if the model is valid - def valid? - return true - end - - # Checks equality by comparing each attribute. - # @param [Object] Object to be compared - def ==(o) - return true if self.equal?(o) - self.class == o.class && - name == o.name && - object_id == o.object_id - end - - # @see the `==` method - # @param [Object] Object to be compared - def eql?(o) - self == o - end - - # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code - def hash - [name, object_id].hash - end - - # Builds the object from hash - # @param [Hash] attributes Model attributes in the form of hash - # @return [Object] Returns the model itself - def build_from_hash(attributes) - return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| - if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute - # is documented as an array but the input is not - if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) - end - elsif !attributes[self.class.attribute_map[key]].nil? - self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional - end - - self - end - - # Deserializes the data based on type - # @param string type Data type - # @param string value Value to be deserialized - # @return [Object] Deserialized data - def _deserialize(type, value) - case type.to_sym - when :DateTime - DateTime.parse(value) - when :Date - Date.parse(value) - when :String - value.to_s - when :Integer - value.to_i - when :Float - value.to_f - when :BOOLEAN - if value.to_s =~ /\A(true|t|yes|y|1)\z/i - true - else - false - end - when :Object - # generic object (usually a Hash), return directly - value - when /\AArray<(?.+)>\z/ - inner_type = Regexp.last_match[:inner_type] - value.map { |v| _deserialize(inner_type, v) } - when /\AHash<(?.+?), (?.+)>\z/ - k_type = Regexp.last_match[:k_type] - v_type = Regexp.last_match[:v_type] - {}.tap do |hash| - value.each do |k, v| - hash[_deserialize(k_type, k)] = _deserialize(v_type, v) - end - end - else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) - end - end - - # Returns the string representation of the object - # @return [String] String presentation of the object - def to_s - to_hash.to_s - end - - # to_body is an alias to to_hash (backward compatibility) - # @return [Hash] Returns the object in the form of hash - def to_body - to_hash - end - - # Returns the object in the form of hash - # @return [Hash] Returns the object in the form of hash - def to_hash - hash = {} - self.class.attribute_map.each_pair do |attr, param| - value = self.send(attr) - next if value.nil? - hash[param] = _to_hash(value) - end - hash - end - - # Outputs non-array value in the form of hash - # For object, use to_hash. Otherwise, just return the value - # @param [Object] value Any valid value - # @return [Hash] Returns the value in the form of hash - def _to_hash(value) - if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } - elsif value.is_a?(Hash) - {}.tap do |hash| - value.each { |k, v| hash[k] = _to_hash(v) } - end - elsif value.respond_to? :to_hash - value.to_hash - else - value - end - end - - end - -end diff --git a/jcapiv2/lib/jcapiv2/models/workday_worker.rb b/jcapiv2/lib/jcapiv2/models/workday_worker.rb index 3e5372f..a37752b 100644 --- a/jcapiv2/lib/jcapiv2/models/workday_worker.rb +++ b/jcapiv2/lib/jcapiv2/models/workday_worker.rb @@ -1,19 +1,17 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class WorkdayWorker attr_accessor :attributes @@ -25,7 +23,6 @@ class WorkdayWorker attr_accessor :username - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -38,57 +35,69 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { :'attributes' => :'Object', - :'email' => :'String', - :'first_name' => :'String', - :'last_name' => :'String', - :'username' => :'String' + :'email' => :'Object', + :'first_name' => :'Object', + :'last_name' => :'Object', + :'username' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::WorkdayWorker` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::WorkdayWorker`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'attributes') + if attributes.key?(:'attributes') self.attributes = attributes[:'attributes'] end - if attributes.has_key?(:'email') + if attributes.key?(:'email') self.email = attributes[:'email'] end - if attributes.has_key?(:'firstName') - self.first_name = attributes[:'firstName'] + if attributes.key?(:'first_name') + self.first_name = attributes[:'first_name'] end - if attributes.has_key?(:'lastName') - self.last_name = attributes[:'lastName'] + if attributes.key?(:'last_name') + self.last_name = attributes[:'last_name'] end - if attributes.has_key?(:'username') + if attributes.key?(:'username') self.username = attributes[:'username'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -110,26 +119,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [attributes, email, first_name, last_name, username].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -151,7 +169,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -172,8 +190,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -195,7 +212,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -207,7 +228,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -217,8 +238,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/models/workdayoutput_auth.rb b/jcapiv2/lib/jcapiv2/models/workdayoutput_auth.rb index d6a16b1..a1a620b 100644 --- a/jcapiv2/lib/jcapiv2/models/workdayoutput_auth.rb +++ b/jcapiv2/lib/jcapiv2/models/workdayoutput_auth.rb @@ -1,25 +1,22 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'date' module JCAPIv2 - class WorkdayoutputAuth attr_accessor :basic attr_accessor :oauth - # Attribute mapping from ruby-style variable name to JSON key. def self.attribute_map { @@ -29,42 +26,54 @@ def self.attribute_map end # Attribute type mapping. - def self.swagger_types + def self.openapi_types { - :'basic' => :'AuthInfo', - :'oauth' => :'AuthInfo' + :'basic' => :'Object', + :'oauth' => :'Object' } end + # List of attributes with nullable: true + def self.openapi_nullable + Set.new([ + ]) + end + # Initializes the object # @param [Hash] attributes Model attributes in the form of hash def initialize(attributes = {}) - return unless attributes.is_a?(Hash) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `JCAPIv2::WorkdayoutputAuth` initialize method" + end - # convert string to symbol for hash key - attributes = attributes.each_with_object({}){|(k,v), h| h[k.to_sym] = v} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `JCAPIv2::WorkdayoutputAuth`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } - if attributes.has_key?(:'basic') + if attributes.key?(:'basic') self.basic = attributes[:'basic'] end - if attributes.has_key?(:'oauth') + if attributes.key?(:'oauth') self.oauth = attributes[:'oauth'] end - end # Show invalid properties with the reasons. Usually used together with valid? # @return Array for valid properties with the reasons def list_invalid_properties invalid_properties = Array.new - return invalid_properties + invalid_properties end # Check to see if the all the properties in the model are valid # @return true if the model is valid def valid? - return true + true end # Checks equality by comparing each attribute. @@ -83,26 +92,35 @@ def eql?(o) end # Calculates hash code according to all attributes. - # @return [Fixnum] Hash code + # @return [Integer] Hash code def hash [basic, oauth].hash end + # Builds the object from hash + # @param [Hash] attributes Model attributes in the form of hash + # @return [Object] Returns the model itself + def self.build_from_hash(attributes) + new.build_from_hash(attributes) + end + # Builds the object from hash # @param [Hash] attributes Model attributes in the form of hash # @return [Object] Returns the model itself def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) - self.class.swagger_types.each_pair do |key, type| + self.class.openapi_types.each_pair do |key, type| if type =~ /\AArray<(.*)>/i - # check to ensure the input is an array given that the the attribute + # check to ensure the input is an array given that the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) - self.send("#{key}=", attributes[self.class.attribute_map[key]].map{ |v| _deserialize($1, v) } ) + self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) }) end elsif !attributes[self.class.attribute_map[key]].nil? self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]])) - end # or else data not found in attributes(hash), not an issue as the data can be optional + elsif attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key) + self.send("#{key}=", nil) + end end self @@ -124,7 +142,7 @@ def _deserialize(type, value) value.to_i when :Float value.to_f - when :BOOLEAN + when :Boolean if value.to_s =~ /\A(true|t|yes|y|1)\z/i true else @@ -145,8 +163,7 @@ def _deserialize(type, value) end end else # model - temp_model = JCAPIv2.const_get(type).new - temp_model.build_from_hash(value) + JCAPIv2.const_get(type).build_from_hash(value) end end @@ -168,7 +185,11 @@ def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = self.send(attr) - next if value.nil? + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + hash[param] = _to_hash(value) end hash @@ -180,7 +201,7 @@ def to_hash # @return [Hash] Returns the value in the form of hash def _to_hash(value) if value.is_a?(Array) - value.compact.map{ |v| _to_hash(v) } + value.compact.map { |v| _to_hash(v) } elsif value.is_a?(Hash) {}.tap do |hash| value.each { |k, v| hash[k] = _to_hash(v) } @@ -190,8 +211,5 @@ def _to_hash(value) else value end - end - - end - + end end end diff --git a/jcapiv2/lib/jcapiv2/version.rb b/jcapiv2/lib/jcapiv2/version.rb index 05db489..389b333 100644 --- a/jcapiv2/lib/jcapiv2/version.rb +++ b/jcapiv2/lib/jcapiv2/version.rb @@ -1,15 +1,14 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end module JCAPIv2 - VERSION = "3.0.0" + VERSION = '3.0.0' end diff --git a/jcapiv2/spec/api/active_directory_api_spec.rb b/jcapiv2/spec/api/active_directory_api_spec.rb index 55f0770..61e5cd6 100644 --- a/jcapiv2/spec/api/active_directory_api_spec.rb +++ b/jcapiv2/spec/api/active_directory_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,182 +33,176 @@ # unit tests for activedirectories_agents_delete # Delete Active Directory Agent - # + # This endpoint deletes an Active Directory agent. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id # @param agent_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'activedirectories_agents_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for activedirectories_agents_get # Get Active Directory Agent - # This endpoint returns a specific active directory agent. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns an Active Directory agent. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents/{agent_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id # @param agent_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [ActiveDirectoryAgentListOutput] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [ActiveDirectoryAgentList] describe 'activedirectories_agents_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for activedirectories_agents_list # List Active Directory Agents - # This endpoint allows you to list all your Active Directory Agents for a given Instance. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to list all your Active Directory Agents for a given Instance. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] describe 'activedirectories_agents_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for activedirectories_agents_post # Create a new Active Directory Agent - # This endpoint allows you to create a new Active Directory Agent. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # This endpoint allows you to create a new Active Directory Agent. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{activedirectory_id}/agents \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [ActiveDirectoryAgentInput] :body - # @option opts [String] :x_org_id - # @return [ActiveDirectoryAgentGetOutput] + # @option opts [ActiveDirectoryAgent] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [ActiveDirectoryAgentGet] describe 'activedirectories_agents_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for activedirectories_delete # Delete an Active Directory - # This endpoint allows you to delete an Active Directory Instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY' ``` + # This endpoint allows you to delete an Active Directory Instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of this Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [nil] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [ActiveDirectory] describe 'activedirectories_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for activedirectories_get # Get an Active Directory - # This endpoint returns a specific Active Directory. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific Active Directory. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of this Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [ActiveDirectoryOutput] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [ActiveDirectory] describe 'activedirectories_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for activedirectories_list # List Active Directories - # This endpoint allows you to list all your Active Directory Instances. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint allows you to list all your Active Directory Instances. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] describe 'activedirectories_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for activedirectories_post # Create a new Active Directory - # This endpoint allows you to create a new Active Directory. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"domain\": \"{DC=AD_domain_name;DC=com}\" } ' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new Active Directory. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/ \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"domain\": \"{DC=AD_domain_name;DC=com}\" }' ``` # @param [Hash] opts the optional parameters - # @option opts [ActiveDirectoryInput] :body - # @option opts [String] :x_org_id - # @return [ActiveDirectoryOutput] + # @option opts [ActiveDirectory] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [ActiveDirectory] describe 'activedirectories_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_active_directory_associations_list # List the associations of an Active Directory instance - # This endpoint returns the direct associations of this Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/associations?targets=user \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the direct associations of this Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/associations?targets=user \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"active_directory\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_active_directory_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_active_directory_associations_post # Manage the associations of an Active Directory instance - # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" } ' ``` + # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationActiveDirectory] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_active_directory_associations_post test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_active_directory_traverse_user + # List the Users bound to an Active Directory instance + # This endpoint will return all Users bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param activedirectory_id ObjectID of the Active Directory instance. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array] + describe 'graph_active_directory_traverse_user test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_active_directory_traverse_user_group # List the User Groups bound to an Active Directory instance - # This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id ObjectID of the Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_active_directory_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/administrators_api_spec.rb b/jcapiv2/spec/api/administrators_api_spec.rb new file mode 100644 index 0000000..632f612 --- /dev/null +++ b/jcapiv2/spec/api/administrators_api_spec.rb @@ -0,0 +1,88 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::AdministratorsApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AdministratorsApi' do + before do + # run before each test + @instance = JCAPIv2::AdministratorsApi.new + end + + after do + # run after each test + end + + describe 'test an instance of AdministratorsApi' do + it 'should create an instance of AdministratorsApi' do + expect(@instance).to be_instance_of(JCAPIv2::AdministratorsApi) + end + end + + # unit tests for administrator_organizations_create_by_administrator + # Allow Adminstrator access to an Organization. + # This endpoint allows you to grant Administrator access to an Organization. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [AdministratorOrganizationLinkReq] :body + # @return [AdministratorOrganizationLink] + describe 'administrator_organizations_create_by_administrator test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for administrator_organizations_list_by_administrator + # List the association links between an Administrator and Organizations. + # This endpoint returns the association links between an Administrator and Organizations. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array] + describe 'administrator_organizations_list_by_administrator test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for administrator_organizations_list_by_organization + # List the association links between an Organization and Administrators. + # This endpoint returns the association links between an Organization and Administrators. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array] + describe 'administrator_organizations_list_by_organization test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for administrator_organizations_remove_by_administrator + # Remove association between an Administrator and an Organization. + # This endpoint removes the association link between an Administrator and an Organization. + # @param administrator_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'administrator_organizations_remove_by_administrator test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/apple_mdm_api_spec.rb b/jcapiv2/spec/api/apple_mdm_api_spec.rb index 10718ab..4c3a15a 100644 --- a/jcapiv2/spec/api/apple_mdm_api_spec.rb +++ b/jcapiv2/spec/api/apple_mdm_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,93 +31,272 @@ end end + # unit tests for applemdms_csrget + # Get Apple MDM CSR Plist + # Retrieves an Apple MDM signed CSR Plist for an organization. The user must supply the returned plist to Apple for signing, and then provide the certificate provided by Apple back into the PUT API. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/csr \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AppleMdmSignedCsrPlist] + describe 'applemdms_csrget test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + # unit tests for applemdms_delete # Delete an Apple MDM - # Removes an Apple MDM configuration. Warning: This is a destructive operation and will remove your Apple Push Certificates. We will no longer be able to manage your devices and the only recovery option is to re-register all devices into MDM. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param apple_mdm_id - # @param content_type - # @param accept + # Removes an Apple MDM configuration. Warning: This is a destructive operation and will remove your Apple Push Certificates. We will no longer be able to manage your devices and the only recovery option is to re-register all devices into MDM. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [AppleMDM] describe 'applemdms_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for applemdms_list - # List Apple MDMs - # Get a list of all Apple MDM configurations. An empty topic indicates that a signed certificate from Apple has not been provided to the PUT endpoint yet. Note: currently only one MDM configuration per organization is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # unit tests for applemdms_deletedevice + # Remove an Apple MDM Device's Enrollment + # Remove a single Apple MDM device from MDM enrollment. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id} \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param device_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Array] - describe 'applemdms_list test' do - it "should work" do + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AppleMdmDevice] + describe 'applemdms_deletedevice test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for applemdms_post - # Create Apple MDM - # Creates an Apple MDM Enrollment for an organization. Only one enrollment per organization will be allowed. Note that this is the first step in completly setting up an MDM Enrollment. The user must supply the returned plist to Apple for signing, and then provide the certificate provided by Apple back into the PUT API. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/organizations/{Organization_ID}/mdm \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` - # @param content_type - # @param accept + # unit tests for applemdms_depkeyget + # Get Apple MDM DEP Public Key + # Retrieves an Apple MDM DEP Public Key. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/depkey \\ -H 'accept: application/x-pem-file' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id # @param [Hash] opts the optional parameters - # @option opts [Body] :body - # @option opts [String] :x_org_id - # @return [InlineResponse201] - describe 'applemdms_post test' do - it "should work" do + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AppleMdmPublicKeyCert] + describe 'applemdms_depkeyget test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for applemdms_put - # Update an Apple MDM - # Updates an Apple MDM configuration. This endpoint is used to supply JumpCloud with a signed certificate from Apple in order to finalize the setup and allow JumpCloud to manage your devices. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/applemdms/{ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"MDM name\", \"appleSignedCert\": \"{CERTIFICATE}\" }' ``` + # unit tests for applemdms_devices_clear_activation_lock + # Clears the Activation Lock for a Device + # Clears the activation lock on the specified device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/clearActivationLock \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param apple_mdm_id - # @param content_type - # @param accept + # @param device_id # @param [Hash] opts the optional parameters - # @option opts [AppleMdmPatchInput] :body - # @option opts [String] :x_org_id - # @return [AppleMDM] - describe 'applemdms_put test' do - it "should work" do + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applemdms_devices_clear_activation_lock test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_devices_os_update_status + # Request the status of an OS update for a device + # Pass through to request the status of an OS update #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/osUpdateStatus \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applemdms_devices_os_update_status test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_devices_refresh_activation_lock_information + # Refresh activation lock information for a device + # Refreshes the activation lock information for a device #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/refreshActivationLockInformation \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applemdms_devices_refresh_activation_lock_information test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_devices_schedule_os_update + # Schedule an OS update for a device + # Schedules an OS update for a device #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/scheduleOSUpdate \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"install_action\": \"INSTALL_ASAP\", \"product_key\": \"key\"}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [ScheduleOSUpdate] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applemdms_devices_schedule_os_update test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_deviceserase + # Erase Device + # Erases a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/erase \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [DeviceIdEraseBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applemdms_deviceserase test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_deviceslist + # List AppleMDM Devices + # Lists all Apple MDM devices. The filter and sort queries will allow the following fields: `createdAt` `depRegistered` `enrolled` `id` `osVersion` `serialNumber` `udid` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :x_total_count + # @return [Array] + describe 'applemdms_deviceslist test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for enrollmentprofiles_get + # unit tests for applemdms_deviceslock + # Lock Device + # Locks a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/lock \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [DeviceIdLockBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applemdms_deviceslock test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_devicesrestart + # Restart Device + # Restarts a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/restart \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"kextPaths\": [\"Path1\", \"Path2\"]}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [DeviceIdRestartBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applemdms_devicesrestart test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_devicesshutdown + # Shut Down Device + # Shuts down a DEP-enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id}/shutdown \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applemdms_devicesshutdown test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_enrollmentprofilesget # Get an Apple MDM Enrollment Profile - # Get an enrollment profile Currently only requesting the mobileconfig is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles/{ENROLLMENT_PROFILE_ID} \\ -H 'accept: application/x-apple-aspen-config' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Get an enrollment profile Currently only requesting the mobileconfig is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles/{ID} \\ -H 'accept: application/x-apple-aspen-config' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param apple_mdm_id - # @param enrollment_profile_id - # @param content_type - # @param accept + # @param id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Mobileconfig] - describe 'enrollmentprofiles_get test' do - it "should work" do + describe 'applemdms_enrollmentprofilesget test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for enrollmentprofiles_list + # unit tests for applemdms_enrollmentprofileslist # List Apple MDM Enrollment Profiles - # Get a list of enrollment profiles for an apple mdm. Note: currently only one enrollment profile is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Get a list of enrollment profiles for an apple mdm. Note: currently only one enrollment profile is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms/{APPLE_MDM_ID}/enrollmentprofiles \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'applemdms_enrollmentprofileslist test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_getdevice + # Details of an AppleMDM Device + # Gets a single Apple MDM device. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/devices/{device_id} \\ -H 'accept: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param apple_mdm_id - # @param content_type - # @param accept + # @param device_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AppleMdmDevice] + describe 'applemdms_getdevice test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_list + # List Apple MDMs + # Get a list of all Apple MDM configurations. An empty topic indicates that a signed certificate from Apple has not been provided to the PUT endpoint yet. Note: currently only one MDM configuration per organization is supported. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/applemdms \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] - describe 'enrollmentprofiles_list test' do - it "should work" do + describe 'applemdms_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_put + # Update an Apple MDM + # Updates an Apple MDM configuration. This endpoint is used to supply JumpCloud with a signed certificate from Apple in order to finalize the setup and allow JumpCloud to manage your devices. It may also be used to update the DEP Settings. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/applemdms/{ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"MDM name\", \"appleSignedCert\": \"{CERTIFICATE}\", \"encryptedDepServerToken\": \"{SERVER_TOKEN}\", \"dep\": { \"welcomeScreen\": { \"title\": \"Welcome\", \"paragraph\": \"In just a few steps, you will be working securely from your Mac.\", \"button\": \"continue\", }, }, }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [AppleMdmPatch] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AppleMDM] + describe 'applemdms_put test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applemdms_refreshdepdevices + # Refresh DEP Devices + # Refreshes the list of devices that a JumpCloud admin has added to their virtual MDM in Apple Business Manager - ABM so that they can be DEP enrolled with JumpCloud. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applemdms/{apple_mdm_id}/refreshdepdevices \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param apple_mdm_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applemdms_refreshdepdevices test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/applications_api_spec.rb b/jcapiv2/spec/api/applications_api_spec.rb index 756d9c2..6c184f8 100644 --- a/jcapiv2/spec/api/applications_api_spec.rb +++ b/jcapiv2/spec/api/applications_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,72 +31,137 @@ end end + # unit tests for applications_delete_logo + # Delete application image + # Deletes the specified image from an application + # @param application_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applications_delete_logo test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applications_get + # Get an Application + # The endpoint retrieves an Application. + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Object] + describe 'applications_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for applications_post_logo + # Save application logo + # This endpoint sets the logo for an application. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/logo \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param application_id + # @param [Hash] opts the optional parameters + # @option opts [String] :image + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applications_post_logo test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + # unit tests for graph_application_associations_list # List the associations of an Application - # This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"application\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_application_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_application_associations_post # Manage the associations of an Application - # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationApplication] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_application_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_application_traverse_user # List the Users bound to an Application - # This endpoint will return all Users bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_application_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_application_traverse_user_group # List the User Groups bound to an Application - # This endpoint will return all Users Groups bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_application_traverse_user_group test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for import_create + # Create an import job + # This endpoint allows you to create a user import job that will import new users and/or update existing users in JumpCloud from the application. The endpoint can currently only be used for applications that have an active Identity Management custom API integration. The request will fail with a “Not found” error for applications if that type of integration is not configured. To learn more about configuring this type of integration, read [Import users from an external identity source using a custom API integration](https://support.jumpcloud.com/support/s/article/Import-users-from-a-custom-rest-API-integration). #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/applications/{application_id}/import/jobs \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' \\ -d '{ \"allowUserReactivation\": true, \"operations\": [ \"users.create\", \"users.update\" ] \"queryString\": \"location=Chicago&department=IT\" }' ``` + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [ImportUsersRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [JobId] + describe 'import_create test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for import_users + # Get a list of users to import from an Application IdM service provider + # Get a list of users to import from an Application IdM service provider. + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [String] :filter Filter users by a search term + # @option opts [String] :query URL query to merge with the service provider request + # @option opts [String] :sort Sort users by supported fields + # @option opts [String] :sort_order + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [ImportUsersResponse] + describe 'import_users test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/authentication_policies_api_spec.rb b/jcapiv2/spec/api/authentication_policies_api_spec.rb new file mode 100644 index 0000000..1af6f9a --- /dev/null +++ b/jcapiv2/spec/api/authentication_policies_api_spec.rb @@ -0,0 +1,104 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::AuthenticationPoliciesApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthenticationPoliciesApi' do + before do + # run before each test + @instance = JCAPIv2::AuthenticationPoliciesApi.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthenticationPoliciesApi' do + it 'should create an instance of AuthenticationPoliciesApi' do + expect(@instance).to be_instance_of(JCAPIv2::AuthenticationPoliciesApi) + end + end + + # unit tests for authnpolicies_delete + # Delete Authentication Policy + # Delete the specified authentication policy. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id Unique identifier of the authentication policy + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AuthnPolicy] + describe 'authnpolicies_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for authnpolicies_get + # Get an authentication policy + # Return a specific authentication policy. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id Unique identifier of the authentication policy + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AuthnPolicy] + describe 'authnpolicies_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for authnpolicies_list + # List Authentication Policies + # Get a list of all authentication policies. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/authn/policies \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :x_total_count + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + describe 'authnpolicies_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for authnpolicies_patch + # Patch Authentication Policy + # Patch the specified authentication policy. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/authn/policies/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"disabled\": false }' ``` + # @param id Unique identifier of the authentication policy + # @param [Hash] opts the optional parameters + # @option opts [AuthnPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AuthnPolicy] + describe 'authnpolicies_patch test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for authnpolicies_post + # Create an Authentication Policy + # Create an authentication policy. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/authn/policies \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample Policy\", \"disabled\": false, \"effect\": { \"action\": \"allow\" }, \"targets\": { \"users\": { \"inclusions\": [\"ALL\"] }, \"userGroups\": { \"exclusions\": [{USER_GROUP_ID}] }, \"resources\": [ {\"type\": \"user_portal\" } ] }, \"conditions\":{ \"ipAddressIn\": [{IP_LIST_ID}] } }' ``` + # @param [Hash] opts the optional parameters + # @option opts [AuthnPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [AuthnPolicy] + describe 'authnpolicies_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/bulk_job_requests_api_spec.rb b/jcapiv2/spec/api/bulk_job_requests_api_spec.rb index 2f4929c..95bafd2 100644 --- a/jcapiv2/spec/api/bulk_job_requests_api_spec.rb +++ b/jcapiv2/spec/api/bulk_job_requests_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,81 +31,126 @@ end end - # unit tests for bulk_users_create - # Bulk Users Create - # The endpoint allows you to create a bulk job to asynchronously create users. See [Create a System User](https://docs.jumpcloud.com/1.0/systemusers/create-a-system-user) for full list of attributes. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ {\"name\":\"EmployeeID\",\"value\":\"0000\"}, {\"name\":\"Custom\",\"value\":\"attribute\"} ] } ] ``` - # @param content_type - # @param accept + # unit tests for bulk_user_expires + # Bulk Expire Users + # The endpoint allows you to start a bulk job to asynchronously expire users. # @param [Hash] opts the optional parameters - # @option opts [Array] :body - # @option opts [String] :x_org_id + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [JobId] - describe 'bulk_users_create test' do - it "should work" do + describe 'bulk_user_expires test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for bulk_users_create_results - # List Bulk Users Results - # This endpoint will return the results of particular user import or update job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/bulk/users/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param job_id - # @param content_type - # @param accept + # unit tests for bulk_user_states_create + # Create Scheduled Userstate Job + # This endpoint allows you to create scheduled statechange jobs. #### Sample Request ``` curl -X POST \"https://console.jumpcloud.com/api/v2/bulk/userstates\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -d '{ \"user_ids\": [\"{User_ID_1}\", \"{User_ID_2}\", \"{User_ID_3}\"], \"state\": \"SUSPENDED\", \"start_date\": \"2000-01-01T00:00:00.000Z\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [BulkScheduledStatechangeCreate] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'bulk_user_states_create test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for bulk_user_states_delete + # Delete Scheduled Userstate Job + # This endpoint deletes a scheduled statechange job. #### Sample Request ``` curl -X DELETE \"https://console.jumpcloud.com/api/v2/bulk/userstates/{ScheduledJob_ID}\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' ``` + # @param id Unique identifier of the scheduled statechange job. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'bulk_user_states_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for bulk_user_states_get_next_scheduled + # Get the next scheduled state change for a list of users + # This endpoint is used to lookup the next upcoming scheduled state change for each user in the given list. The users parameter is limited to 100 items per request. The results are also limited to 100 items. This endpoint returns a max of 1 event per state per user. For example, if a user has 3 ACTIVATED events scheduled it will return the next upcoming activation event. However, if a user also has a SUSPENDED event scheduled along with the ACTIVATED events it will return the next upcoming activation event _and_ the next upcoming suspension event. + # @param users A list of system user IDs, limited to 100 items. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id - # @return [Array] - describe 'bulk_users_create_results test' do - it "should work" do + # @return [InlineResponse200] + describe 'bulk_user_states_get_next_scheduled test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for bulk_users_update - # Bulk Users Update - # The endpoint allows you to create a bulk job to asynchronously update users. See [Update a System User](https://docs.jumpcloud.com/1.0/systemusers/update-a-system-user) for full list of attributes. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"department\":\"{UPDATED_DEPARTMENT}\", \"attributes\":[ {\"name\":\"Custom\",\"value\":\"{ATTRIBUTE_VALUE}\"} ] }, { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"costCenter\":\"{UPDATED_COST_CENTER}\", \"phoneNumbers\":[ {\"type\":\"home\",\"number\":\"{HOME_PHONE_NUMBER}\"}, {\"type\":\"work\",\"number\":\"{WORK_PHONE_NUMBER}\"} ] } ] ``` - # @param content_type - # @param accept + # unit tests for bulk_user_states_list + # List Scheduled Userstate Change Jobs + # The endpoint allows you to list scheduled statechange jobs. #### Sample Request ``` curl -X GET \"https://console.jumpcloud.com/api/v2/bulk/userstates\" \\ -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' ``` # @param [Hash] opts the optional parameters - # @option opts [Array] :body - # @option opts [String] :x_org_id + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [String] :userid The systemuser id to filter by. + # @return [Array] + describe 'bulk_user_states_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for bulk_user_unlocks + # Bulk Unlock Users + # The endpoint allows you to start a bulk job to asynchronously unlock users. + # @param [Hash] opts the optional parameters + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [JobId] - describe 'bulk_users_update test' do - it "should work" do + describe 'bulk_user_unlocks test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for jobs_get - # Get Job (incomplete) - # **This endpoint is not complete and should remain hidden as it's not functional yet.** - # @param id - # @param content_type - # @param accept + # unit tests for bulk_users_create + # Bulk Users Create + # The endpoint allows you to create a bulk job to asynchronously create users. See [Create a System User](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_post) for the full list of attributes. #### Default User State The `state` of each user in the request can be explicitly passed in or omitted. If `state` is omitted, then the user will get created using the value returned from the [Get an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organizations_get) endpoint. The default user state for bulk created users depends on the `creation-source` header. For `creation-source:jumpcloud:bulk` the default state is stored in `settings.newSystemUserStateDefaults.csvImport`. For other `creation-source` header values, the default state is stored in `settings.newSystemUserStateDefaults.applicationImport` These default state values can be changed in the admin portal settings or by using the [Update an Organization](https://docs.jumpcloud.com/api/1.0/index.html#operation/organization_put) endpoint. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ { \"name\":\"EmployeeID\", \"value\":\"0000\" }, { \"name\":\"Custom\", \"value\":\"attribute\" } ] } ]' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [JobDetails] - describe 'jobs_get test' do - it "should work" do + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [String] :creation_source Defines the creation-source header for gapps, o365 and workdays requests. If the header isn't sent, the default value is `jumpcloud:bulk`, if you send the header with a malformed value you receive a 400 error. + # @return [JobId] + describe 'bulk_users_create test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for jobs_results - # List Job Results - # This endpoint will return the results of particular import job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/jobs/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param id - # @param content_type - # @param accept + # unit tests for bulk_users_create_results + # List Bulk Users Results + # This endpoint will return the results of particular user import or update job request. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/bulk/users/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param job_id # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - describe 'jobs_results test' do - it "should work" do + describe 'bulk_users_create_results test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for bulk_users_update + # Bulk Users Update + # The endpoint allows you to create a bulk job to asynchronously update users. See [Update a System User](https://docs.jumpcloud.com/api/1.0/index.html#operation/systemusers_put) for full list of attributes. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/bulk/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"department\":\"{UPDATED_DEPARTMENT}\", \"attributes\":[ {\"name\":\"Custom\",\"value\":\"{ATTRIBUTE_VALUE}\"} ] }, { \"id\":\"5be9fb4ddb01290001e85109\", \"firstname\":\"{UPDATED_FIRSTNAME}\", \"costCenter\":\"{UPDATED_COST_CENTER}\", \"phoneNumbers\":[ {\"type\":\"home\",\"number\":\"{HOME_PHONE_NUMBER}\"}, {\"type\":\"work\",\"number\":\"{WORK_PHONE_NUMBER}\"} ] } ] ``` + # @param [Hash] opts the optional parameters + # @option opts [Array] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [JobId] + describe 'bulk_users_update test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/command_results_api_spec.rb b/jcapiv2/spec/api/command_results_api_spec.rb new file mode 100644 index 0000000..c3332b8 --- /dev/null +++ b/jcapiv2/spec/api/command_results_api_spec.rb @@ -0,0 +1,49 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::CommandResultsApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CommandResultsApi' do + before do + # run before each test + @instance = JCAPIv2::CommandResultsApi.new + end + + after do + # run after each test + end + + describe 'test an instance of CommandResultsApi' do + it 'should create an instance of CommandResultsApi' do + expect(@instance).to be_instance_of(JCAPIv2::CommandResultsApi) + end + end + + # unit tests for commands_list_results_by_workflow + # List all Command Results by Workflow + # This endpoint returns all command results, grouped by workflowInstanceId. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commandresult/workflows \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :skip The offset into the records to return. + # @return [CommandResultList] + describe 'commands_list_results_by_workflow test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/commands_api_spec.rb b/jcapiv2/spec/api/commands_api_spec.rb index 5828e99..475e385 100644 --- a/jcapiv2/spec/api/commands_api_spec.rb +++ b/jcapiv2/spec/api/commands_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,72 +31,94 @@ end end + # unit tests for commands_cancel_queued_commands_by_workflow_instance_id + # Cancel all queued commands for an organization by workflow instance Id + # This endpoint allows all queued commands for one workflow instance to be canceled. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/commandqueue/{workflow_instance_id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param workflow_instance_id Workflow instance Id of the queued commands to cancel. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'commands_cancel_queued_commands_by_workflow_instance_id test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for commands_get_queued_commands_by_workflow + # Fetch the queued Commands for an Organization + # This endpoint will return all queued Commands for an Organization. Each element will contain the workflow ID, the command name, the launch type (e.g. manual, triggered, or scheduled), the target OS, the number of assigned devices, and the number of pending devices that have not yet ran the command. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/queuedcommand/workflows \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :search The search string to query records + # @return [QueuedCommandList] + describe 'commands_get_queued_commands_by_workflow test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + # unit tests for graph_command_associations_list # List the associations of a Command - # This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"command\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_command_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_command_associations_post # Manage the associations of a Command - # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` + # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationCommand] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_command_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_command_traverse_system # List the Systems bound to a Command - # This endpoint will return all Systems bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systems \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systems \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_command_traverse_system test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_command_traverse_system_group # List the System Groups bound to a Command - # This endpoint will return all System Groups bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systemgroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systemgroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_command_traverse_system_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/custom_emails_api_spec.rb b/jcapiv2/spec/api/custom_emails_api_spec.rb new file mode 100644 index 0000000..c421c88 --- /dev/null +++ b/jcapiv2/spec/api/custom_emails_api_spec.rb @@ -0,0 +1,98 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::CustomEmailsApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CustomEmailsApi' do + before do + # run before each test + @instance = JCAPIv2::CustomEmailsApi.new + end + + after do + # run after each test + end + + describe 'test an instance of CustomEmailsApi' do + it 'should create an instance of CustomEmailsApi' do + expect(@instance).to be_instance_of(JCAPIv2::CustomEmailsApi) + end + end + + # unit tests for custom_emails_create + # Create custom email configuration + # Create the custom email configuration for the specified custom email type. This action is only available to paying customers. + # @param [Hash] opts the optional parameters + # @option opts [CustomEmail] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [CustomEmail] + describe 'custom_emails_create test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for custom_emails_destroy + # Delete custom email configuration + # Delete the custom email configuration for the specified custom email type + # @param custom_email_type + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'custom_emails_destroy test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for custom_emails_get_templates + # List custom email templates + # Get the list of custom email templates + # @param [Hash] opts the optional parameters + # @return [Array] + describe 'custom_emails_get_templates test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for custom_emails_read + # Get custom email configuration + # Get the custom email configuration for the specified custom email type + # @param custom_email_type + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [CustomEmail] + describe 'custom_emails_read test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for custom_emails_update + # Update custom email configuration + # Update the custom email configuration for the specified custom email type. This action is only available to paying customers. + # @param custom_email_type + # @param [Hash] opts the optional parameters + # @option opts [CustomEmail] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [CustomEmail] + describe 'custom_emails_update test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/default_api_spec.rb b/jcapiv2/spec/api/default_api_spec.rb deleted file mode 100644 index a4b5eee..0000000 --- a/jcapiv2/spec/api/default_api_spec.rb +++ /dev/null @@ -1,98 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' - -# Unit tests for JCAPIv2::DefaultApi -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'DefaultApi' do - before do - # run before each test - @instance = JCAPIv2::DefaultApi.new - end - - after do - # run after each test - end - - describe 'test an instance of DefaultApi' do - it 'should create an instance of DefaultApi' do - expect(@instance).to be_instance_of(JCAPIv2::DefaultApi) - end - end - - # unit tests for jc_enrollment_profiles_delete - # Delete Enrollment Profile - # - # @param enrollment_profile_id - # @param [Hash] opts the optional parameters - # @return [JcEnrollmentProfile] - describe 'jc_enrollment_profiles_delete test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for jc_enrollment_profiles_get - # Get Enrollment Profile - # - # @param enrollment_profile_id - # @param [Hash] opts the optional parameters - # @option opts [JcEnrollmentProfile] :body - # @return [nil] - describe 'jc_enrollment_profiles_get test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for jc_enrollment_profiles_list - # List Enrollment Profiles - # - # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [Integer] :skip The offset into the records to return. - # @return [Array] - describe 'jc_enrollment_profiles_list test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for jc_enrollment_profiles_post - # Create new Enrollment Profile - # - # @param [Hash] opts the optional parameters - # @option opts [Body1] :body - # @return [JcEnrollmentProfile] - describe 'jc_enrollment_profiles_post test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for jc_enrollment_profiles_put - # Update Enrollment Profile - # - # @param enrollment_profile_id - # @param [Hash] opts the optional parameters - # @option opts [Body2] :body - # @return [JcEnrollmentProfile] - describe 'jc_enrollment_profiles_put test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end diff --git a/jcapiv2/spec/api/directories_api_spec.rb b/jcapiv2/spec/api/directories_api_spec.rb index ce90c07..4c397bd 100644 --- a/jcapiv2/spec/api/directories_api_spec.rb +++ b/jcapiv2/spec/api/directories_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,18 +33,16 @@ # unit tests for directories_list # List All Directories - # This endpoint returns all active directories (LDAP, O365 Suite, G-Suite). #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all active directories (LDAP, O365 Suite, G-Suite). #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'directories_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/duo_api_spec.rb b/jcapiv2/spec/api/duo_api_spec.rb index 8fc35e6..47fcdc0 100644 --- a/jcapiv2/spec/api/duo_api_spec.rb +++ b/jcapiv2/spec/api/duo_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,138 +33,120 @@ # unit tests for duo_account_delete # Delete a Duo Account - # Removes the specified Duo account, an error will be returned if the account has some Duo application used in a protected resource. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/duo/accounts/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Removes the specified Duo account, an error will be returned if the account has some Duo application used in a protected resource. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/duo/accounts/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Duo Account - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoAccount] describe 'duo_account_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for duo_account_get # Get a Duo Acount - # This endpoint returns a specific Duo account. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific Duo account. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Duo Account - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoAccount] describe 'duo_account_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for duo_account_list - # List Duo Acounts - # This endpoint returns all the Duo accounts for your organization. Note: There can currently only be one Duo account for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # List Duo Accounts + # This endpoint returns all the Duo accounts for your organization. Note: There can currently only be one Duo account for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'duo_account_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for duo_account_post # Create Duo Account - # Registers a Duo account for an organization. Only one Duo account will be allowed, in case an organization has a Duo account already a 409 (Conflict) code will be returned. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` - # @param content_type - # @param accept + # Registers a Duo account for an organization. Only one Duo account will be allowed, in case an organization has a Duo account already a 409 (Conflict) code will be returned. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/duo/accounts \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoAccount] describe 'duo_account_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for duo_application_delete # Delete a Duo Application - # Deletes the specified Duo application, an error will be returned if the application is used in a protected resource. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}'' ``` + # Deletes the specified Duo application, an error will be returned if the application is used in a protected resource. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}'' ``` # @param account_id # @param application_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoApplication] describe 'duo_application_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for duo_application_get # Get a Duo application - # This endpoint returns a specific Duo application that is associated with the specified Duo account. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific Duo application that is associated with the specified Duo account. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param account_id # @param application_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoApplication] describe 'duo_application_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for duo_application_list # List Duo Applications - # This endpoint returns all the Duo applications for the specified Duo account. Note: There can currently only be one Duo application for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all the Duo applications for the specified Duo account. Note: There can currently only be one Duo application for your organization. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param account_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'duo_application_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for duo_application_post # Create Duo Application - # Creates a Duo application for your organization and the specified account. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Application Name\", \"apiHost\": \"api-1234.duosecurity.com\", \"integrationKey\": \"1234\", \"secretKey\": \"5678\" }' ``` + # Creates a Duo application for your organization and the specified account. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Application Name\", \"apiHost\": \"api-1234.duosecurity.com\", \"integrationKey\": \"1234\", \"secretKey\": \"5678\" }' ``` # @param account_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [DuoApplicationReq] :body - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoApplication] describe 'duo_application_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for duo_application_update # Update Duo Application - # Updates the specified Duo application. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Application Name\", \"apiHost\": \"api-1234.duosecurity.com\", \"integrationKey\": \"1234\", \"secretKey\": \"5678\" }' ``` + # Updates the specified Duo application. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Application Name\", \"apiHost\": \"api-1234.duosecurity.com\", \"integrationKey\": \"1234\", \"secretKey\": \"5678\" }' ``` # @param account_id # @param application_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [DuoApplicationUpdateReq] :body - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [DuoApplication] describe 'duo_application_update test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/fde_api_spec.rb b/jcapiv2/spec/api/fde_api_spec.rb index 04b2876..4f29bf9 100644 --- a/jcapiv2/spec/api/fde_api_spec.rb +++ b/jcapiv2/spec/api/fde_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -37,10 +36,10 @@ # This endpoint will return the current (latest) fde key saved for a system. # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Systemfdekey] describe 'systems_get_fde_key test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/feature_trials_api_spec.rb b/jcapiv2/spec/api/feature_trials_api_spec.rb new file mode 100644 index 0000000..d28d926 --- /dev/null +++ b/jcapiv2/spec/api/feature_trials_api_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::FeatureTrialsApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'FeatureTrialsApi' do + before do + # run before each test + @instance = JCAPIv2::FeatureTrialsApi.new + end + + after do + # run after each test + end + + describe 'test an instance of FeatureTrialsApi' do + it 'should create an instance of FeatureTrialsApi' do + expect(@instance).to be_instance_of(JCAPIv2::FeatureTrialsApi) + end + end + + # unit tests for feature_trials_get_feature_trials + # Check current feature trial usage for a specific feature + # This endpoint get's the current state of a feature trial for an org. #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.local/api/v2/featureTrials/zeroTrust \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param feature_code + # @param [Hash] opts the optional parameters + # @return [FeatureTrialData] + describe 'feature_trials_get_feature_trials test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/g_suite_api_spec.rb b/jcapiv2/spec/api/g_suite_api_spec.rb index b3dd052..008bd76 100644 --- a/jcapiv2/spec/api/g_suite_api_spec.rb +++ b/jcapiv2/spec/api/g_suite_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,165 +31,222 @@ end end + # unit tests for gapps_domains_delete + # Delete a domain from a Google Workspace integration instance + # Delete a domain from a specific Google Workspace directory sync integration instance. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains/{domainId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param gsuite_id Id for the specific Google Workspace directory sync integration instance. + # @param domain_id Id for the domain. + # @param [Hash] opts the optional parameters + # @return [JumpcloudGappsDomainResponse] + describe 'gapps_domains_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for gapps_domains_insert + # Add a domain to a Google Workspace integration instance + # Add a domain to a specific Google Workspace directory sync integration instance. The domain must be a verified domain in Google Workspace. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"domain\": \"{domain name}\"}' ``` + # @param gsuite_id Id for the specific Google Workspace directory sync integration instance. + # @param [Hash] opts the optional parameters + # @option opts [String] :domain + # @return [JumpcloudGappsDomainResponse] + describe 'gapps_domains_insert test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for gapps_domains_list + # List all domains configured for the Google Workspace integration instance + # List the domains configured for a specific Google Workspace directory sync integration instance. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param gsuite_id Id for the specific Google Workspace directory sync integration instance.. + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :skip The offset into the records to return. + # @return [JumpcloudGappsDomainListResponse] + describe 'gapps_domains_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + # unit tests for graph_g_suite_associations_list # List the associations of a G Suite instance - # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"g_suite\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_g_suite_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_g_suite_associations_post # Manage the associations of a G Suite instance - # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param gsuite_id ObjectID of the G Suite instance. # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationGSuite] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_g_suite_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_g_suite_traverse_user # List the Users bound to a G Suite instance - # This endpoint will return all Users bound to a G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_g_suite_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_g_suite_traverse_user_group # List the User Groups bound to a G Suite instance - # This endpoint will return all User Groups bound to an G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSuite_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to an G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSuite_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_g_suite_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for gsuites_get # Get G Suite - # This endpoint returns a specific G Suite. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific G Suite. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id Unique identifier of the GSuite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [GsuiteOutput] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Gsuite] describe 'gsuites_get test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for gsuites_list_import_jumpcloud_users + # Get a list of users in Jumpcloud format to import from a Google Workspace account. + # Lists available G Suite users for import, translated to the Jumpcloud user schema. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [InlineResponse2001] + describe 'gsuites_list_import_jumpcloud_users test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for gsuites_list_import_users + # Get a list of users to import from a G Suite instance + # Lists G Suite users available for import. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [InlineResponse2002] + describe 'gsuites_list_import_users test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for gsuites_patch # Update existing G Suite - # This endpoint allows updating some attributes of a G Suite. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"remove\", \"userPasswordExpirationAction\": \"disable\" }' ``` + # This endpoint allows updating some attributes of a G Suite. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"suspend\", \"userPasswordExpirationAction\": \"maintain\" }' ``` Sample Request, set a default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": { \"id\": \"{domainObjectID}\" } }' ``` Sample Request, unset the default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": {} }' ``` # @param id Unique identifier of the GSuite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GsuitePatchInput] :body - # @option opts [String] :x_org_id - # @return [GsuiteOutput] + # @option opts [Gsuite] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Gsuite] describe 'gsuites_patch test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for translation_rules_g_suite_delete # Deletes a G Suite translation rule - # This endpoint allows you to delete a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @return [nil] describe 'translation_rules_g_suite_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for translation_rules_g_suite_get # Gets a specific G Suite translation rule - # This endpoint returns a specific translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @return [GSuiteTranslationRule] describe 'translation_rules_g_suite_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for translation_rules_g_suite_list # List all the G Suite Translation Rules - # This endpoint returns all graph translation rules for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all graph translation rules for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @return [Array] describe 'translation_rules_g_suite_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for translation_rules_g_suite_post # Create a new G Suite Translation Rule - # This endpoint allows you to create a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` + # This endpoint allows you to create a translation rule for a specific G Suite instance. These rules specify how JumpCloud attributes translate to [G Suite Admin SDK](https://developers.google.com/admin-sdk/directory/) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{gsuite_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` # @param gsuite_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [GSuiteTranslationRuleRequest] :body # @return [GSuiteTranslationRule] describe 'translation_rules_g_suite_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/g_suite_import_api_spec.rb b/jcapiv2/spec/api/g_suite_import_api_spec.rb new file mode 100644 index 0000000..49b2da2 --- /dev/null +++ b/jcapiv2/spec/api/g_suite_import_api_spec.rb @@ -0,0 +1,69 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::GSuiteImportApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GSuiteImportApi' do + before do + # run before each test + @instance = JCAPIv2::GSuiteImportApi.new + end + + after do + # run after each test + end + + describe 'test an instance of GSuiteImportApi' do + it 'should create an instance of GSuiteImportApi' do + expect(@instance).to be_instance_of(JCAPIv2::GSuiteImportApi) + end + end + + # unit tests for gsuites_list_import_jumpcloud_users + # Get a list of users in Jumpcloud format to import from a Google Workspace account. + # Lists available G Suite users for import, translated to the Jumpcloud user schema. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [InlineResponse2001] + describe 'gsuites_list_import_jumpcloud_users test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for gsuites_list_import_users + # Get a list of users to import from a G Suite instance + # Lists G Suite users available for import. + # @param gsuite_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :max_results Google Directory API maximum number of results per page. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :order_by Google Directory API sort field parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :page_token Google Directory API token used to access the next page of results. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @option opts [String] :query Google Directory API search parameter. See https://developers.google.com/admin-sdk/directory/v1/guides/search-users. + # @option opts [String] :sort_order Google Directory API sort direction parameter. See https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/list. + # @return [InlineResponse2002] + describe 'gsuites_list_import_users test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/google_emm_api_spec.rb b/jcapiv2/spec/api/google_emm_api_spec.rb new file mode 100644 index 0000000..9d2f147 --- /dev/null +++ b/jcapiv2/spec/api/google_emm_api_spec.rb @@ -0,0 +1,222 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::GoogleEMMApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GoogleEMMApi' do + before do + # run before each test + @instance = JCAPIv2::GoogleEMMApi.new + end + + after do + # run after each test + end + + describe 'test an instance of GoogleEMMApi' do + it 'should create an instance of GoogleEMMApi' do + expect(@instance).to be_instance_of(JCAPIv2::GoogleEMMApi) + end + end + + # unit tests for devices_erase_device + # Erase the Android Device + # Removes the work profile and all policies from a personal/company-owned Android 8.0+ device. Company owned devices will be relinquished for personal use. Apps and data associated with the personal profile(s) are preserved. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/erase-device \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmCommandResponse] + describe 'devices_erase_device test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for devices_get_device + # Get device + # Gets a Google EMM enrolled device details. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmDevice] + describe 'devices_get_device test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for devices_get_device_android_policy + # Get the policy JSON of a device + # Gets an android JSON policy for a Google EMM enrolled device. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/policy_results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmDeviceAndroidPolicy] + describe 'devices_get_device_android_policy test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for devices_list_devices + # List devices + # Lists google EMM enrolled devices. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/enterprises/{enterprise_object_id}/devices \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param enterprise_object_id + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :skip The offset into the records to return. + # @option opts [Array] :filter + # @return [JumpcloudGoogleEmmListDevicesResponse] + describe 'devices_list_devices test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for devices_lock_device + # Lock device + # Locks a Google EMM enrolled device, as if the lock screen timeout had expired. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/lock \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmCommandResponse] + describe 'devices_lock_device test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for devices_reboot_device + # Reboot device + # Reboots a Google EMM enrolled device. Only supported on fully managed devices running Android 7.0 or higher. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/reboot \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmCommandResponse] + describe 'devices_reboot_device test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for devices_reset_password + # Reset Password of a device + # Reset the user's password of a Google EMM enrolled device. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/devices/{deviceId}/resetpassword \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'new_password' : 'string' }' \\ ``` + # @param body + # @param device_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmCommandResponse] + describe 'devices_reset_password test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for enrollment_tokens_create_enrollment_token + # Create an enrollment token + # Gets an enrollment token to enroll a device into Google EMM. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/enrollment-tokens \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmCreateEnrollmentTokenResponse] + describe 'enrollment_tokens_create_enrollment_token test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for enterprises_create_enterprise + # Create a Google Enterprise + # Creates a Google EMM enterprise. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'signupUrlName': 'string', 'enrollmentToken': 'string' }' \\ ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmEnterprise] + describe 'enterprises_create_enterprise test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for enterprises_delete_enterprise + # Delete a Google Enterprise + # Removes a Google EMM enterprise. Warning: This is a destructive operation and will remove all data associated with Google EMM enterprise from JumpCloud including devices and applications associated with the given enterprise. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/google-emm/devices/{enterpriseId} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param enterprise_id + # @param [Hash] opts the optional parameters + # @return [Object] + describe 'enterprises_delete_enterprise test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for enterprises_get_connection_status + # Test connection with Google + # Gives a connection status between JumpCloud and Google. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/devices/{enterpriseId}/connection-status \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param enterprise_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmConnectionStatus] + describe 'enterprises_get_connection_status test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for enterprises_list_enterprises + # List Google Enterprises + # Lists all Google EMM enterprises. An empty list indicates that the Organization is not configured with a Google EMM enterprise yet. Note: Currently only one Google Enterprise per Organization is supported. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :skip The offset into the records to return. + # @return [JumpcloudGoogleEmmListEnterprisesResponse] + describe 'enterprises_list_enterprises test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for enterprises_patch_enterprise + # Update a Google Enterprise + # Updates a Google EMM enterprise details. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/google-emm/enterprises \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ 'allowDeviceEnrollment': true, 'deviceGroupId': 'string' }' \\ ``` + # @param body + # @param enterprise_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmEnterprise] + describe 'enterprises_patch_enterprise test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for signup_urls_create + # Get a Signup URL to enroll Google enterprise + # Creates a Google EMM enterprise signup URL. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/signup-urls \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmSignupURL] + describe 'signup_urls_create test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for web_tokens_create_web_token + # Get a web token to render Google Play iFrame + # Creates a web token to access an embeddable managed Google Play web UI for a given Google EMM enterprise. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/google-emm/web-tokens \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [JumpcloudGoogleEmmWebToken] + describe 'web_tokens_create_web_token test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/graph_api_spec.rb b/jcapiv2/spec/api/graph_api_spec.rb index 96ce340..94f7b95 100644 --- a/jcapiv2/spec/api/graph_api_spec.rb +++ b/jcapiv2/spec/api/graph_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,1374 +33,1413 @@ # unit tests for graph_active_directory_associations_list # List the associations of an Active Directory instance - # This endpoint returns the direct associations of this Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/associations?targets=user \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the direct associations of this Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/associations?targets=user \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"active_directory\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_active_directory_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_active_directory_associations_post # Manage the associations of an Active Directory instance - # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" } ' ``` + # This endpoint allows you to manage the _direct_ associations of an Active Directory instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Active Directory and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/activedirectories/{AD_Instance_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param activedirectory_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationActiveDirectory] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_active_directory_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_active_directory_traverse_user # List the Users bound to an Active Directory instance - # This endpoint will return all Users bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id ObjectID of the Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @return [Array] describe 'graph_active_directory_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_active_directory_traverse_user_group # List the User Groups bound to an Active Directory instance - # This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Active Directory instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Active Directory instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Active Directory instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/activedirectories/{ActiveDirectory_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param activedirectory_id ObjectID of the Active Directory instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_active_directory_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_application_associations_list # List the associations of an Application - # This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Applications and User Groups. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"application\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_application_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_application_associations_post # Manage the associations of an Application - # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of an Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Application and User Groups. #### Sample Request ``` curl -X POST 'https://console.jumpcloud.com/api/v2/applications/{Application_ID}/associations' \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationApplication] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_application_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_application_traverse_user # List the Users bound to an Application - # This endpoint will return all Users bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_application_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_application_traverse_user_group # List the User Groups bound to an Application - # This endpoint will return all Users Groups bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Application, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Application to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Application. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/applications/{Application_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param application_id ObjectID of the Application. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_application_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_command_associations_list # List the associations of a Command - # This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"command\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_command_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_command_associations_post # Manage the associations of a Command - # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` + # This endpoint will allow you to manage the _direct_ associations of this Command. A direct association can be a non-homogeneous relationship between 2 different objects, for example Commands and User Groups. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/commands/{Command_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"Group_ID\" }' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationCommand] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_command_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_command_traverse_system # List the Systems bound to a Command - # This endpoint will return all Systems bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systems \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systems \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_command_traverse_system test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_command_traverse_system_group # List the System Groups bound to a Command - # This endpoint will return all System Groups bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systemgroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a Command, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Command to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Command. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/commands/{Command_ID}/systemgroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param command_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_command_traverse_system_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_g_suite_associations_list # List the associations of a G Suite instance - # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"g_suite\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_g_suite_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_g_suite_associations_post # Manage the associations of a G Suite instance - # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint returns the _direct_ associations of this G Suite instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example G Suite and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/associations \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param gsuite_id ObjectID of the G Suite instance. # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationGSuite] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_g_suite_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_g_suite_traverse_user # List the Users bound to a G Suite instance - # This endpoint will return all Users bound to a G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{Gsuite_ID}/users \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_g_suite_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_g_suite_traverse_user_group # List the User Groups bound to a G Suite instance - # This endpoint will return all User Groups bound to an G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSuite_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to an G Suite instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this G Suite instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this G Suite instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/gsuites/{GSuite_ID}/usergroups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param gsuite_id ObjectID of the G Suite instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_g_suite_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_ldap_server_associations_list # List the associations of a LDAP Server - # This endpoint returns the _direct_ associations of this LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"ldap_server\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_ldap_server_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_ldap_server_associations_post # Manage the associations of a LDAP Server - # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationLdapServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_ldap_server_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_ldap_server_traverse_user # List the Users bound to a LDAP Server - # This endpoint will return all Users bound to an LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_ldap_server_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_ldap_server_traverse_user_group # List the User Groups bound to a LDAP Server - # This endpoint will return all Users Groups bound to a LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to a LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_ldap_server_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_office365_associations_list # List the associations of an Office 365 instance - # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations?targets=user_group' \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"office_365\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_office365_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_office365_associations_post # Manage the associations of an Office 365 instance - # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationOffice365] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_office365_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_office365_traverse_user # List the Users bound to an Office 365 instance - # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_office365_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_office365_traverse_user_group # List the User Groups bound to an Office 365 instance - # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_office365_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_policy_associations_list # List the associations of a Policy - # This endpoint returns the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Policy. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"policy\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_policy_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_policy_associations_post # Manage the associations of a Policy - # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` # @param policy_id ObjectID of the Policy. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_policy_associations_post test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_associations_list + # List the associations of a Policy Group. + # This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param targets Targets which a \"policy_group\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_group_associations_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_associations_post + # Manage the associations of a Policy Group + # This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'graph_policy_group_associations_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_members_list + # List the members of a Policy Group + # This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_group_members_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_members_post + # Manage the members of a Policy Group + # This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'graph_policy_group_members_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_membership + # List the Policy Group's membership + # This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_group_membership test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_traverse_system + # List the Systems bound to a Policy Group + # This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_policy_group_traverse_system test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_traverse_system_group + # List the System Groups bound to Policy Groups + # This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_policy_group_traverse_system_group test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_member_of + # List the parent Groups of a Policy + # This endpoint returns all the Policy Groups a Policy is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param policy_id ObjectID of the Policy. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_member_of test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_policy_traverse_system # List the Systems bound to a Policy - # This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_policy_traverse_system test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_policy_traverse_system_group # List the System Groups bound to a Policy - # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_policy_traverse_system_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_radius_server_associations_list # List the associations of a RADIUS Server - # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"radius_server\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_radius_server_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_radius_server_associations_post # Manage the associations of a RADIUS Server - # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationRadiusServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_radius_server_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_radius_server_traverse_user # List the Users bound to a RADIUS Server - # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_radius_server_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_radius_server_traverse_user_group # List the User Groups bound to a RADIUS Server - # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_radius_server_traverse_user_group test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_softwareapps_associations_list + # List the associations of a Software Application + # This endpoint will return the _direct_ associations of a Software Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Software Application and System Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param targets Targets which a \"software_app\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_softwareapps_associations_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_softwareapps_associations_post + # Manage the associations of a software application. + # This endpoint allows you to associate or disassociate a software application to a system or system group. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"id\": \"<object_id>\", \"op\": \"add\", \"type\": \"system\" }' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationSoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'graph_softwareapps_associations_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_softwareapps_traverse_system + # List the Systems bound to a Software App. + # This endpoint will return all Systems bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_softwareapps_traverse_system test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_softwareapps_traverse_system_group + # List the System Groups bound to a Software App. + # This endpoint will return all Systems Groups bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_softwareapps_traverse_system_group test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_associations_list # List the associations of a System - # This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_associations_post # Manage associations of a System - # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGraphManagementReq] :body + # @option opts [GraphOperationSystem] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_system_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_associations_list # List the associations of a System Group - # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_group_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_associations_post # Manage the associations of a System Group - # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupGraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationSystemGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_system_group_associations_post test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for graph_system_group_member_of - # List the System Group's parents - # This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. - # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array] - describe 'graph_system_group_member_of test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_members_list # List the members of a System Group - # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_group_members_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_members_post # Manage the members of a System Group - # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` + # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupMembersReq] :body + # @option opts [GraphOperationSystemGroupMember] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_system_group_members_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_membership - # List the System Group's membership - # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the System Group's membership + # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_group_membership test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_command # List the Commands bound to a System Group - # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array] + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array] describe 'graph_system_group_traverse_command test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_policy # List the Policies bound to a System Group - # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_group_traverse_policy test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_system_group_traverse_policy_group + # List the Policy Groups bound to a System Group + # This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the System Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_system_group_traverse_policy_group test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_user # List the Users bound to a System Group - # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_group_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_user_group # List the User Groups bound to a System Group - # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_group_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_member_of # List the parent Groups of a System - # This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_member_of test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_traverse_command # List the Commands bound to a System - # This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array] + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array] describe 'graph_system_traverse_command test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_traverse_policy # List the Policies bound to a System - # This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_traverse_policy test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_system_traverse_policy_group + # List the Policy Groups bound to a System + # This endpoint will return all Policy Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param system_id ObjectID of the System. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_system_traverse_policy_group test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_traverse_user # List the Users bound to a System - # This endpoint will return all Users bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_traverse_user_group # List the User Groups bound to a System - # This endpoint will return all User Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_associations_list # List the associations of a User - # This endpoint returns the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_associations_post # Manage the associations of a User - # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' + # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationUser] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_user_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_associations_list # List the associations of a User Group. - # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_group_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_associations_post # Manage the associations of a User Group - # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupGraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationUserGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_user_group_associations_post test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for graph_user_group_member_of - # List the User Group's parents - # This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, - # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array] - describe 'graph_user_group_member_of test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_members_list # List the members of a User Group - # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_group_members_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_members_post # Manage the members of a User Group - # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupMembersReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationUserGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_user_group_members_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_membership - # List the User Group's membership - # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the User Group's membership + # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_group_membership test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_active_directory # List the Active Directories bound to a User Group - # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_active_directory test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_application # List the Applications bound to a User Group - # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_application test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_directory # List the Directories bound to a User Group - # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_directory test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_g_suite # List the G Suite instances bound to a User Group - # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_g_suite test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_ldap_server # List the LDAP Servers bound to a User Group - # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_ldap_server test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_office365 # List the Office 365 instances bound to a User Group - # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_office365 test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_radius_server # List the RADIUS Servers bound to a User Group - # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_radius_server test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_system # List the Systems bound to a User Group - # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_system test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_system_group # List the System Groups bound to User Groups - # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_system_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_member_of # List the parent Groups of a User - # This endpoint returns all the User Groups a User is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all the User Groups a User is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_member_of test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_active_directory # List the Active Directory instances bound to a User - # This endpoint will return all Active Directory Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Active Directory instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Active Directory Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Active Directory instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @return [Array] describe 'graph_user_traverse_active_directory test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_application # List the Applications bound to a User - # This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_application test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_directory # List the Directories bound to a User - # This endpoint will return all Directories bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directory from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Directories bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directory from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_directory test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_g_suite # List the G Suite instances bound to a User - # This endpoint will return all G-Suite Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all G-Suite Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_g_suite test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_ldap_server # List the LDAP servers bound to a User - # This endpoint will return all LDAP Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all LDAP Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_ldap_server test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_office365 # List the Office 365 instances bound to a User - # This endpoint will return all Office 365 Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Office 365 Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_office365 test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_radius_server # List the RADIUS Servers bound to a User - # This endpoint will return all RADIUS Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all RADIUS Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_radius_server test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_system # List the Systems bound to a User - # This endpoint will return all Systems bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systems\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systems\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_system test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_system_group # List the System Groups bound to a User - # This endpoint will return all System Groups bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systemgroups\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systemgroups\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_system_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for policystatuses_list + # unit tests for policystatuses_systems_list # List the policy statuses for a system - # This endpoint returns the policy results for a particular system. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the policy results for a particular system. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - describe 'policystatuses_list test' do - it "should work" do + describe 'policystatuses_systems_list test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/groups_api_spec.rb b/jcapiv2/spec/api/groups_api_spec.rb index 30fb831..7112db5 100644 --- a/jcapiv2/spec/api/groups_api_spec.rb +++ b/jcapiv2/spec/api/groups_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,19 +33,18 @@ # unit tests for groups_list # List All Groups - # This endpoint returns all Groups that exist in your organization. #### Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/groups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all Groups that exist in your organization. #### Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/groups \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :x_unfiltered_total_count If provided in the request with any non-empty value, this header will be returned on the response populated with the total count of objects without filters taken into account # @return [Array] describe 'groups_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/image_api_spec.rb b/jcapiv2/spec/api/image_api_spec.rb new file mode 100644 index 0000000..3e42fd3 --- /dev/null +++ b/jcapiv2/spec/api/image_api_spec.rb @@ -0,0 +1,47 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::ImageApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ImageApi' do + before do + # run before each test + @instance = JCAPIv2::ImageApi.new + end + + after do + # run after each test + end + + describe 'test an instance of ImageApi' do + it 'should create an instance of ImageApi' do + expect(@instance).to be_instance_of(JCAPIv2::ImageApi) + end + end + + # unit tests for applications_delete_logo + # Delete application image + # Deletes the specified image from an application + # @param application_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'applications_delete_logo test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/ip_lists_api_spec.rb b/jcapiv2/spec/api/ip_lists_api_spec.rb new file mode 100644 index 0000000..f80317d --- /dev/null +++ b/jcapiv2/spec/api/ip_lists_api_spec.rb @@ -0,0 +1,118 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::IPListsApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'IPListsApi' do + before do + # run before each test + @instance = JCAPIv2::IPListsApi.new + end + + after do + # run after each test + end + + describe 'test an instance of IPListsApi' do + it 'should create an instance of IPListsApi' do + expect(@instance).to be_instance_of(JCAPIv2::IPListsApi) + end + end + + # unit tests for iplists_delete + # Delete an IP list + # Delete a specific IP list. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [IPList] + describe 'iplists_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for iplists_get + # Get an IP list + # Return a specific IP list. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [IPList] + describe 'iplists_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for iplists_list + # List IP Lists + # Retrieve all IP lists. #### Sample Request ``` curl https://console.jumpcloud.com/api/v2/iplists \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :x_total_count + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + describe 'iplists_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for iplists_patch + # Update an IP list + # Update a specific IP list. #### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"name\": \"New IP List Name\"}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [IPListRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [IPList] + describe 'iplists_patch test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for iplists_post + # Create IP List + # Create an IP list. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/iplists \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample IP List\", \"ips\": [ \"192.168.10.12\", \"192.168.10.20 - 192.168.10.30\", \"123.225.10.0/32\" ] }' ``` + # @param [Hash] opts the optional parameters + # @option opts [IPListRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [IPList] + describe 'iplists_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for iplists_put + # Replace an IP list + # Replace a specific IP list. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/iplists/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Sample IP List\", \"ips\": [ \"192.168.10.10\" ] }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [IPListRequest] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [IPList] + describe 'iplists_put test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/knowledge_api_spec.rb b/jcapiv2/spec/api/knowledge_api_spec.rb deleted file mode 100644 index bbbc1f0..0000000 --- a/jcapiv2/spec/api/knowledge_api_spec.rb +++ /dev/null @@ -1,51 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' - -# Unit tests for JCAPIv2::KnowledgeApi -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'KnowledgeApi' do - before do - # run before each test - @instance = JCAPIv2::KnowledgeApi.new - end - - after do - # run after each test - end - - describe 'test an instance of KnowledgeApi' do - it 'should create an instance of KnowledgeApi' do - expect(@instance).to be_instance_of(JCAPIv2::KnowledgeApi) - end - end - - # unit tests for knowledge_salesforce_list - # List Knowledge Articles - # This endpoint returns a list of knowledge articles hosted in salesforce. ``` Sample Request curl -X GET https://console.jumpcloud.com/api/v2/knowledge/salesforce \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param [Hash] opts the optional parameters - # @option opts [Array] :fields - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @return [SalesforceKnowledgeListOutput] - describe 'knowledge_salesforce_list test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end diff --git a/jcapiv2/spec/api/ldap_servers_api_spec.rb b/jcapiv2/spec/api/ldap_servers_api_spec.rb index b2602c1..a9cc65a 100644 --- a/jcapiv2/spec/api/ldap_servers_api_spec.rb +++ b/jcapiv2/spec/api/ldap_servers_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,121 +33,106 @@ # unit tests for graph_ldap_server_associations_list # List the associations of a LDAP Server - # This endpoint returns the _direct_ associations of this LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations?targets=user_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"ldap_server\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_ldap_server_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_ldap_server_associations_post # Manage the associations of a LDAP Server - # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a LDAP Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example LDAP and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationLdapServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_ldap_server_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_ldap_server_traverse_user # List the Users bound to a LDAP Server - # This endpoint will return all Users bound to an LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_ldap_server_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_ldap_server_traverse_user_group # List the User Groups bound to a LDAP Server - # This endpoint will return all Users Groups bound to a LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to a LDAP Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this LDAP server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this LDAP server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id ObjectID of the LDAP Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_ldap_server_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for ldapservers_get # Get LDAP Server - # This endpoint returns a specific LDAP server. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific LDAP server. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id Unique identifier of the LDAP server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [LdapServerOutput] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [LdapServer] describe 'ldapservers_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for ldapservers_list # List LDAP Servers - # This endpoint returns the object IDs of your LDAP servers. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' - # @param content_type - # @param accept + # This endpoint returns the object IDs of your LDAP servers. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] describe 'ldapservers_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for ldapservers_patch # Update existing LDAP server - # This endpoint allows updating some attributes of an LDAP server. Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"remove\", \"userPasswordExpirationAction\": \"disable\" }' ``` + # This endpoint allows updating some attributes of an LDAP server. Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"remove\", \"userPasswordExpirationAction\": \"disable\" }' ``` # @param id Unique identifier of the LDAP server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Body3] :body - # @option opts [String] :x_api_key - # @option opts [String] :x_org_id - # @return [InlineResponse200] + # @option opts [LdapserversIdBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [InlineResponse20011] describe 'ldapservers_patch test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/logos_api_spec.rb b/jcapiv2/spec/api/logos_api_spec.rb new file mode 100644 index 0000000..6eb3023 --- /dev/null +++ b/jcapiv2/spec/api/logos_api_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::LogosApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'LogosApi' do + before do + # run before each test + @instance = JCAPIv2::LogosApi.new + end + + after do + # run after each test + end + + describe 'test an instance of LogosApi' do + it 'should create an instance of LogosApi' do + expect(@instance).to be_instance_of(JCAPIv2::LogosApi) + end + end + + # unit tests for logos_get + # Get the logo associated with the specified id + # Return the logo image associated with the specified id + # @param id + # @param [Hash] opts the optional parameters + # @return [String] + describe 'logos_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/managed_service_provider_api_spec.rb b/jcapiv2/spec/api/managed_service_provider_api_spec.rb new file mode 100644 index 0000000..6df5e32 --- /dev/null +++ b/jcapiv2/spec/api/managed_service_provider_api_spec.rb @@ -0,0 +1,310 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::ManagedServiceProviderApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ManagedServiceProviderApi' do + before do + # run before each test + @instance = JCAPIv2::ManagedServiceProviderApi.new + end + + after do + # run after each test + end + + describe 'test an instance of ManagedServiceProviderApi' do + it 'should create an instance of ManagedServiceProviderApi' do + expect(@instance).to be_instance_of(JCAPIv2::ManagedServiceProviderApi) + end + end + + # unit tests for administrator_organizations_create_by_administrator + # Allow Adminstrator access to an Organization. + # This endpoint allows you to grant Administrator access to an Organization. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [AdministratorOrganizationLinkReq] :body + # @return [AdministratorOrganizationLink] + describe 'administrator_organizations_create_by_administrator test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for administrator_organizations_list_by_administrator + # List the association links between an Administrator and Organizations. + # This endpoint returns the association links between an Administrator and Organizations. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array] + describe 'administrator_organizations_list_by_administrator test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for administrator_organizations_list_by_organization + # List the association links between an Organization and Administrators. + # This endpoint returns the association links between an Organization and Administrators. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array] + describe 'administrator_organizations_list_by_organization test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for administrator_organizations_remove_by_administrator + # Remove association between an Administrator and an Organization. + # This endpoint removes the association link between an Administrator and an Organization. + # @param administrator_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'administrator_organizations_remove_by_administrator test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_delete + # Deletes policy group template. + # Deletes a Policy Group Template. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'policy_group_templates_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_get + # Gets a provider's policy group template. + # Retrieves a Policy Group Template for this provider. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [PolicyGroupTemplate] + describe 'policy_group_templates_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_get_configured_policy_template + # Retrieve a configured policy template by id. + # Retrieves a Configured Policy Templates for this provider and Id. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [ConfiguredPolicyTemplate] + describe 'policy_group_templates_get_configured_policy_template test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_list + # List a provider's policy group templates. + # Retrieves a list of Policy Group Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplates] + describe 'policy_group_templates_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_list_configured_policy_templates + # List a provider's configured policy templates. + # Retrieves a list of Configured Policy Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [InlineResponse20014] + describe 'policy_group_templates_list_configured_policy_templates test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_list_members + # Gets the list of members from a policy group template. + # Retrieves a Policy Group Template's Members. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplateMembers] + describe 'policy_group_templates_list_members test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for provider_organizations_create_org + # Create Provider Organization + # This endpoint creates a new organization under the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [CreateOrganization] :body + # @return [Organization] + describe 'provider_organizations_create_org test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for provider_organizations_update_org + # Update Provider Organization + # This endpoint updates a provider's organization + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Organization] :body + # @return [Organization] + describe 'provider_organizations_update_org test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_get_provider + # Retrieve Provider + # This endpoint returns details about a provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @return [Provider] + describe 'providers_get_provider test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_list_administrators + # List Provider Administrators + # This endpoint returns a list of the Administrators associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse20013] + describe 'providers_list_administrators test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_list_organizations + # List Provider Organizations + # This endpoint returns a list of the Organizations associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse20015] + describe 'providers_list_organizations test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_post_admins + # Create a new Provider Administrator + # This endpoint allows you to create a provider administrator. You must be associated with the provider to use this route. You must provide either `role` or `roleName`. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [ProviderAdminReq] :body + # @return [Administrator] + describe 'providers_post_admins test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_provider_list_case + # Get all cases (Support/Feature requests) for provider + # This endpoint returns the cases (Support/Feature requests) for the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [CasesResponse] + describe 'providers_provider_list_case test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_retrieve_invoice + # Download a provider's invoice. + # Retrieves an invoice for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [String] + describe 'providers_retrieve_invoice test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_retrieve_invoices + # List a provider's invoices. + # Retrieves a list of invoices for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @return [ProviderInvoiceResponse] + describe 'providers_retrieve_invoices test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/office365_api_spec.rb b/jcapiv2/spec/api/office365_api_spec.rb index 7c1cdff..21958e1 100644 --- a/jcapiv2/spec/api/office365_api_spec.rb +++ b/jcapiv2/spec/api/office365_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,136 +31,206 @@ end end + # unit tests for domains_delete + # Delete a domain from an Office 365 instance + # Delete a domain from a specific M365/Azure AD directory sync integration instance. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains/{DOMAIN_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param office365_id Id for the specific M365/Azure AD directory sync integration instance. + # @param domain_id ObjectID of the domain to be deleted. + # @param [Hash] opts the optional parameters + # @return [O365DomainResponse] + describe 'domains_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for domains_insert + # Add a domain to an Office 365 instance + # Add a domain to a specific M365/Azure AD directory sync integration instance. The domain must be a verified domain in M365/Azure AD. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"domain\": \"{domain name}\"}' ``` + # @param body + # @param office365_id Id for the specific M365/Azure AD directory sync integration instance. + # @param [Hash] opts the optional parameters + # @return [O365DomainResponse] + describe 'domains_insert test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for domains_list + # List all domains configured for an Office 365 instance + # List the domains configured for a specific M365/Azure AD directory sync integration instance. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/domains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param office365_id Id for the specific M365/Azure AD directory sync integration instance. + # @param [Hash] opts the optional parameters + # @option opts [String] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :skip The offset into the records to return. + # @return [O365DomainsListResponse] + describe 'domains_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + # unit tests for graph_office365_associations_list # List the associations of an Office 365 instance - # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns _direct_ associations of an Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations?targets=user_group' \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"office_365\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_office365_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_office365_associations_post # Manage the associations of an Office 365 instance - # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Office 365 instance. A direct association can be a non-homogeneous relationship between 2 different objects, for example Office 365 and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user_group\", \"id\": \"{Group_ID}\" }' ``` # @param office365_id ObjectID of the Office 365 instance. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationOffice365] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_office365_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_office365_traverse_user # List the Users bound to an Office 365 instance - # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_office365_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_office365_traverse_user_group # List the User Groups bound to an Office 365 instance - # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{O365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to an Office 365 instance, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Office 365 instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this Office 365 instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id ObjectID of the Office 365 suite. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_office365_traverse_user_group test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for office365s_get + # Get Office 365 instance + # This endpoint returns a specific Office 365 instance. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param office365_id ObjectID of the Office 365 instance. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Office365] + describe 'office365s_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for office365s_list_import_users + # Get a list of users to import from an Office 365 instance + # Lists Office 365 users available for import. + # @param office365_id + # @param [Hash] opts the optional parameters + # @option opts [String] :consistency_level Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers + # @option opts [Integer] :top Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :skip_token Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :filter Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :search Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :orderby Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [BOOLEAN] :count Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @return [InlineResponse20012] + describe 'office365s_list_import_users test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for office365s_patch + # Update existing Office 365 instance. + # This endpoint allows updating some attributes of an Office 365 instance. ##### Sample Request ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"userLockoutAction\": \"maintain\", \"userPasswordExpirationAction\": \"suspend\", }' ``` Sample Request, set a default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": { \"id\": \"{domainObjectID}\" } }' ``` Sample Request, unset the default domain ``` curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"defaultDomain\": {} }' ``` + # @param office365_id ObjectID of the Office 365 instance. + # @param [Hash] opts the optional parameters + # @option opts [Office365] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Office365] + describe 'office365s_patch test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for translation_rules_office365_delete # Deletes a Office 365 translation rule - # This endpoint allows you to delete a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @return [nil] describe 'translation_rules_office365_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for translation_rules_office365_get # Gets a specific Office 365 translation rule - # This endpoint returns a specific translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules/{id} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @return [Office365TranslationRule] describe 'translation_rules_office365_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for translation_rules_office365_list # List all the Office 365 Translation Rules - # This endpoint returns all translation rules for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all translation rules for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param office365_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @return [Array] describe 'translation_rules_office365_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for translation_rules_office365_post # Create a new Office 365 Translation Rule - # This endpoint allows you to create a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` + # This endpoint allows you to create a translation rule for a specific Office 365 instance. These rules specify how JumpCloud attributes translate to [Microsoft Graph](https://developer.microsoft.com/en-us/graph) attributes. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/office365s/{office365_id}/translationrules \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Translation Rule Parameters} }' ``` # @param office365_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Office365TranslationRuleRequest] :body # @return [Office365TranslationRule] describe 'translation_rules_office365_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/office365_import_api_spec.rb b/jcapiv2/spec/api/office365_import_api_spec.rb new file mode 100644 index 0000000..1b721f9 --- /dev/null +++ b/jcapiv2/spec/api/office365_import_api_spec.rb @@ -0,0 +1,53 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::Office365ImportApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Office365ImportApi' do + before do + # run before each test + @instance = JCAPIv2::Office365ImportApi.new + end + + after do + # run after each test + end + + describe 'test an instance of Office365ImportApi' do + it 'should create an instance of Office365ImportApi' do + expect(@instance).to be_instance_of(JCAPIv2::Office365ImportApi) + end + end + + # unit tests for office365s_list_import_users + # Get a list of users to import from an Office 365 instance + # Lists Office 365 users available for import. + # @param office365_id + # @param [Hash] opts the optional parameters + # @option opts [String] :consistency_level Defines the consistency header for O365 requests. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#request-headers + # @option opts [Integer] :top Office 365 API maximum number of results per page. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :skip_token Office 365 API token used to access the next page of results. See https://docs.microsoft.com/en-us/graph/paging. + # @option opts [String] :filter Office 365 API filter parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :search Office 365 API search parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [String] :orderby Office 365 API orderby parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @option opts [BOOLEAN] :count Office 365 API count parameter. See https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#optional-query-parameters. + # @return [InlineResponse20012] + describe 'office365s_list_import_users test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/organizations_api_spec.rb b/jcapiv2/spec/api/organizations_api_spec.rb index d55b968..8db7bd3 100644 --- a/jcapiv2/spec/api/organizations_api_spec.rb +++ b/jcapiv2/spec/api/organizations_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,43 +31,71 @@ end end - # unit tests for org_crypto_get - # Get Crypto Settings - # + # unit tests for administrator_organizations_create_by_administrator + # Allow Adminstrator access to an Organization. + # This endpoint allows you to grant Administrator access to an Organization. # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id + # @option opts [AdministratorOrganizationLinkReq] :body + # @return [AdministratorOrganizationLink] + describe 'administrator_organizations_create_by_administrator test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for administrator_organizations_list_by_administrator + # List the association links between an Administrator and Organizations. + # This endpoint returns the association links between an Administrator and Organizations. + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + describe 'administrator_organizations_list_by_administrator test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for administrator_organizations_list_by_organization + # List the association links between an Organization and Administrators. + # This endpoint returns the association links between an Organization and Administrators. + # @param id + # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @return [OrgCryptoSettings] - describe 'org_crypto_get test' do - it "should work" do + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array] + describe 'administrator_organizations_list_by_organization test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for org_crypto_put - # Edit Crypto Settings - # + # unit tests for administrator_organizations_remove_by_administrator + # Remove association between an Administrator and an Organization. + # This endpoint removes the association link between an Administrator and an Organization. + # @param administrator_id # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [OrgCryptoSettings] :body - # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id + # @return [nil] + describe 'administrator_organizations_remove_by_administrator test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for organizations_org_list_cases + # Get all cases (Support/Feature requests) for organization + # This endpoint returns the cases (Support/Feature requests) for the organization + # @param [Hash] opts the optional parameters # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @return [Object] - describe 'org_crypto_put test' do - it "should work" do + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [CasesResponse] + describe 'organizations_org_list_cases test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/password_manager_api_spec.rb b/jcapiv2/spec/api/password_manager_api_spec.rb new file mode 100644 index 0000000..1d2d421 --- /dev/null +++ b/jcapiv2/spec/api/password_manager_api_spec.rb @@ -0,0 +1,60 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::PasswordManagerApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PasswordManagerApi' do + before do + # run before each test + @instance = JCAPIv2::PasswordManagerApi.new + end + + after do + # run after each test + end + + describe 'test an instance of PasswordManagerApi' do + it 'should create an instance of PasswordManagerApi' do + expect(@instance).to be_instance_of(JCAPIv2::PasswordManagerApi) + end + end + + # unit tests for device_service_get_device + # Get Device + # @param uuid + # @param [Hash] opts the optional parameters + # @return [DevicePackageV1Device] + describe 'device_service_get_device test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for device_service_list_devices + # List Devices + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit + # @option opts [Integer] :skip + # @option opts [String] :sort + # @option opts [Array] :fields + # @option opts [Array] :filter + # @return [DevicePackageV1ListDevicesResponse] + describe 'device_service_list_devices test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/policies_api_spec.rb b/jcapiv2/spec/api/policies_api_spec.rb index 359956e..953c406 100644 --- a/jcapiv2/spec/api/policies_api_spec.rb +++ b/jcapiv2/spec/api/policies_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,276 +33,265 @@ # unit tests for graph_policy_associations_list # List the associations of a Policy - # This endpoint returns the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X GET 'https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Policy. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"policy\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_policy_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_policy_associations_post # Manage the associations of a Policy - # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Policy. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policies and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/associations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{Group_ID}\" }' ``` # @param policy_id ObjectID of the Policy. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationPolicy] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_policy_associations_post test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_member_of + # List the parent Groups of a Policy + # This endpoint returns all the Policy Groups a Policy is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param policy_id ObjectID of the Policy. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_member_of test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_policy_traverse_system # List the Systems bound to a Policy - # This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_policy_traverse_system test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_policy_traverse_system_group # List the System Groups bound to a Policy - # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems Groups bound to a Policy, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id ObjectID of the Command. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_policy_traverse_system_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policies_delete # Deletes a Policy - # This endpoint allows you to delete a policy. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/policies/5a837ecd232e110d4291e6b9 \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a policy. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/policies/5a837ecd232e110d4291e6b9 \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy object. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'policies_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policies_get # Gets a specific Policy. - # This endpoint returns a specific policy. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{PolicyID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific policy. ###### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{PolicyID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy object. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [PolicyWithDetails] describe 'policies_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policies_list # Lists all the Policies - # This endpoint returns all policies. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all policies. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'policies_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policies_post # Create a new Policy - # This endpoint allows you to create a policy. Given the amount of configurable parameters required to create a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a policy. Given the amount of configurable parameters required to create a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` # @param [Hash] opts the optional parameters # @option opts [PolicyRequest] :body - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [PolicyWithDetails] describe 'policies_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policies_put # Update an existing Policy - # This endpoint allows you to update a policy. Given the amount of configurable parameters required to update a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policies/59fced45c9118022172547ff \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY' \\ -d '{ {Policy_Parameters} }' ``` + # This endpoint allows you to update a policy. Given the amount of configurable parameters required to update a Policy, we suggest you use the JumpCloud Admin Console to create new policies. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policies/59fced45c9118022172547ff \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ {Policy_Parameters} }' ``` # @param id ObjectID of the Policy object. # @param [Hash] opts the optional parameters # @option opts [PolicyRequest] :body - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Policy] describe 'policies_put test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policyresults_get # Get a specific Policy Result. - # This endpoint will return the policy results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults/{Policy_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return the policy results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults/{Policy_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy Result. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [PolicyResult] describe 'policyresults_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policyresults_list # Lists all the policy results of a policy. - # This endpoint returns all policies results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all policies results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @return [Array] describe 'policyresults_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policyresults_org_list - # Lists all the policy results for an organization. - # This endpoint returns all policies results for an organization. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # Lists all of the policy results for an organization. + # This endpoint returns all policy results for an organization. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policyresults \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. # @return [Array] describe 'policyresults_org_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for policystatuses_list + # unit tests for policystatuses_policies_list # Lists the latest policy results of a policy. - # This endpoint returns the latest policies results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the latest policy results for a specific policy. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param policy_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - describe 'policystatuses_list test' do - it "should work" do + describe 'policystatuses_policies_list test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for policystatuses_list_0 + # unit tests for policystatuses_systems_list # List the policy statuses for a system - # This endpoint returns the policy results for a particular system. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the policy results for a particular system. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policystatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] - describe 'policystatuses_list_0 test' do - it "should work" do + describe 'policystatuses_systems_list test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policytemplates_get # Get a specific Policy Template - # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates/{Policy_Template_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy Template. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [PolicyTemplateWithDetails] describe 'policytemplates_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policytemplates_list # Lists all of the Policy Templates - # This endpoint returns all policy templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all policy templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'policytemplates_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/policy_group_associations_api_spec.rb b/jcapiv2/spec/api/policy_group_associations_api_spec.rb new file mode 100644 index 0000000..166f6b5 --- /dev/null +++ b/jcapiv2/spec/api/policy_group_associations_api_spec.rb @@ -0,0 +1,96 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::PolicyGroupAssociationsApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PolicyGroupAssociationsApi' do + before do + # run before each test + @instance = JCAPIv2::PolicyGroupAssociationsApi.new + end + + after do + # run after each test + end + + describe 'test an instance of PolicyGroupAssociationsApi' do + it 'should create an instance of PolicyGroupAssociationsApi' do + expect(@instance).to be_instance_of(JCAPIv2::PolicyGroupAssociationsApi) + end + end + + # unit tests for graph_policy_group_associations_list + # List the associations of a Policy Group. + # This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param targets Targets which a \"policy_group\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_group_associations_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_associations_post + # Manage the associations of a Policy Group + # This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'graph_policy_group_associations_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_traverse_system + # List the Systems bound to a Policy Group + # This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_policy_group_traverse_system test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_traverse_system_group + # List the System Groups bound to Policy Groups + # This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_policy_group_traverse_system_group test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/policy_group_members_membership_api_spec.rb b/jcapiv2/spec/api/policy_group_members_membership_api_spec.rb new file mode 100644 index 0000000..3957316 --- /dev/null +++ b/jcapiv2/spec/api/policy_group_members_membership_api_spec.rb @@ -0,0 +1,80 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::PolicyGroupMembersMembershipApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PolicyGroupMembersMembershipApi' do + before do + # run before each test + @instance = JCAPIv2::PolicyGroupMembersMembershipApi.new + end + + after do + # run after each test + end + + describe 'test an instance of PolicyGroupMembersMembershipApi' do + it 'should create an instance of PolicyGroupMembersMembershipApi' do + expect(@instance).to be_instance_of(JCAPIv2::PolicyGroupMembersMembershipApi) + end + end + + # unit tests for graph_policy_group_members_list + # List the members of a Policy Group + # This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_group_members_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_members_post + # Manage the members of a Policy Group + # This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'graph_policy_group_members_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_membership + # List the Policy Group's membership + # This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_group_membership test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/policy_group_templates_api_spec.rb b/jcapiv2/spec/api/policy_group_templates_api_spec.rb new file mode 100644 index 0000000..e8547c1 --- /dev/null +++ b/jcapiv2/spec/api/policy_group_templates_api_spec.rb @@ -0,0 +1,123 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::PolicyGroupTemplatesApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PolicyGroupTemplatesApi' do + before do + # run before each test + @instance = JCAPIv2::PolicyGroupTemplatesApi.new + end + + after do + # run after each test + end + + describe 'test an instance of PolicyGroupTemplatesApi' do + it 'should create an instance of PolicyGroupTemplatesApi' do + expect(@instance).to be_instance_of(JCAPIv2::PolicyGroupTemplatesApi) + end + end + + # unit tests for policy_group_templates_delete + # Deletes policy group template. + # Deletes a Policy Group Template. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'policy_group_templates_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_get + # Gets a provider's policy group template. + # Retrieves a Policy Group Template for this provider. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [PolicyGroupTemplate] + describe 'policy_group_templates_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_get_configured_policy_template + # Retrieve a configured policy template by id. + # Retrieves a Configured Policy Templates for this provider and Id. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [ConfiguredPolicyTemplate] + describe 'policy_group_templates_get_configured_policy_template test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_list + # List a provider's policy group templates. + # Retrieves a list of Policy Group Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplates] + describe 'policy_group_templates_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_list_configured_policy_templates + # List a provider's configured policy templates. + # Retrieves a list of Configured Policy Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [InlineResponse20014] + describe 'policy_group_templates_list_configured_policy_templates test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_list_members + # Gets the list of members from a policy group template. + # Retrieves a Policy Group Template's Members. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplateMembers] + describe 'policy_group_templates_list_members test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/policy_groups_api_spec.rb b/jcapiv2/spec/api/policy_groups_api_spec.rb new file mode 100644 index 0000000..6041ea5 --- /dev/null +++ b/jcapiv2/spec/api/policy_groups_api_spec.rb @@ -0,0 +1,212 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::PolicyGroupsApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PolicyGroupsApi' do + before do + # run before each test + @instance = JCAPIv2::PolicyGroupsApi.new + end + + after do + # run after each test + end + + describe 'test an instance of PolicyGroupsApi' do + it 'should create an instance of PolicyGroupsApi' do + expect(@instance).to be_instance_of(JCAPIv2::PolicyGroupsApi) + end + end + + # unit tests for graph_policy_group_associations_list + # List the associations of a Policy Group. + # This endpoint returns the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param targets Targets which a \"policy_group\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_group_associations_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_associations_post + # Manage the associations of a Policy Group + # This endpoint manages the _direct_ associations of this Policy Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example Policy Groups and Policies. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'graph_policy_group_associations_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_members_list + # List the members of a Policy Group + # This endpoint returns the Policy members of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_group_members_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_members_post + # Manage the members of a Policy Group + # This endpoint allows you to manage the Policy members of a Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"policy\", \"id\": \"{Policy_ID}\" }' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationPolicyGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'graph_policy_group_members_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_membership + # List the Policy Group's membership + # This endpoint returns all Policy members that are a member of this Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_policy_group_membership test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_traverse_system + # List the Systems bound to a Policy Group + # This endpoint will return all Systems bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_policy_group_traverse_system test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_policy_group_traverse_system_group + # List the System Groups bound to Policy Groups + # This endpoint will return all System Groups bound to a Policy Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Policy Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Policy Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_policy_group_traverse_system_group test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for groups_policy_delete + # Delete a Policy Group + # This endpoint allows you to delete a Policy Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/policygroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PolicyGroup] + describe 'groups_policy_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for groups_policy_get + # View an individual Policy Group details + # This endpoint returns the details of a Policy Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PolicyGroup] + describe 'groups_policy_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for groups_policy_list + # List all Policy Groups + # This endpoint returns all Policy Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'groups_policy_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for groups_policy_post + # Create a new Policy Group + # This endpoint allows you to create a new Policy Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` + # @param [Hash] opts the optional parameters + # @option opts [PolicyGroupData] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PolicyGroup] + describe 'groups_policy_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for groups_policy_put + # Update a Policy Group + # This endpoint allows you to do a full update of the Policy Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/policygroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"group_update\" }' ``` + # @param id ObjectID of the Policy Group. + # @param [Hash] opts the optional parameters + # @option opts [PolicyGroupData] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PolicyGroup] + describe 'groups_policy_put test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/policytemplates_api_spec.rb b/jcapiv2/spec/api/policytemplates_api_spec.rb index 0b02bef..b0d717d 100644 --- a/jcapiv2/spec/api/policytemplates_api_spec.rb +++ b/jcapiv2/spec/api/policytemplates_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,34 +33,30 @@ # unit tests for policytemplates_get # Get a specific Policy Template - # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policies/{Policy_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific policy template. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates/{Policy_Template_ID}\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the Policy Template. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [PolicyTemplateWithDetails] describe 'policytemplates_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for policytemplates_list # Lists all of the Policy Templates - # This endpoint returns all policy templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all policy templates. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/policytemplates \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'policytemplates_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/providers_api_spec.rb b/jcapiv2/spec/api/providers_api_spec.rb index e02ed3c..6349525 100644 --- a/jcapiv2/spec/api/providers_api_spec.rb +++ b/jcapiv2/spec/api/providers_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,36 +31,904 @@ end end + # unit tests for autotask_create_configuration + # Creates a new Autotask integration for the provider + # Creates a new Autotask integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with Autotask. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [AutotaskIntegrationReq] :body + # @return [InlineResponse201] + describe 'autotask_create_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_delete_configuration + # Delete Autotask Integration + # Removes a Autotask integration. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'autotask_delete_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_get_configuration + # Retrieve Autotask Integration Configuration + # Retrieves configuration for given Autotask integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [AutotaskIntegration] + describe 'autotask_get_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_patch_mappings + # Create, edit, and/or delete Autotask Mappings + # Create, edit, and/or delete mappings between Jumpcloud organizations and Autotask companies/contracts/services. You must be associated to the same provider as the Autotask integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskMappingRequest] :body + # @return [AutotaskMappingResponse] + describe 'autotask_patch_mappings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_patch_settings + # Create, edit, and/or delete Autotask Integration settings + # Create, edit, and/or delete Autotask settings. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskSettingsPatchReq] :body + # @return [AutotaskSettings] + describe 'autotask_patch_settings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_retrieve_all_alert_configuration_options + # Get all Autotask ticketing alert configuration options for a provider + # Get all Autotask ticketing alert configuration options for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [AutotaskTicketingAlertConfigurationOptions] + describe 'autotask_retrieve_all_alert_configuration_options test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_retrieve_all_alert_configurations + # Get all Autotask ticketing alert configurations for a provider + # Get all Autotask ticketing alert configurations for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [AutotaskTicketingAlertConfigurationList] + describe 'autotask_retrieve_all_alert_configurations test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_retrieve_companies + # Retrieve Autotask Companies + # Retrieves a list of Autotask companies for the given Autotask id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [AutotaskCompanyResp] + describe 'autotask_retrieve_companies test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_retrieve_company_types + # Retrieve Autotask Company Types + # Retrieves a list of user defined company types from Autotask for the given Autotask id. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [AutotaskCompanyTypeResp] + describe 'autotask_retrieve_company_types test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_retrieve_contracts + # Retrieve Autotask Contracts + # Retrieves a list of Autotask contracts for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2003] + describe 'autotask_retrieve_contracts test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_retrieve_contracts_fields + # Retrieve Autotask Contract Fields + # Retrieves a list of Autotask contract fields for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [InlineResponse2004] + describe 'autotask_retrieve_contracts_fields test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_retrieve_mappings + # Retrieve Autotask mappings + # Retrieves the list of mappings for this Autotask integration. You must be associated to the same provider as the Autotask integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2006] + describe 'autotask_retrieve_mappings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_retrieve_services + # Retrieve Autotask Contract Services + # Retrieves a list of Autotask contract services for the given Autotask integration id. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2005] + describe 'autotask_retrieve_services test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_retrieve_settings + # Retrieve Autotask Integration settings + # Retrieve the Autotask integration settings. You must be associated to the same provider as the Autotask integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [AutotaskSettings] + describe 'autotask_retrieve_settings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_update_alert_configuration + # Update an Autotask ticketing alert's configuration + # Update an Autotask ticketing alert's configuration + # @param provider_id + # @param alert_uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskTicketingAlertConfigurationRequest] :body + # @return [AutotaskTicketingAlertConfiguration] + describe 'autotask_update_alert_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for autotask_update_configuration + # Update Autotask Integration configuration + # Update the Autotask integration configuration. A 422 Unprocessable Entity response means the server failed to validate with Autotask. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [AutotaskIntegrationPatchReq] :body + # @return [AutotaskIntegration] + describe 'autotask_update_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for billing_get_contract + # Retrieve contract for a Provider + # Retrieve contract for a Provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [String] + describe 'billing_get_contract test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for billing_get_details + # Retrieve billing details for a Provider + # Retrieve billing details for a Provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [JumpcloudMspGetDetailsResponse] + describe 'billing_get_details test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_create_configuration + # Creates a new ConnectWise integration for the provider + # Creates a new ConnectWise integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with ConnectWise. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [ConnectwiseIntegrationReq] :body + # @return [InlineResponse201] + describe 'connectwise_create_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_delete_configuration + # Delete ConnectWise Integration + # Removes a ConnectWise integration. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'connectwise_delete_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_get_configuration + # Retrieve ConnectWise Integration Configuration + # Retrieves configuration for given ConnectWise integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [ConnectwiseIntegration] + describe 'connectwise_get_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_patch_mappings + # Create, edit, and/or delete ConnectWise Mappings + # Create, edit, and/or delete mappings between Jumpcloud organizations and ConnectWise companies/agreements/additions. You must be associated to the same provider as the ConnectWise integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectWiseMappingRequest] :body + # @return [ConnectWiseMappingRequest] + describe 'connectwise_patch_mappings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_patch_settings + # Create, edit, and/or delete ConnectWise Integration settings + # Create, edit, and/or delete ConnectWiseIntegration settings. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectWiseSettingsPatchReq] :body + # @return [ConnectWiseSettings] + describe 'connectwise_patch_settings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_retrieve_additions + # Retrieve ConnectWise Additions + # Retrieves a list of ConnectWise additions for the given ConnectWise id and Agreement id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param agreement_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2008] + describe 'connectwise_retrieve_additions test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_retrieve_agreements + # Retrieve ConnectWise Agreements + # Retrieves a list of ConnectWise agreements for the given ConnectWise id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2007] + describe 'connectwise_retrieve_agreements test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_retrieve_all_alert_configuration_options + # Get all ConnectWise ticketing alert configuration options for a provider + # Get all ConnectWise ticketing alert configuration options for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [ConnectWiseTicketingAlertConfigurationOptions] + describe 'connectwise_retrieve_all_alert_configuration_options test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_retrieve_all_alert_configurations + # Get all ConnectWise ticketing alert configurations for a provider + # Get all ConnectWise ticketing alert configurations for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [ConnectWiseTicketingAlertConfigurationList] + describe 'connectwise_retrieve_all_alert_configurations test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_retrieve_companies + # Retrieve ConnectWise Companies + # Retrieves a list of ConnectWise companies for the given ConnectWise id. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [ConnectwiseCompanyResp] + describe 'connectwise_retrieve_companies test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_retrieve_company_types + # Retrieve ConnectWise Company Types + # Retrieves a list of user defined company types from ConnectWise for the given ConnectWise id. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [ConnectwiseCompanyTypeResp] + describe 'connectwise_retrieve_company_types test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_retrieve_mappings + # Retrieve ConnectWise mappings + # Retrieves the list of mappings for this ConnectWise integration. You must be associated to the same provider as the ConnectWise integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse2009] + describe 'connectwise_retrieve_mappings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_retrieve_settings + # Retrieve ConnectWise Integration settings + # Retrieve the ConnectWise integration settings. You must be associated to the same provider as the ConnectWise integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [ConnectWiseSettings] + describe 'connectwise_retrieve_settings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_update_alert_configuration + # Update a ConnectWise ticketing alert's configuration + # Update a ConnectWise ticketing alert's configuration. + # @param provider_id + # @param alert_uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectWiseTicketingAlertConfigurationRequest] :body + # @return [ConnectWiseTicketingAlertConfiguration] + describe 'connectwise_update_alert_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for connectwise_update_configuration + # Update ConnectWise Integration configuration + # Update the ConnectWise integration configuration. A 422 Unprocessable Entity response means the server failed to validate with ConnectWise. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [ConnectwiseIntegrationPatchReq] :body + # @return [ConnectwiseIntegration] + describe 'connectwise_update_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for mtp_integration_retrieve_alerts + # Get all ticketing alerts available for a provider's ticketing integration. + # Get all ticketing alerts available for a provider's ticketing integration. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [TicketingIntegrationAlertsResp] + describe 'mtp_integration_retrieve_alerts test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for mtp_integration_retrieve_sync_errors + # Retrieve Recent Integration Sync Errors + # Retrieves recent sync errors for given integration type and integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param integration_type + # @param [Hash] opts the optional parameters + # @return [IntegrationSyncErrorResp] + describe 'mtp_integration_retrieve_sync_errors test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_delete + # Deletes policy group template. + # Deletes a Policy Group Template. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'policy_group_templates_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_get + # Gets a provider's policy group template. + # Retrieves a Policy Group Template for this provider. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [PolicyGroupTemplate] + describe 'policy_group_templates_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_get_configured_policy_template + # Retrieve a configured policy template by id. + # Retrieves a Configured Policy Templates for this provider and Id. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [ConfiguredPolicyTemplate] + describe 'policy_group_templates_get_configured_policy_template test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_list + # List a provider's policy group templates. + # Retrieves a list of Policy Group Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplates] + describe 'policy_group_templates_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_list_configured_policy_templates + # List a provider's configured policy templates. + # Retrieves a list of Configured Policy Templates for this provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [InlineResponse20014] + describe 'policy_group_templates_list_configured_policy_templates test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for policy_group_templates_list_members + # Gets the list of members from a policy group template. + # Retrieves a Policy Group Template's Members. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [PolicyGroupTemplateMembers] + describe 'policy_group_templates_list_members test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for provider_organizations_create_org + # Create Provider Organization + # This endpoint creates a new organization under the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [CreateOrganization] :body + # @return [Organization] + describe 'provider_organizations_create_org test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for provider_organizations_update_org + # Update Provider Organization + # This endpoint updates a provider's organization + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @option opts [Organization] :body + # @return [Organization] + describe 'provider_organizations_update_org test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_get_provider + # Retrieve Provider + # This endpoint returns details about a provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @return [Provider] + describe 'providers_get_provider test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + # unit tests for providers_list_administrators # List Provider Administrators - # This endpoint returns a list of the Administrators associated with the Provider. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/providers/{ProviderID}/administrators \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a list of the Administrators associated with the Provider. You must be associated with the provider to use this route. # @param provider_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @return [InlineResponse2001] + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse20013] describe 'providers_list_administrators test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_list_organizations + # List Provider Organizations + # This endpoint returns a list of the Organizations associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Array] :sort_ignore_case The comma separated fields used to sort the collection, ignoring case. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse20015] + describe 'providers_list_organizations test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for providers_post_admins # Create a new Provider Administrator - # This endpoint allows you to create a provider administrator. You must be associated to the provider to use this route. **Sample Request** ``` curl -X POST https://console.jumpcloud.com/api/v2/providers/{ProviderID}/administrators \\ -H 'Accept: application/json' \\ -H 'Context-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"email\":\"{ADMIN_EMAIL}\" }' ``` + # This endpoint allows you to create a provider administrator. You must be associated with the provider to use this route. You must provide either `role` or `roleName`. # @param provider_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [ProviderAdminReq] :body # @return [Administrator] describe 'providers_post_admins test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_provider_list_case + # Get all cases (Support/Feature requests) for provider + # This endpoint returns the cases (Support/Feature requests) for the provider + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [CasesResponse] + describe 'providers_provider_list_case test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_remove_administrator + # Delete Provider Administrator + # This endpoint removes an Administrator associated with the Provider. You must be associated with the provider to use this route. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'providers_remove_administrator test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_retrieve_integrations + # Retrieve Integrations for Provider + # Retrieves a list of integrations this provider has configured. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [IntegrationsResponse] + describe 'providers_retrieve_integrations test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_retrieve_invoice + # Download a provider's invoice. + # Retrieves an invoice for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param id + # @param [Hash] opts the optional parameters + # @return [String] + describe 'providers_retrieve_invoice test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for providers_retrieve_invoices + # List a provider's invoices. + # Retrieves a list of invoices for this provider. You must be associated to the provider to use this endpoint. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @return [ProviderInvoiceResponse] + describe 'providers_retrieve_invoices test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_create_configuration + # Creates a new Syncro integration for the provider + # Creates a new Syncro integration for the provider. You must be associated with the provider to use this route. A 422 Unprocessable Entity response means the server failed to validate with Syncro. + # @param provider_id + # @param [Hash] opts the optional parameters + # @option opts [SyncroIntegrationReq] :body + # @return [InlineResponse201] + describe 'syncro_create_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_delete_configuration + # Delete Syncro Integration + # Removes a Syncro integration. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'syncro_delete_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_get_configuration + # Retrieve Syncro Integration Configuration + # Retrieves configuration for given Syncro integration id. You must be associated to the provider the integration is tied to in order to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [SyncroIntegration] + describe 'syncro_get_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_patch_mappings + # Create, edit, and/or delete Syncro Mappings + # Create, edit, and/or delete mappings between Jumpcloud organizations and Syncro companies. You must be associated to the same provider as the Syncro integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [SyncroMappingRequest] :body + # @return [SyncroMappingRequest] + describe 'syncro_patch_mappings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_patch_settings + # Create, edit, and/or delete Syncro Integration settings + # Create, edit, and/or delete SyncroIntegration settings. You must be associated to the same provider as the Syncro integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [SyncroSettingsPatchReq] :body + # @return [SyncroSettings] + describe 'syncro_patch_settings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_retrieve_all_alert_configuration_options + # Get all Syncro ticketing alert configuration options for a provider + # Get all Syncro ticketing alert configuration options for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [SyncroTicketingAlertConfigurationOptions] + describe 'syncro_retrieve_all_alert_configuration_options test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_retrieve_all_alert_configurations + # Get all Syncro ticketing alert configurations for a provider + # Get all Syncro ticketing alert configurations for a provider. + # @param provider_id + # @param [Hash] opts the optional parameters + # @return [SyncroTicketingAlertConfigurationList] + describe 'syncro_retrieve_all_alert_configurations test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_retrieve_billing_mapping_configuration_options + # Retrieve Syncro billing mappings dependencies + # Retrieves a list of dependencies for Syncro billing mappings. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [SyncroBillingMappingConfigurationOptionsResp] + describe 'syncro_retrieve_billing_mapping_configuration_options test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_retrieve_companies + # Retrieve Syncro Companies + # Retrieves a list of Syncro companies for the given Syncro id. You must be associated to the same provider as the Syncro integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [SyncroCompanyResp] + describe 'syncro_retrieve_companies test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_retrieve_mappings + # Retrieve Syncro mappings + # Retrieves the list of mappings for this Syncro integration. You must be associated to the same provider as the Syncro integration to use this api. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [InlineResponse20010] + describe 'syncro_retrieve_mappings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_retrieve_settings + # Retrieve Syncro Integration settings + # Retrieve the Syncro integration settings. You must be associated to the same provider as the Syncro integration to use this endpoint. + # @param uuid + # @param [Hash] opts the optional parameters + # @return [SyncroSettings] + describe 'syncro_retrieve_settings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_update_alert_configuration + # Update a Syncro ticketing alert's configuration + # Update a Syncro ticketing alert's configuration + # @param provider_id + # @param alert_uuid + # @param [Hash] opts the optional parameters + # @option opts [SyncroTicketingAlertConfigurationRequest] :body + # @return [SyncroTicketingAlertConfiguration] + describe 'syncro_update_alert_configuration test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for syncro_update_configuration + # Update Syncro Integration configuration + # Update the Syncro integration configuration. A 422 Unprocessable Entity response means the server failed to validate with Syncro. + # @param uuid + # @param [Hash] opts the optional parameters + # @option opts [SyncroIntegrationPatchReq] :body + # @return [SyncroIntegration] + describe 'syncro_update_configuration test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/radius_servers_api_spec.rb b/jcapiv2/spec/api/radius_servers_api_spec.rb index ba4b5f4..8c2f960 100644 --- a/jcapiv2/spec/api/radius_servers_api_spec.rb +++ b/jcapiv2/spec/api/radius_servers_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,70 +33,62 @@ # unit tests for graph_radius_server_associations_list # List the associations of a RADIUS Server - # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations?targets=user_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param targets - # @param content_type - # @param accept + # @param targets Targets which a \"radius_server\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_radius_server_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_radius_server_associations_post # Manage the associations of a RADIUS Server - # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a Radius Server. A direct association can be a non-homogeneous relationship between 2 different objects, for example Radius Servers and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"type\":\"user\", \"id\":\"{USER_ID}\", \"op\":\"add\" }' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [GraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationRadiusServer] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_radius_server_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_radius_server_traverse_user # List the Users bound to a RADIUS Server - # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_radius_server_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_radius_server_traverse_user_group # List the User Groups bound to a RADIUS Server - # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users Groups bound to a RADIUS Server, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this RADIUS server instance to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this RADIUS server instance. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/radiusservers/{RADIUS_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param radiusserver_id ObjectID of the Radius Server. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_radius_server_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/samba_domains_api_spec.rb b/jcapiv2/spec/api/samba_domains_api_spec.rb index f2e17e8..f0e9244 100644 --- a/jcapiv2/spec/api/samba_domains_api_spec.rb +++ b/jcapiv2/spec/api/samba_domains_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,85 +33,74 @@ # unit tests for ldapservers_samba_domains_delete # Delete Samba Domain - # This endpoint allows you to delete a samba domain from an LDAP server. ##### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a samba domain from an LDAP server. ##### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param id Unique identifier of the samba domain. # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [String] describe 'ldapservers_samba_domains_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for ldapservers_samba_domains_get # Get Samba Domain - # This endpoint returns a specific samba domain for an LDAP server. ##### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/ldapservers/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns a specific samba domain for an LDAP server. ##### Sample Request ``` curl -X GET \\ https://console.jumpcloud.com/api/v2/ldapservers/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param id Unique identifier of the samba domain. # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept - # @option opts [String] :x_org_id - # @return [SambaDomainOutput] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SambaDomain] describe 'ldapservers_samba_domains_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for ldapservers_samba_domains_list # List Samba Domains - # This endpoint returns all samba domains for an LDAP server. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all samba domains for an LDAP server. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param [Hash] opts the optional parameters - # @option opts [String] :content_type - # @option opts [String] :accept # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] describe 'ldapservers_samba_domains_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for ldapservers_samba_domains_post # Create Samba Domain - # This endpoint allows you to create a samba domain for an LDAP server. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` + # This endpoint allows you to create a samba domain for an LDAP server. ##### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param [Hash] opts the optional parameters - # @option opts [SambaDomainInput] :body - # @option opts [String] :content_type - # @option opts [String] :accept - # @option opts [String] :x_org_id - # @return [SambaDomainOutput] + # @option opts [SambaDomain] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SambaDomain] describe 'ldapservers_samba_domains_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for ldapservers_samba_domains_put # Update Samba Domain - # This endpoint allows you to update the samba domain information for an LDAP server. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` + # This endpoint allows you to update the samba domain information for an LDAP server. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"sid\":\"{SID_ID}\", \"name\":\"{WORKGROUP_NAME}\" }' ``` # @param ldapserver_id Unique identifier of the LDAP server. # @param id Unique identifier of the samba domain. # @param [Hash] opts the optional parameters - # @option opts [SambaDomainInput] :body - # @option opts [String] :content_type - # @option opts [String] :accept - # @option opts [String] :x_org_id - # @return [SambaDomainOutput] + # @option opts [SambaDomain] :body + # @return [SambaDomain] describe 'ldapservers_samba_domains_put test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/scim_import_api_spec.rb b/jcapiv2/spec/api/scim_import_api_spec.rb new file mode 100644 index 0000000..0efd14e --- /dev/null +++ b/jcapiv2/spec/api/scim_import_api_spec.rb @@ -0,0 +1,53 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::SCIMImportApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SCIMImportApi' do + before do + # run before each test + @instance = JCAPIv2::SCIMImportApi.new + end + + after do + # run after each test + end + + describe 'test an instance of SCIMImportApi' do + it 'should create an instance of SCIMImportApi' do + expect(@instance).to be_instance_of(JCAPIv2::SCIMImportApi) + end + end + + # unit tests for import_users + # Get a list of users to import from an Application IdM service provider + # Get a list of users to import from an Application IdM service provider. + # @param application_id ObjectID of the Application. + # @param [Hash] opts the optional parameters + # @option opts [String] :filter Filter users by a search term + # @option opts [String] :query URL query to merge with the service provider request + # @option opts [String] :sort Sort users by supported fields + # @option opts [String] :sort_order + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [ImportUsersResponse] + describe 'import_users test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/software_apps_api_spec.rb b/jcapiv2/spec/api/software_apps_api_spec.rb new file mode 100644 index 0000000..6677070 --- /dev/null +++ b/jcapiv2/spec/api/software_apps_api_spec.rb @@ -0,0 +1,219 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::SoftwareAppsApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareAppsApi' do + before do + # run before each test + @instance = JCAPIv2::SoftwareAppsApi.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareAppsApi' do + it 'should create an instance of SoftwareAppsApi' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareAppsApi) + end + end + + # unit tests for graph_softwareapps_associations_list + # List the associations of a Software Application + # This endpoint will return the _direct_ associations of a Software Application. A direct association can be a non-homogeneous relationship between 2 different objects, for example Software Application and System Groups. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations?targets=system_group \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param targets Targets which a \"software_app\" can be associated to. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'graph_softwareapps_associations_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_softwareapps_associations_post + # Manage the associations of a software application. + # This endpoint allows you to associate or disassociate a software application to a system or system group. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"id\": \"<object_id>\", \"op\": \"add\", \"type\": \"system\" }' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [GraphOperationSoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'graph_softwareapps_associations_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_softwareapps_traverse_system + # List the Systems bound to a Software App. + # This endpoint will return all Systems bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_softwareapps_traverse_system test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_softwareapps_traverse_system_group + # List the System Groups bound to a Software App. + # This endpoint will return all Systems Groups bound to a Software App, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this Software App to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this Software App. See `/associations` endpoint to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_softwareapps_traverse_system_group test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for software_app_statuses_list + # Get the status of the provided Software Application + # This endpoint allows you to get the status of the provided Software Application on associated JumpCloud systems. #### Sample Request ``` $ curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/statuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param software_app_id ObjectID of the Software App. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + describe 'software_app_statuses_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for software_apps_delete + # Delete a configured Software Application + # Removes a Software Application configuration. Warning: This is a destructive operation and will unmanage the application on all affected systems. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [nil] + describe 'software_apps_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for software_apps_get + # Retrieve a configured Software Application. + # Retrieves a Software Application. The optional isConfigEnabled and appConfiguration apple_vpp attributes are populated in this response. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SoftwareApp] + describe 'software_apps_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for software_apps_list + # Get all configured Software Applications. + # This endpoint allows you to get all configured Software Applications that will be managed by JumpCloud on associated JumpCloud systems. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request ``` $ curl -X GET https://console.jumpcloud.com/api/v2/softwareapps \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + describe 'software_apps_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for software_apps_post + # Create a Software Application that will be managed by JumpCloud. + # This endpoint allows you to create a Software Application that will be managed by JumpCloud on associated JumpCloud systems. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"Adobe Reader\", \"settings\": [{\"packageId\": \"adobereader\"}] }' ``` + # @param [Hash] opts the optional parameters + # @option opts [SoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SoftwareAppCreate] + describe 'software_apps_post test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for software_apps_reclaim_licenses + # Reclaim Licenses for a Software Application. + # This endpoint allows you to reclaim the licenses from a software app associated with devices that are deleted. #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/reclaim-licenses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{}' ``` + # @param software_app_id + # @param [Hash] opts the optional parameters + # @return [SoftwareAppReclaimLicenses] + describe 'software_apps_reclaim_licenses test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for software_apps_retry_installation + # Retry Installation for a Software Application + # This endpoints initiates an installation retry of an Apple VPP App for the provided system IDs #### Sample Request ``` $ curl -X POST https://console.jumpcloud.com/api/v2/softwareapps/{software_app_id}/retry-installation \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{\"system_ids\": \"{<system_id_1>, <system_id_2>, ...}\"}' ``` + # @param body + # @param software_app_id + # @param [Hash] opts the optional parameters + # @return [nil] + describe 'software_apps_retry_installation test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for software_apps_update + # Update a Software Application Configuration. + # This endpoint updates a specific Software Application configuration for the organization. displayName can be changed alone if no settings are provided. If a setting is provided, it should include all its information since this endpoint will update all the settings' fields. The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response. #### Sample Request - displayName only ``` curl -X PUT https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"My Software App\" }' ``` #### Sample Request - all attributes ``` curl -X PUT https://console.jumpcloud.com/api/v2/softwareapps/{id} \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"displayName\": \"My Software App\", \"settings\": [ { \"packageId\": \"123456\", \"autoUpdate\": false, \"allowUpdateDelay\": false, \"packageManager\": \"APPLE_VPP\", \"locationObjectId\": \"123456789012123456789012\", \"location\": \"123456\", \"desiredState\": \"Install\", \"appleVpp\": { \"appConfiguration\": \"<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?><!DOCTYPE plist PUBLIC \\\"-//Apple//DTD PLIST 1.0//EN\\\" \\\"http://www.apple.com/DTDs/PropertyList-1.0.dtd\\\"><plist version=\\\"1.0\\\"><dict><key>MyKey</key><string>My String</string></dict></plist>\", \"assignedLicenses\": 20, \"availableLicenses\": 10, \"details\": {}, \"isConfigEnabled\": true, \"supportedDeviceFamilies\": [ \"IPAD\", \"MAC\" ], \"totalLicenses\": 30 }, \"packageSubtitle\": \"My package subtitle\", \"packageVersion\": \"1.2.3\", \"packageKind\": \"software-package\", \"assetKind\": \"software\", \"assetSha256Size\": 256, \"assetSha256Strings\": [ \"a123b123c123d123\" ], \"description\": \"My app description\" } ] }' ``` + # @param id + # @param [Hash] opts the optional parameters + # @option opts [SoftwareApp] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SoftwareApp] + describe 'software_apps_update test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for validator_validate_application_install_package + # Validate Installation Packages + # Validates an application install package from the specified URL to calculate the SHA256 hash and extract the installer manifest details. #### Sample Request ``` curl -H 'x-api-key: {API_KEY}' \\ -H 'Content-Type: application/json' \\ -H 'Accept: application/json' \\ -d '{\"url\": \"https://dl.google.com/dl/chrome/mac/universal/stable/gcem/GoogleChrome.pkg\"}' \\ -i -X POST https://console.jumpcloud.com/api/v2/softwareapps/validate ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [JumpcloudPackageValidatorValidateApplicationInstallPackageResponse] + describe 'validator_validate_application_install_package test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/subscriptions_api_spec.rb b/jcapiv2/spec/api/subscriptions_api_spec.rb new file mode 100644 index 0000000..aaeff3a --- /dev/null +++ b/jcapiv2/spec/api/subscriptions_api_spec.rb @@ -0,0 +1,45 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::SubscriptionsApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SubscriptionsApi' do + before do + # run before each test + @instance = JCAPIv2::SubscriptionsApi.new + end + + after do + # run after each test + end + + describe 'test an instance of SubscriptionsApi' do + it 'should create an instance of SubscriptionsApi' do + expect(@instance).to be_instance_of(JCAPIv2::SubscriptionsApi) + end + end + + # unit tests for subscriptions_get + # Lists all the Pricing & Packaging Subscriptions + # This endpoint returns all pricing & packaging subscriptions. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/subscriptions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @return [Array] + describe 'subscriptions_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/system_group_associations_api_spec.rb b/jcapiv2/spec/api/system_group_associations_api_spec.rb index 0de1a9e..ac10d42 100644 --- a/jcapiv2/spec/api/system_group_associations_api_spec.rb +++ b/jcapiv2/spec/api/system_group_associations_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,106 +33,111 @@ # unit tests for graph_system_group_associations_list # List the associations of a System Group - # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_group_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_associations_post # Manage the associations of a System Group - # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupGraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationSystemGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_system_group_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_command # List the Commands bound to a System Group - # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Commands bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the group's type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array] + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array] describe 'graph_system_group_traverse_command test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_policy # List the Policies bound to a System Group - # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_group_traverse_policy test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_system_group_traverse_policy_group + # List the Policy Groups bound to a System Group + # This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the System Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_system_group_traverse_policy_group test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_user # List the Users bound to a System Group - # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_group_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_user_group # List the User Groups bound to a System Group - # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_group_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/system_group_members_membership_api_spec.rb b/jcapiv2/spec/api/system_group_members_membership_api_spec.rb index 5ae3fc6..41282e6 100644 --- a/jcapiv2/spec/api/system_group_members_membership_api_spec.rb +++ b/jcapiv2/spec/api/system_group_members_membership_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,75 +31,50 @@ end end - # unit tests for graph_system_group_member_of - # List the System Group's parents - # This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. - # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array] - describe 'graph_system_group_member_of test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - # unit tests for graph_system_group_members_list # List the members of a System Group - # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_group_members_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_members_post # Manage the members of a System Group - # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` + # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupMembersReq] :body + # @option opts [GraphOperationSystemGroupMember] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_system_group_members_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_membership - # List the System Group's membership - # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the System Group's membership + # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_group_membership test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/system_groups_api_spec.rb b/jcapiv2/spec/api/system_groups_api_spec.rb index 4880df0..289e0f4 100644 --- a/jcapiv2/spec/api/system_groups_api_spec.rb +++ b/jcapiv2/spec/api/system_groups_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,257 +33,241 @@ # unit tests for graph_system_group_associations_list # List the associations of a System Group - # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_group_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_associations_post # Manage the associations of a System Group - # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example System Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{UserID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupGraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationSystemGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_system_group_associations_post test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for graph_system_group_member_of - # List the System Group's parents - # This endpoint returns all System Groups a System Group is a member of. This endpoint is not yet public as we haven't completed the code yet. - # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array] - describe 'graph_system_group_member_of test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_members_list # List the members of a System Group - # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the system members of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_group_members_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_members_post # Manage the members of a System Group - # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` + # This endpoint allows you to manage the system members of a System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{System_ID}\" }' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupMembersReq] :body + # @option opts [GraphOperationSystemGroupMember] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_system_group_members_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_membership - # List the System Group's membership - # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the System Group's membership + # This endpoint returns all Systems that are a member of this System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_group_membership test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_policy # List the Policies bound to a System Group - # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Policies bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System Group. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not public yet as we haven't finished the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_group_traverse_policy test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_system_group_traverse_policy_group + # List the Policy Groups bound to a System Group + # This endpoint will return all Policy Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ObjectID of the System Group. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_system_group_traverse_policy_group test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_user # List the Users bound to a System Group - # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_group_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_group_traverse_user_group # List the User Groups bound to a System Group - # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to a System Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System Group to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_group_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for groups_system_delete # Delete a System Group - # This endpoint allows you to delete a System Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a System Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [nil] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [SystemGroup] describe 'groups_system_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for groups_system_get # View an individual System Group details - # This endpoint returns the details of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the details of a System Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [SystemGroup] describe 'groups_system_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for groups_system_list # List all System Groups - # This endpoint returns all System Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all System Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'groups_system_list test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for groups_system_patch - # Partial update a System Group - # We have hidden PATCH on the systemgroups and usergroups for now; we don't have that implemented correctly yet, people should use PUT until we do a true PATCH operation. #### Sample Request ``` https://console.jumpcloud.com/api/v2/systemgroups/{id} ``` - # @param id ObjectID of the System Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [SystemGroupData] :body - # @option opts [String] :x_org_id - # @return [SystemGroup] - describe 'groups_system_patch test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for groups_system_post # Create a new System Group - # This endpoint allows you to create a new System Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new System Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` # @param [Hash] opts the optional parameters - # @option opts [SystemGroupData] :body - # @option opts [String] :x_org_id + # @option opts [SystemGroupPost] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [SystemGroup] describe 'groups_system_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for groups_system_put # Update a System Group - # This endpoint allows you to do a full update of the System Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Name_Update\" }' ``` + # This endpoint allows you to do a full update of the System Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Name_Update\" }' ``` # @param id ObjectID of the System Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGroupData] :body - # @option opts [String] :x_org_id + # @option opts [SystemGroupPut] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [SystemGroup] describe 'groups_system_put test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for groups_system_suggestions_get + # List Suggestions for a System Group + # This endpoint returns available suggestions for a given system group #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ID of the group + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array] + describe 'groups_system_suggestions_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for groups_system_suggestions_post + # Apply Suggestions for a System Group + # This endpoint applies the suggestions for the specified system group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"object_ids\": [\"212345678901234567890123\", \"123456789012345678901234\"] }' ``` + # @param body + # @param group_id ID of the group + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'groups_system_suggestions_post test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/system_insights_api_spec.rb b/jcapiv2/spec/api/system_insights_api_spec.rb index 429f877..82f804d 100644 --- a/jcapiv2/spec/api/system_insights_api_spec.rb +++ b/jcapiv2/spec/api/system_insights_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,19 +31,130 @@ end end + # unit tests for systeminsights_list_alf + # List System Insights ALF + # Valid filter fields are `system_id` and `global_state`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_alf test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_alf_exceptions + # List System Insights ALF Exceptions + # Valid filter fields are `system_id` and `state`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_alf_exceptions test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_alf_explicit_auths + # List System Insights ALF Explicit Authentications + # Valid filter fields are `system_id` and `process`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_alf_explicit_auths test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_appcompat_shims + # List System Insights Application Compatibility Shims + # Valid filter fields are `system_id` and `enabled`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_appcompat_shims test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + # unit tests for systeminsights_list_apps # List System Insights Apps - # Valid filter fields are `system_id` and `bundle_name`. - # @param content_type - # @param accept + # Lists all apps for macOS devices. For Windows devices, use [List System Insights Programs](#operation/systeminsights_list_programs). Valid filter fields are `system_id` and `bundle_name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_apps test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_authorized_keys + # List System Insights Authorized Keys + # Valid filter fields are `system_id` and `uid`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_authorized_keys test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_azure_instance_metadata + # List System Insights Azure Instance Metadata + # Valid filter fields are `system_id`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_azure_instance_metadata test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_azure_instance_tags + # List System Insights Azure Instance Tags + # Valid filter fields are `system_id`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_azure_instance_tags test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -52,16 +162,15 @@ # unit tests for systeminsights_list_battery # List System Insights Battery # Valid filter fields are `system_id` and `health`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_battery test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -69,16 +178,15 @@ # unit tests for systeminsights_list_bitlocker_info # List System Insights Bitlocker Info # Valid filter fields are `system_id` and `protection_status`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_bitlocker_info test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -86,16 +194,47 @@ # unit tests for systeminsights_list_browser_plugins # List System Insights Browser Plugins # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_browser_plugins test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_certificates + # List System Insights Certificates + # Valid filter fields are `system_id` and `common_name`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `common_name` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_certificates test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_chassis_info + # List System Insights Chassis Info + # Valid filter fields are `system_id`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_chassis_info test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -103,16 +242,31 @@ # unit tests for systeminsights_list_chrome_extensions # List System Insights Chrome Extensions # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_chrome_extensions test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_connectivity + # List System Insights Connectivity + # The only valid filter field is `system_id`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_connectivity test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -120,16 +274,31 @@ # unit tests for systeminsights_list_crashes # List System Insights Crashes # Valid filter fields are `system_id` and `identifier`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_crashes test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_cups_destinations + # List System Insights CUPS Destinations + # Valid filter fields are `system_id` and `name`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_cups_destinations test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -137,16 +306,15 @@ # unit tests for systeminsights_list_disk_encryption # List System Insights Disk Encryption # Valid filter fields are `system_id` and `encryption_status`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_disk_encryption test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -154,16 +322,31 @@ # unit tests for systeminsights_list_disk_info # List System Insights Disk Info # Valid filter fields are `system_id` and `disk_index`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_disk_info test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_dns_resolvers + # List System Insights DNS Resolvers + # Valid filter fields are `system_id` and `type`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_dns_resolvers test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -171,16 +354,15 @@ # unit tests for systeminsights_list_etc_hosts # List System Insights Etc Hosts # Valid filter fields are `system_id` and `address`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_etc_hosts test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -188,16 +370,15 @@ # unit tests for systeminsights_list_firefox_addons # List System Insights Firefox Addons # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_firefox_addons test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -205,16 +386,15 @@ # unit tests for systeminsights_list_groups # List System Insights Groups # Valid filter fields are `system_id` and `groupname`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_groups test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -222,16 +402,15 @@ # unit tests for systeminsights_list_ie_extensions # List System Insights IE Extensions # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_ie_extensions test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -239,16 +418,31 @@ # unit tests for systeminsights_list_interface_addresses # List System Insights Interface Addresses # Valid filter fields are `system_id` and `address`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_interface_addresses test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_interface_details + # List System Insights Interface Details + # Valid filter fields are `system_id` and `interface`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_interface_details test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -256,16 +450,15 @@ # unit tests for systeminsights_list_kernel_info # List System Insights Kernel Info # Valid filter fields are `system_id` and `version`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_kernel_info test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -273,16 +466,31 @@ # unit tests for systeminsights_list_launchd # List System Insights Launchd # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_launchd test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_linux_packages + # List System Insights Linux Packages + # Lists all programs for Linux devices. For macOS devices, use [List System Insights System Apps](#operation/systeminsights_list_apps). For windows devices, use [List System Insights System Apps](#operation/systeminsights_list_programs). Valid filter fields are `name` and `package_format`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_linux_packages test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -290,16 +498,15 @@ # unit tests for systeminsights_list_logged_in_users # List System Insights Logged-In Users # Valid filter fields are `system_id` and `user`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_logged_in_users test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -307,16 +514,31 @@ # unit tests for systeminsights_list_logical_drives # List System Insights Logical Drives # Valid filter fields are `system_id` and `device_id`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] describe 'systeminsights_list_logical_drives test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_managed_policies + # List System Insights Managed Policies + # Valid filter fields are `system_id` and `domain`. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_managed_policies test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -324,16 +546,15 @@ # unit tests for systeminsights_list_mounts # List System Insights Mounts # Valid filter fields are `system_id` and `path`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_mounts test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -341,16 +562,15 @@ # unit tests for systeminsights_list_os_version # List System Insights OS Version # Valid filter fields are `system_id` and `version`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_os_version test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -358,33 +578,47 @@ # unit tests for systeminsights_list_patches # List System Insights Patches # Valid filter fields are `system_id` and `hotfix_id`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_patches test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for systeminsights_list_programs # List System Insights Programs - # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept + # Lists all programs for Windows devices. For macOS devices, use [List System Insights Apps](#operation/systeminsights_list_apps). Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_programs test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systeminsights_list_python_packages + # List System Insights Python Packages + # Valid filter fields are `system_id` and `name`. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_python_packages test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -392,195 +626,175 @@ # unit tests for systeminsights_list_safari_extensions # List System Insights Safari Extensions # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_safari_extensions test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_apps - # List System Insights System Apps - # Valid filter fields are `bundle_name`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_scheduled_tasks + # List System Insights Scheduled Tasks + # Valid filter fields are `system_id` and `enabled`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_apps test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_scheduled_tasks test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_bitlocker_info - # List System Insights System Bitlocker Info - # Valid filter fields are `protection_status`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_secureboot + # List System Insights Secure Boot + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_bitlocker_info test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_secureboot test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_browser_plugins - # List System Insights System Browser Plugins - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_services + # List System Insights Services + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_browser_plugins test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_services test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_chrome_extensions - # List System Insights System Chrome Extensions - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_shadow + # LIst System Insights Shadow + # Valid filter fields are `system_id` and `username`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_chrome_extensions test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_shadow test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_controls - # List System Insights System Control + # unit tests for systeminsights_list_shared_folders + # List System Insights Shared Folders # Valid filter fields are `system_id` and `name`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_controls test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_shared_folders test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_disk_encryption - # List System Insights System Disk Encryption - # Valid filter fields are `encryption_status`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_shared_resources + # List System Insights Shared Resources + # Valid filter fields are `system_id` and `type`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_disk_encryption test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_shared_resources test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_disk_info - # List System Insights System Disk Info - # Valid filter fields are `disk_index`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_sharing_preferences + # List System Insights Sharing Preferences + # Only valid filed field is `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_disk_info test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_sharing_preferences test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_etc_hosts - # List System Insights System Etc Hosts - # Valid filter fields are `address`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_sip_config + # List System Insights SIP Config + # Valid filter fields are `system_id` and `enabled`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_etc_hosts test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_sip_config test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_firefox_addons - # List System Insights System Firefox Addons - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_startup_items + # List System Insights Startup Items + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_firefox_addons test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_startup_items test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_groups - # List System Insights System Groups - # Valid filter fields are `groupname`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_system_controls + # List System Insights System Control + # Valid filter fields are `system_id` and `name`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_groups test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` Note: You can only filter by `system_id` and `name` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_system_controls test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -588,317 +802,191 @@ # unit tests for systeminsights_list_system_info # List System Insights System Info # Valid filter fields are `system_id` and `cpu_subtype`. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] describe 'systeminsights_list_system_info test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_interface_addresses - # List System Insights System Interface Addresses - # Valid filter fields are `address`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_tpm_info + # List System Insights TPM Info + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_interface_addresses test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for systeminsights_list_system_kernel_info - # List System Insights System Kernel Info - # Valid filter fields are `version`. - # @param system_id - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :limit - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_kernel_info test' do - it "should work" do + # @return [Array] + describe 'systeminsights_list_tpm_info test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_logical_drives - # List System Insights System Logical Drives - # Valid filter fields are `device_id`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_uptime + # List System Insights Uptime + # Valid filter fields are `system_id` and `days`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_logical_drives test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for systeminsights_list_system_mounts - # List System Insights System Mounts - # Valid filter fields are `path`. - # @param system_id - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, gte, in. e.g: Filter for single value: `filter=field:gte:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :limit - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_mounts test' do - it "should work" do + # @return [Array] + describe 'systeminsights_list_uptime test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_os_version - # List System Insights System OS Version - # Valid filter fields are `version`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_usb_devices + # List System Insights USB Devices + # Valid filter fields are `system_id` and `model`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_os_version test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for systeminsights_list_system_patches - # List System Insights System Patches - # Valid filter fields are `hotfix_id `. - # @param system_id - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` # @option opts [Integer] :limit - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_patches test' do - it "should work" do + # @return [Array] + describe 'systeminsights_list_usb_devices test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_programs - # List System Insights System Programs - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_user_groups + # List System Insights User Groups + # Only valid filter field is `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_programs test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for systeminsights_list_system_safari_extensions - # List System Insights System Safari Extensions - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` # @option opts [Integer] :limit - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_safari_extensions test' do - it "should work" do + # @return [Array] + describe 'systeminsights_list_user_groups test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_system_controls - # List System Insights System System Controls - # Valid filter fields are `name`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_user_ssh_keys + # List System Insights User SSH Keys + # Valid filter fields are `system_id` and `uid`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_system_controls test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for systeminsights_list_system_system_info - # List System Insights System System Info - # Valid filter fields are `cpu_subtype`. - # @param system_id - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` # @option opts [Integer] :limit - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_system_info test' do - it "should work" do + # @return [Array] + describe 'systeminsights_list_user_ssh_keys test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_uptime - # List System Insights System Uptime - # Valid filter fields are `days`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_userassist + # List System Insights User Assist + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_system_uptime test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_userassist test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_system_users - # List System Insights System Users - # Valid filter fields are `username`. - # @param system_id - # @param content_type - # @param accept + # unit tests for systeminsights_list_users + # List System Insights Users + # Valid filter fields are `system_id` and `username`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit # @return [Array] - describe 'systeminsights_list_system_users test' do - it "should work" do + describe 'systeminsights_list_users test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_uptime - # List System Insights Uptime - # Valid filter fields are `system_id` and `days`. - # @param content_type - # @param accept + # unit tests for systeminsights_list_wifi_networks + # List System Insights WiFi Networks + # Valid filter fields are `system_id` and `security_type`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_uptime test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for systeminsights_list_usb_devices - # List System Insights USB Devices - # Valid filter fields are `system_id` and `model`. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :limit - # @option opts [String] :x_org_id - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - describe 'systeminsights_list_usb_devices test' do - it "should work" do + # @return [Array] + describe 'systeminsights_list_wifi_networks test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_user_groups - # List System Insights User Groups - # Only valid filter field is `system_id`. - # @param content_type - # @param accept + # unit tests for systeminsights_list_wifi_status + # List System Insights WiFi Status + # Valid filter fields are `system_id` and `security_type`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - describe 'systeminsights_list_user_groups test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_wifi_status test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_users - # List System Insights Users - # Valid filter fields are `system_id` and `username`. - # @param content_type - # @param accept + # unit tests for systeminsights_list_windows_security_center + # List System Insights Windows Security Center + # Valid filter fields are `system_id`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @option opts [String] :x_org_id - # @return [Array] - describe 'systeminsights_list_users test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_windows_security_center test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for systeminsights_list_windows_crashes - # List System Insights Windows Crashes - # Valid filter fields are `system_id` and `type`. - # @param content_type - # @param accept + # unit tests for systeminsights_list_windows_security_products + # List System Insights Windows Security Products + # Valid filter fields are `system_id` and `state`. # @param [Hash] opts the optional parameters - # @option opts [Integer] :limit - # @option opts [String] :x_org_id # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq - # @return [Array] - describe 'systeminsights_list_windows_crashes test' do - it "should work" do + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. e.g: Sort by single field: `sort=field` Sort descending by single field: `sort=-field` Sort by multiple fields: `sort=field1,-field2,field3` + # @option opts [Array] :filter Supported operators are: eq, in. e.g: Filter for single value: `filter=field:eq:value` Filter for any value in a list: (note \"pipe\" character: `|` separating values) `filter=field:in:value1|value2|value3` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit + # @return [Array] + describe 'systeminsights_list_windows_security_products test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/systems_api_spec.rb b/jcapiv2/spec/api/systems_api_spec.rb index a0ce3a5..c1e4f93 100644 --- a/jcapiv2/spec/api/systems_api_spec.rb +++ b/jcapiv2/spec/api/systems_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,135 +33,140 @@ # unit tests for graph_system_associations_list # List the associations of a System - # This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations?targets=user \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"system\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_associations_post # Manage associations of a System - # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` + # This endpoint allows you to manage the _direct_ associations of a System. A direct association can be a non-homogeneous relationship between 2 different objects, for example Systems and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/systems/{System_ID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"user\", \"id\": \"UserID\" }' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [SystemGraphManagementReq] :body + # @option opts [GraphOperationSystem] :body # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_system_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_member_of # List the parent Groups of a System - # This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all the System Groups a System is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_system_member_of test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_traverse_command # List the Commands bound to a System - # This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Commands bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Command; this array represents all grouping and/or associations that would have to be removed to deprovision the Command from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/commands \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @return [Array] + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :details This will provide detail descriptive response for the request. + # @return [Array] describe 'graph_system_traverse_command test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_traverse_policy # List the Policies bound to a System - # This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Policies bound to a System, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy from this System. See `/members` and `/associations` endpoints to manage those collections. This endpoint is not yet public as we have finish the code. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/{System_ID}/policies \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_traverse_policy test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_system_traverse_policy_group + # List the Policy Groups bound to a System + # This endpoint will return all Policy Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding Policy Group; this array represents all grouping and/or associations that would have to be removed to deprovision the Policy Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/policygroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param system_id ObjectID of the System. + # @param [Hash] opts the optional parameters + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [String] :date Current date header for the System Context API + # @option opts [String] :authorization Authorization header for the System Context API + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @return [Array] + describe 'graph_system_traverse_policy_group test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_traverse_user # List the Users bound to a System - # This endpoint will return all Users bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Users bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User; this array represents all grouping and/or associations that would have to be removed to deprovision the User from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/users \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_traverse_user test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_system_traverse_user_group # List the User Groups bound to a System - # This endpoint will return all User Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all User Groups bound to a System, either directly or indirectly essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this System to the corresponding User Group; this array represents all grouping and/or associations that would have to be removed to deprovision the User Group from this System. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{System_ID}/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param system_id ObjectID of the System. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. # @option opts [String] :date Current date header for the System Context API # @option opts [String] :authorization Authorization header for the System Context API - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_system_traverse_user_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end @@ -172,10 +176,27 @@ # This endpoint will return the current (latest) fde key saved for a system. # @param system_id # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Systemfdekey] describe 'systems_get_fde_key test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systems_list_software_apps_with_statuses + # List the associated Software Application Statuses of a System + # This endpoint returns all the statuses of the associated Software Applications from the provided JumpCloud system ID. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/systems/{system_id}/softwareappstatuses \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param system_id ObjectID of the System. + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. + # @return [Array] + describe 'systems_list_software_apps_with_statuses test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/systems_organization_settings_api_spec.rb b/jcapiv2/spec/api/systems_organization_settings_api_spec.rb new file mode 100644 index 0000000..d859aa0 --- /dev/null +++ b/jcapiv2/spec/api/systems_organization_settings_api_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' + +# Unit tests for JCAPIv2::SystemsOrganizationSettingsApi +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemsOrganizationSettingsApi' do + before do + # run before each test + @instance = JCAPIv2::SystemsOrganizationSettingsApi.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemsOrganizationSettingsApi' do + it 'should create an instance of SystemsOrganizationSettingsApi' do + expect(@instance).to be_instance_of(JCAPIv2::SystemsOrganizationSettingsApi) + end + end + + # unit tests for systems_org_settings_get_sign_in_with_jump_cloud_settings + # Get the Sign In with JumpCloud Settings + # Gets the Sign In with JumpCloud Settings for an Organization. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/devices/settings/signinwithjumpcloud \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' ``` + # @param [Hash] opts the optional parameters + # @option opts [String] :organization_object_id + # @return [DevicesGetSignInWithJumpCloudSettingsResponse] + describe 'systems_org_settings_get_sign_in_with_jump_cloud_settings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for systems_org_settings_set_sign_in_with_jump_cloud_settings + # Set the Sign In with JumpCloud Settings + # Sets the Sign In with JumpCloud Settings for an Organization. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/devices/settings/signinwithjumpcloud \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key:{API_KEY}' \\ -d '{\"settings\":[{\"osFamily\":\"WINDOWS\",\"enabled\":true,\"defaultPermission\":\"STANDARD\"}]}' ``` + # @param body + # @param [Hash] opts the optional parameters + # @return [Object] + describe 'systems_org_settings_set_sign_in_with_jump_cloud_settings test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/api/user_group_associations_api_spec.rb b/jcapiv2/spec/api/user_group_associations_api_spec.rb index 17463b4..0432bac 100644 --- a/jcapiv2/spec/api/user_group_associations_api_spec.rb +++ b/jcapiv2/spec/api/user_group_associations_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,196 +33,174 @@ # unit tests for graph_user_group_associations_list # List the associations of a User Group. - # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_group_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_associations_post # Manage the associations of a User Group - # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupGraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationUserGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_user_group_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_active_directory # List the Active Directories bound to a User Group - # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_active_directory test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_application # List the Applications bound to a User Group - # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_application test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_directory # List the Directories bound to a User Group - # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_directory test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_g_suite # List the G Suite instances bound to a User Group - # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_g_suite test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_ldap_server # List the LDAP Servers bound to a User Group - # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_ldap_server test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_office365 # List the Office 365 instances bound to a User Group - # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_office365 test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_radius_server # List the RADIUS Servers bound to a User Group - # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_radius_server test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_system # List the Systems bound to a User Group - # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_system test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_system_group # List the System Groups bound to User Groups - # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_system_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/user_group_members_membership_api_spec.rb b/jcapiv2/spec/api/user_group_members_membership_api_spec.rb index b85b852..6230ce2 100644 --- a/jcapiv2/spec/api/user_group_members_membership_api_spec.rb +++ b/jcapiv2/spec/api/user_group_members_membership_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,73 +31,48 @@ end end - # unit tests for graph_user_group_member_of - # List the User Group's parents - # This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, - # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array] - describe 'graph_user_group_member_of test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - # unit tests for graph_user_group_members_list # List the members of a User Group - # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_group_members_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_members_post # Manage the members of a User Group - # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupMembersReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationUserGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_user_group_members_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_membership - # List the User Group's membership - # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the User Group's membership + # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_group_membership test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/user_groups_api_spec.rb b/jcapiv2/spec/api/user_groups_api_spec.rb index 2e63052..64a8cea 100644 --- a/jcapiv2/spec/api/user_groups_api_spec.rb +++ b/jcapiv2/spec/api/user_groups_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,363 +33,319 @@ # unit tests for graph_user_group_associations_list # List the associations of a User Group. - # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations?targets=system \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user_group\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_group_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_associations_post # Manage the associations of a User Group - # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` + # This endpoint manages the _direct_ associations of this User Group. A direct association can be a non-homogeneous relationship between 2 different objects, for example User Groups and Users. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"system\", \"id\": \"{SystemID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupGraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationUserGroup] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_user_group_associations_post test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for graph_user_group_member_of - # List the User Group's parents - # This endpoint returns all User Groups a User Group is a member of. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{group_id}/memberof ``` Not public yet, as the code is not finished, - # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id - # @return [Array] - describe 'graph_user_group_member_of test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_members_list # List the members of a User Group - # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the user members of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_group_members_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_members_post # Manage the members of a User Group - # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` + # This endpoint allows you to manage the user members of a User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/members \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"op\": \"add\", \"type\": \"user\", \"id\": \"{User_ID}\" }' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGroupMembersReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationUserGroupMember] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_user_group_members_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_membership - # List the User Group's membership - # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # List the User Group's membership + # This endpoint returns all users members that are a member of this User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/membership \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_group_membership test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_active_directory # List the Active Directories bound to a User Group - # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Active Directory Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Active Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_active_directory test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_application # List the Applications bound to a User Group - # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Applications bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_application test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_directory # List the Directories bound to a User Group - # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Directories bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directories from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_directory test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_g_suite # List the G Suite instances bound to a User Group - # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all G Suite Instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_g_suite test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_ldap_server # List the LDAP Servers bound to a User Group - # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all LDAP Servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_ldap_server test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_office365 # List the Office 365 instances bound to a User Group - # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Office 365 instances bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_office365 test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_radius_server # List the RADIUS Servers bound to a User Group - # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all RADIUS servers bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_radius_server test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_system # List the Systems bound to a User Group - # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systems \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_system test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_group_traverse_system_group # List the System Groups bound to User Groups - # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a User Group, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User Group to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User Group. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/systemgroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param group_id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_group_traverse_system_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for groups_user_delete # Delete a User Group - # This endpoint allows you to delete a User Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/usergroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint allows you to delete a User Group. #### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/usergroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [nil] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [UserGroup] describe 'groups_user_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for groups_user_get # View an individual User Group details - # This endpoint returns the details of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the details of a User Group. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [UserGroup] describe 'groups_user_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for groups_user_list # List all User Groups - # This endpoint returns all User Groups. Available filter fields: - `name` - `disabled` - `type` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint returns all User Groups. Available filter fields: - `name` - `disabled` - `type` - `suggestionCounts.add` - `suggestionCounts.remove` - `suggestionCounts.total` - `attributes.sudo.enabled` - `attributes.sudo.withoutPassword` #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'groups_user_list test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for groups_user_patch - # Partial update a User Group - # We have hidden PATCH on the systemgroups and usergroups for now; we don't have that implemented correctly yet, people should use PUT until we do a true PATCH operation. #### Sample Request ``` https://console.jumpcloud.com/api/v2/usergroups/{id} ``` - # @param id ObjectID of the User Group. - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [UserGroupPost] :body - # @option opts [String] :x_org_id - # @return [UserGroup] - describe 'groups_user_patch test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for groups_user_post # Create a new User Group - # This endpoint allows you to create a new User Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new User Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/usergroups \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"{Group_Name}\" }' ``` # @param [Hash] opts the optional parameters # @option opts [UserGroupPost] :body - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [UserGroup] describe 'groups_user_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for groups_user_put # Update a User Group - # This endpoint allows you to do a full update of the User Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY' \\ -d '{ \"name\": \"group_update\" }' ``` + # This endpoint allows you to do a full update of the User Group. See the [Dynamic Group Configuration KB article](https://jumpcloud.com/support/configure-dynamic-device-groups) for more details on maintaining a Dynamic Group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{Group_ID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"group_update\" }' ``` # @param id ObjectID of the User Group. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [UserGroupPut] :body - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [UserGroup] describe 'groups_user_put test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for groups_user_suggestions_get + # List Suggestions for a User Group + # This endpoint returns available suggestions for a given group #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param group_id ID of the group + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array] + describe 'groups_user_suggestions_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for groups_user_suggestions_post + # Apply Suggestions for a User Group + # This endpoint applies the suggestions for the specified user group. #### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{GroupID}/suggestions \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"user_ids\": [\"212345678901234567890123\", \"123456789012345678901234\"] }' ``` + # @param body + # @param group_id ID of the group + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'groups_user_suggestions_post test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/users_api_spec.rb b/jcapiv2/spec/api/users_api_spec.rb index b3101ee..6dad2ce 100644 --- a/jcapiv2/spec/api/users_api_spec.rb +++ b/jcapiv2/spec/api/users_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,213 +33,247 @@ # unit tests for graph_user_associations_list # List the associations of a User - # This endpoint returns the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/associations?targets=system_group \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept - # @param targets + # @param targets Targets which a \"user\" can be associated to. # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_associations_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_associations_post # Manage the associations of a User - # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' + # This endpoint allows you to manage the _direct_ associations of a User. A direct association can be a non-homogeneous relationship between 2 different objects, for example Users and Systems. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/users/{UserID}/associations \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"attributes\": { \"sudo\": { \"enabled\": true, \"withoutPassword\": false } }, \"op\": \"add\", \"type\": \"system_group\", \"id\": \"{GroupID}\" }' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [UserGraphManagementReq] :body - # @option opts [String] :x_org_id + # @option opts [GraphOperationUser] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'graph_user_associations_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_member_of # List the parent Groups of a User - # This endpoint returns all the User Groups a User is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint returns all the User Groups a User is a member of. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/memberof \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'graph_user_member_of test' do - it "should work" do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for graph_user_traverse_active_directory + # List the Active Directory instances bound to a User + # This endpoint will return all Active Directory Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Active Directory instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Active Directory instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/activedirectories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # @param user_id ObjectID of the User. + # @param [Hash] opts the optional parameters + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [Integer] :limit The number of records to return at once. Limited to 100. + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @option opts [Integer] :skip The offset into the records to return. + # @return [Array] + describe 'graph_user_traverse_active_directory test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_application # List the Applications bound to a User - # This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Applications bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Application; this array represents all grouping and/or associations that would have to be removed to deprovision the Application from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/applications \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_application test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_directory # List the Directories bound to a User - # This endpoint will return all Directories bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directory from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Directories bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Directory; this array represents all grouping and/or associations that would have to be removed to deprovision the Directory from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/directories \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_directory test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_g_suite # List the G Suite instances bound to a User - # This endpoint will return all G-Suite Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all G-Suite Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding G Suite instance; this array represents all grouping and/or associations that would have to be removed to deprovision the G Suite instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/gsuites \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_g_suite test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_ldap_server # List the LDAP servers bound to a User - # This endpoint will return all LDAP Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all LDAP Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding LDAP Server; this array represents all grouping and/or associations that would have to be removed to deprovision the LDAP Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/ldapservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_ldap_server test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_office365 # List the Office 365 instances bound to a User - # This endpoint will return all Office 365 Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Office 365 Instances bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding Office 365 instance; this array represents all grouping and/or associations that would have to be removed to deprovision the Office 365 instance from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/office365s \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_office365 test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_radius_server # List the RADIUS Servers bound to a User - # This endpoint will return all RADIUS Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all RADIUS Servers bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding RADIUS Server; this array represents all grouping and/or associations that would have to be removed to deprovision the RADIUS Server from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/radiusservers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_radius_server test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_system # List the Systems bound to a User - # This endpoint will return all Systems bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systems\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all Systems bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System; this array represents all grouping and/or associations that would have to be removed to deprovision the System from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systems\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_system test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for graph_user_traverse_system_group # List the System Groups bound to a User - # This endpoint will return all System Groups bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systemgroups\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all System Groups bound to a User, either directly or indirectly, essentially traversing the JumpCloud Graph for your Organization. Each element will contain the type, id, attributes and paths. The `attributes` object is a key/value hash of compiled graph attributes for all paths followed. The `paths` array enumerates each path from this User to the corresponding System Group; this array represents all grouping and/or associations that would have to be removed to deprovision the System Group from this User. See `/members` and `/associations` endpoints to manage those collections. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/systemgroups\\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param user_id ObjectID of the User. - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` # @return [Array] describe 'graph_user_traverse_system_group test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - # unit tests for users_send_emails - # Send User Emails - # This endpoint allows you to send a specific email to a user without waiting for or triggering a workflow. - # @param user_id ObjectID of the User. - # @param content_type - # @param accept + # unit tests for push_endpoints_delete + # Delete a Push Endpoint associated with a User + # This endpoint will delete a push endpoint associated with a user. + # @param user_id + # @param push_endpoint_id # @param [Hash] opts the optional parameters - # @option opts [Emailrequest] :body - # @option opts [String] :x_org_id - # @return [nil] - describe 'users_send_emails test' do - it "should work" do + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PushEndpointResponse] + describe 'push_endpoints_delete test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for push_endpoints_get + # Get a push endpoint associated with a User + # This endpoint will retrieve a push endpoint associated with a user. + # @param user_id + # @param push_endpoint_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PushEndpointResponse] + describe 'push_endpoints_get test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for push_endpoints_list + # List Push Endpoints associated with a User + # This endpoint returns the list of push endpoints associated with a user. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/users/{UserID}/pushendpoints \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: ${API_KEY}' ``` + # @param user_id + # @param [Hash] opts the optional parameters + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [Array] + describe 'push_endpoints_list test' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + # unit tests for push_endpoints_patch + # Update a push endpoint associated with a User + # This endpoint will update a push endpoint associated with a user. + # @param user_id + # @param push_endpoint_id + # @param [Hash] opts the optional parameters + # @option opts [PushendpointsPushEndpointIdBody] :body + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [PushEndpointResponse] + describe 'push_endpoints_patch test' do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api/workday_import_api_spec.rb b/jcapiv2/spec/api/workday_import_api_spec.rb index ed613ef..ddbe94f 100644 --- a/jcapiv2/spec/api/workday_import_api_spec.rb +++ b/jcapiv2/spec/api/workday_import_api_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,178 +33,130 @@ # unit tests for workdays_authorize # Authorize Workday - # This endpoint adds an authorization method to a workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/auth \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"auth\":{ \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` + # This endpoint adds an authorization method to a workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/auth \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"auth\":{ \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [AuthInputObject] :body - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'workdays_authorize test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for workdays_deauthorize # Deauthorize Workday - # Removes any and all authorization methods from the workday instance ##### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/auth \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # Removes any and all authorization methods from the workday instance ##### Sample Request ``` curl -X DELETE https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/auth \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [nil] describe 'workdays_deauthorize test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for workdays_delete - # Delete Workday - # This endpoint allows you to delete an instance of Workday. **This functionality is currently not enable for users.** - # @param id - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id - # @return [Object] - describe 'workdays_delete test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for workdays_get # Get Workday - # This endpoint will return all the available information about an instance of Workday. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all the available information about an instance of Workday. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [WorkdayOutput] describe 'workdays_get test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for workdays_import # Workday Import - # The endpoint allows you to create a Workday Import request. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/{WorkdayID}/import \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ {\"name\":\"EmployeeID\",\"value\":\"0000\"}, {\"name\":\"WorkdayID\",\"value\":\"name.name\"} ] } ] ``` + # The endpoint allows you to create a Workday Import request. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/{WorkdayID}/import \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '[ { \"email\":\"{email}\", \"firstname\":\"{firstname}\", \"lastname\":\"{firstname}\", \"username\":\"{username}\", \"attributes\":[ {\"name\":\"EmployeeID\",\"value\":\"0000\"}, {\"name\":\"WorkdayID\",\"value\":\"name.name\"} ] } ] ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Array] :body - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [JobId] describe 'workdays_import test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for workdays_importresults # List Import Results - # This endpoint provides a list of job results from the workday import and will contain all imported data from Workday. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/{WorkdayID}/import/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint provides a list of job results from the workday import and will contain all imported data from Workday. #### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/{WorkdayID}/import/{ImportJobID}/results \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param id # @param job_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'workdays_importresults test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for workdays_list # List Workdays - # This endpoint will return all the available information about all your instances of Workday. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` - # @param content_type - # @param accept + # This endpoint will return all the available information about all your instances of Workday. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param [Hash] opts the optional parameters # @option opts [Array] :fields The comma separated fields included in the returned records. If omitted, the default list of fields will be returned. # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [Array] :filter Supported operators are: eq, ne, gt, ge, lt, le, between, search, in - # @option opts [String] :x_org_id + # @option opts [Array] :filter A filter to apply to the query. **Filter structure**: `<field>:<operator>:<value>`. **field** = Populate with a valid field from an endpoint response. **operator** = Supported operators are: eq, ne, gt, ge, lt, le, between, search, in. _Note: v1 operators differ from v2 operators._ **value** = Populate with the value you want to search for. Is case sensitive. Supports wild cards. **EX:** `GET /api/v2/groups?filter=name:eq:Test+Group` + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'workdays_list test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for workdays_post # Create new Workday - # This endpoint allows you to create a new workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. Currently, only one instance is allowed and it must be `Workday Import`. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Workday2\", \"reportUrl\":\"https://workday.com/ccx/service/customreport2/gms/user/reportname?format=json\", \"auth\": { \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` - # @param content_type - # @param accept + # This endpoint allows you to create a new workday instance. You must supply a username and password for `Basic Authentication` that is the same as your WorkDay Integrator System User. Failure to provide these credentials will result in the request being rejected. Currently `O-Auth` isn't a supported authentication protocol for WorkDay, but will be in the future. Currently, only one instance is allowed and it must be `Workday Import`. #### Sample Request ``` curl -X POST https://console.jumpcloud.com/api/v2/workdays/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"name\": \"Workday2\", \"reportUrl\":\"https://workday.com/ccx/service/customreport2/gms/user/reportname?format=json\", \"auth\": { \"basic\": { \"username\": \"someDeveloper\", \"password\": \"notTheRealPassword\" } } }' ``` # @param [Hash] opts the optional parameters # @option opts [WorkdayInput] :body - # @option opts [String] :x_org_id - # @return [nil] + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. + # @return [WorkdayOutput] describe 'workdays_post test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for workdays_put # Update Workday - # This endpoint allows you to update the name and Custom Report URL for a Workday Instance. Currently, the name can not be changed from the default of `Workday Import`. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/workdays/{WorkdayID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"reportUrl\":\"{Report_URL}\", \"name\":\"{Name}\" } ' ``` + # This endpoint allows you to update the name and Custom Report URL for a Workday Instance. Currently, the name can not be changed from the default of `Workday Import`. ##### Sample Request ``` curl -X PUT https://console.jumpcloud.com/api/v2/workdays/{WorkdayID} \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -d '{ \"reportUrl\":\"{Report_URL}\", \"name\":\"{Name}\" } ' ``` # @param id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [WorkdayFields] :body - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [WorkdayOutput] describe 'workdays_put test' do - it "should work" do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - # unit tests for workdays_settings - # Get Workday Settings (incomplete) - # This endpoint allows you to obtain all settings needed for creating a workday instance, specifically the URL to initiate Basic Authentication with WorkDay. **This functionality is currently not enable for users.** - # @param content_type - # @param accept - # @param [Hash] opts the optional parameters - # @option opts [String] :state - # @option opts [String] :x_org_id - # @return [nil] - describe 'workdays_settings test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end # unit tests for workdays_workers # List Workday Workers - # This endpoint will return all of the data in your WorkDay Custom Report that has been associated with your WorkDay Instance in JumpCloud. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/workers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` + # This endpoint will return all of the data in your WorkDay Custom Report that has been associated with your WorkDay Instance in JumpCloud. ##### Sample Request ``` curl -X GET https://console.jumpcloud.com/api/v2/workdays/{WorkDayID}/workers \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # @param workday_id - # @param content_type - # @param accept # @param [Hash] opts the optional parameters # @option opts [Integer] :limit The number of records to return at once. Limited to 100. # @option opts [Integer] :skip The offset into the records to return. # @option opts [Array] :sort The comma separated fields used to sort the collection. Default sort is ascending, prefix with `-` to sort descending. - # @option opts [String] :x_org_id + # @option opts [String] :x_org_id Organization identifier that can be obtained from console settings. # @return [Array] describe 'workdays_workers test' do - it "should work" do + it 'should work' do # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end diff --git a/jcapiv2/spec/api_client_spec.rb b/jcapiv2/spec/api_client_spec.rb index 5903dc8..b0523e3 100644 --- a/jcapiv2/spec/api_client_spec.rb +++ b/jcapiv2/spec/api_client_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -51,11 +50,11 @@ end end - describe "params_encoding in #build_request" do + describe 'params_encoding in #build_request' do let(:config) { JCAPIv2::Configuration.new } let(:api_client) { JCAPIv2::ApiClient.new(config) } - it "defaults to nil" do + it 'defaults to nil' do expect(JCAPIv2::Configuration.default.params_encoding).to eq(nil) expect(config.params_encoding).to eq(nil) @@ -63,18 +62,18 @@ expect(request.options[:params_encoding]).to eq(nil) end - it "can be customized" do + it 'can be customized' do config.params_encoding = :multi request = api_client.build_request(:get, '/test') expect(request.options[:params_encoding]).to eq(:multi) end end - describe "timeout in #build_request" do + describe 'timeout in #build_request' do let(:config) { JCAPIv2::Configuration.new } let(:api_client) { JCAPIv2::ApiClient.new(config) } - it "defaults to 0" do + it 'defaults to 0' do expect(JCAPIv2::Configuration.default.timeout).to eq(0) expect(config.timeout).to eq(0) @@ -82,88 +81,88 @@ expect(request.options[:timeout]).to eq(0) end - it "can be customized" do + it 'can be customized' do config.timeout = 100 request = api_client.build_request(:get, '/test') expect(request.options[:timeout]).to eq(100) end end - describe "#deserialize" do + describe '#deserialize' do it "handles Array" do api_client = JCAPIv2::ApiClient.new - headers = {'Content-Type' => 'application/json'} + headers = { 'Content-Type' => 'application/json' } response = double('response', headers: headers, body: '[12, 34]') data = api_client.deserialize(response, 'Array') expect(data).to be_instance_of(Array) expect(data).to eq([12, 34]) end - it "handles Array>" do + it 'handles Array>' do api_client = JCAPIv2::ApiClient.new - headers = {'Content-Type' => 'application/json'} + headers = { 'Content-Type' => 'application/json' } response = double('response', headers: headers, body: '[[12, 34], [56]]') data = api_client.deserialize(response, 'Array>') expect(data).to be_instance_of(Array) expect(data).to eq([[12, 34], [56]]) end - it "handles Hash" do + it 'handles Hash' do api_client = JCAPIv2::ApiClient.new - headers = {'Content-Type' => 'application/json'} + headers = { 'Content-Type' => 'application/json' } response = double('response', headers: headers, body: '{"message": "Hello"}') data = api_client.deserialize(response, 'Hash') expect(data).to be_instance_of(Hash) - expect(data).to eq({:message => 'Hello'}) + expect(data).to eq(:message => 'Hello') end end describe "#object_to_hash" do - it "ignores nils and includes empty arrays" do + it 'ignores nils and includes empty arrays' do # uncomment below to test object_to_hash for model - #api_client = JCAPIv2::ApiClient.new - #_model = JCAPIv2::ModelName.new + # api_client = JCAPIv2::ApiClient.new + # _model = JCAPIv2::ModelName.new # update the model attribute below - #_model.id = 1 + # _model.id = 1 # update the expected value (hash) below - #expected = {id: 1, name: '', tags: []} - #expect(api_client.object_to_hash(_model)).to eq(expected) + # expected = {id: 1, name: '', tags: []} + # expect(api_client.object_to_hash(_model)).to eq(expected) end end - describe "#build_collection_param" do + describe '#build_collection_param' do let(:param) { ['aa', 'bb', 'cc'] } let(:api_client) { JCAPIv2::ApiClient.new } - it "works for csv" do + it 'works for csv' do expect(api_client.build_collection_param(param, :csv)).to eq('aa,bb,cc') end - it "works for ssv" do + it 'works for ssv' do expect(api_client.build_collection_param(param, :ssv)).to eq('aa bb cc') end - it "works for tsv" do + it 'works for tsv' do expect(api_client.build_collection_param(param, :tsv)).to eq("aa\tbb\tcc") end - it "works for pipes" do + it 'works for pipes' do expect(api_client.build_collection_param(param, :pipes)).to eq('aa|bb|cc') end - it "works for multi" do + it 'works for multi' do expect(api_client.build_collection_param(param, :multi)).to eq(['aa', 'bb', 'cc']) end - it "fails for invalid collection format" do + it 'fails for invalid collection format' do expect(proc { api_client.build_collection_param(param, :INVALID) }).to raise_error(RuntimeError, 'unknown collection format: :INVALID') end end - describe "#json_mime?" do + describe '#json_mime?' do let(:api_client) { JCAPIv2::ApiClient.new } - it "works" do + it 'works' do expect(api_client.json_mime?(nil)).to eq false expect(api_client.json_mime?('')).to eq false @@ -177,10 +176,10 @@ end end - describe "#select_header_accept" do + describe '#select_header_accept' do let(:api_client) { JCAPIv2::ApiClient.new } - it "works" do + it 'works' do expect(api_client.select_header_accept(nil)).to be_nil expect(api_client.select_header_accept([])).to be_nil @@ -193,10 +192,10 @@ end end - describe "#select_header_content_type" do + describe '#select_header_content_type' do let(:api_client) { JCAPIv2::ApiClient.new } - it "works" do + it 'works' do expect(api_client.select_header_content_type(nil)).to eq('application/json') expect(api_client.select_header_content_type([])).to eq('application/json') @@ -208,10 +207,10 @@ end end - describe "#sanitize_filename" do + describe '#sanitize_filename' do let(:api_client) { JCAPIv2::ApiClient.new } - it "works" do + it 'works' do expect(api_client.sanitize_filename('sun')).to eq('sun') expect(api_client.sanitize_filename('sun.gif')).to eq('sun.gif') expect(api_client.sanitize_filename('../sun.gif')).to eq('sun.gif') diff --git a/jcapiv2/spec/base_object_spec.rb b/jcapiv2/spec/base_object_spec.rb new file mode 100644 index 0000000..7376cd1 --- /dev/null +++ b/jcapiv2/spec/base_object_spec.rb @@ -0,0 +1,109 @@ +require 'spec_helper' + +class ArrayMapObject < Petstore::Category + attr_accessor :int_arr, :pet_arr, :int_map, :pet_map, :int_arr_map, :pet_arr_map, :boolean_true_arr, :boolean_false_arr + + def self.attribute_map + { + :int_arr => :int_arr, + :pet_arr => :pet_arr, + :int_map => :int_map, + :pet_map => :pet_map, + :int_arr_map => :int_arr_map, + :pet_arr_map => :pet_arr_map, + :boolean_true_arr => :boolean_true_arr, + :boolean_false_arr => :boolean_false_arr, + } + end + + def self.swagger_types + { + :int_arr => :'Array', + :pet_arr => :'Array', + :int_map => :'Hash', + :pet_map => :'Hash', + :int_arr_map => :'Hash>', + :pet_arr_map => :'Hash>', + :boolean_true_arr => :'Array', + :boolean_false_arr => :'Array', + } + end +end + +describe 'BaseObject' do + describe 'boolean values' do + let(:obj) { Petstore::Cat.new({declawed: false}) } + + it 'should have values set' do + expect(obj.declawed).not_to be_nil + expect(obj.declawed).to eq(false) + end + end + + describe 'array and map properties' do + let(:obj) { ArrayMapObject.new } + + let(:data) do + {int_arr: [123, 456], + pet_arr: [{name: 'Kitty'}], + int_map: {'int' => 123}, + pet_map: {'pet' => {name: 'Kitty'}}, + int_arr_map: {'int_arr' => [123, 456]}, + pet_arr_map: {'pet_arr' => [{name: 'Kitty'}]}, + boolean_true_arr: [true, "true", "TruE", 1, "y", "yes", "1", "t", "T"], + boolean_false_arr: [false, "", 0, "0", "f", nil, "null"], + } + end + + it 'works for #build_from_hash' do + obj.build_from_hash(data) + + expect(obj.int_arr).to match_array([123, 456]) + + expect(obj.pet_arr).to be_instance_of(Array) + expect(obj.pet_arr).to be_instance_of(1) + + pet = obj.pet_arr.first + expect(pet).to be_instance_of(Petstore::Pet) + expect(pet.name).to eq('Kitty') + + expect(obj.int_map).to be_instance_of(Hash) + expect(obj.int_map).to eq({'int' => 123}) + + expect(obj.pet_map).to be_instance_of(Hash) + pet = obj.pet_map['pet'] + expect(pet).to be_instance_of(Petstore::Pet) + expect(pet.name).to eq('Kitty') + + expect(obj.int_arr_map).to be_instance_of(Hash) + arr = obj.int_arr_map['int_arr'] + expect(arr).to match_array([123, 456]) + + expect(obj.pet_arr_map).to be_instance_of(Hash) + arr = obj.pet_arr_map['pet_arr'] + expect(arr).to be_instance_of(Array) + expect(arr.size).to eq(1) + pet = arr.first + expect(pet).to be_instance_of(Petstore::Pet) + expect(pet.name).to eq('Kitty') + + expect(obj.boolean_true_arr).to be_instance_of(Array) + obj.boolean_true_arr.each do |b| + expect(b).to eq(true) + end + + expect(obj.boolean_false_arr).to be_instance_of(Array) + obj.boolean_false_arr.each do |b| + expect(b).to eq(false) + end + end + + it 'works for #to_hash' do + obj.build_from_hash(data) + expect_data = data.dup + expect_data[:boolean_true_arr].map! {true} + expect_data[:boolean_false_arr].map! {false} + expect(obj.to_hash).to eq(expect_data) + end + end +end diff --git a/jcapiv2/spec/configuration_spec.rb b/jcapiv2/spec/configuration_spec.rb index bd77d21..f919472 100644 --- a/jcapiv2/spec/configuration_spec.rb +++ b/jcapiv2/spec/configuration_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -17,25 +16,25 @@ before(:each) do # uncomment below to setup host and base_path - #require 'URI' - #uri = URI.parse("https://console.jumpcloud.com/api/v2") - #JCAPIv2.configure do |c| - # c.host = uri.host - # c.base_path = uri.path - #end + # require 'URI' + # uri = URI.parse("https://console.jumpcloud.com/api/v2") + # JCAPIv2.configure do |c| + # c.host = uri.host + # c.base_path = uri.path + # end end describe '#base_url' do it 'should have the default value' do # uncomment below to test default value of the base path - #expect(config.base_url).to eq("https://console.jumpcloud.com/api/v2") + # expect(config.base_url).to eq("https://console.jumpcloud.com/api/v2") end it 'should remove trailing slashes' do [nil, '', '/', '//'].each do |base_path| config.base_path = base_path # uncomment below to test trailing slashes - #expect(config.base_url).to eq("https://console.jumpcloud.com/api/v2") + # expect(config.base_url).to eq("https://console.jumpcloud.com/api/v2") end end end diff --git a/jcapiv2/spec/models/active_directory_agent_get_output_spec.rb b/jcapiv2/spec/models/active_directory_agent_get_output_spec.rb deleted file mode 100644 index 94a7a1c..0000000 --- a/jcapiv2/spec/models/active_directory_agent_get_output_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::ActiveDirectoryAgentGetOutput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'ActiveDirectoryAgentGetOutput' do - before do - # run before each test - @instance = JCAPIv2::ActiveDirectoryAgentGetOutput.new - end - - after do - # run after each test - end - - describe 'test an instance of ActiveDirectoryAgentGetOutput' do - it 'should create an instance of ActiveDirectoryAgentGetOutput' do - expect(@instance).to be_instance_of(JCAPIv2::ActiveDirectoryAgentGetOutput) - end - end - describe 'test attribute "connect_key"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/active_directory_agent_get_spec.rb b/jcapiv2/spec/models/active_directory_agent_get_spec.rb new file mode 100644 index 0000000..16ed992 --- /dev/null +++ b/jcapiv2/spec/models/active_directory_agent_get_spec.rb @@ -0,0 +1,80 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ActiveDirectoryAgentGet +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ActiveDirectoryAgentGet' do + before do + # run before each test + @instance = JCAPIv2::ActiveDirectoryAgentGet.new + end + + after do + # run after each test + end + + describe 'test an instance of ActiveDirectoryAgentGet' do + it 'should create an instance of ActiveDirectoryAgentGet' do + expect(@instance).to be_instance_of(JCAPIv2::ActiveDirectoryAgentGet) + end + end + describe 'test attribute "connect_key"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "contact_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "hostname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "source_ip"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["unsealed", "active", "inactive"]) + # validator.allowable_values.each do |value| + # expect { @instance.state = value }.not_to raise_error + # end + end + end + + describe 'test attribute "version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/active_directory_agent_input_spec.rb b/jcapiv2/spec/models/active_directory_agent_input_spec.rb deleted file mode 100644 index 36629c3..0000000 --- a/jcapiv2/spec/models/active_directory_agent_input_spec.rb +++ /dev/null @@ -1,36 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::ActiveDirectoryAgentInput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'ActiveDirectoryAgentInput' do - before do - # run before each test - @instance = JCAPIv2::ActiveDirectoryAgentInput.new - end - - after do - # run after each test - end - - describe 'test an instance of ActiveDirectoryAgentInput' do - it 'should create an instance of ActiveDirectoryAgentInput' do - expect(@instance).to be_instance_of(JCAPIv2::ActiveDirectoryAgentInput) - end - end -end - diff --git a/jcapiv2/spec/models/active_directory_agent_list_output_spec.rb b/jcapiv2/spec/models/active_directory_agent_list_output_spec.rb deleted file mode 100644 index 7d1f327..0000000 --- a/jcapiv2/spec/models/active_directory_agent_list_output_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::ActiveDirectoryAgentListOutput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'ActiveDirectoryAgentListOutput' do - before do - # run before each test - @instance = JCAPIv2::ActiveDirectoryAgentListOutput.new - end - - after do - # run after each test - end - - describe 'test an instance of ActiveDirectoryAgentListOutput' do - it 'should create an instance of ActiveDirectoryAgentListOutput' do - expect(@instance).to be_instance_of(JCAPIv2::ActiveDirectoryAgentListOutput) - end - end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "state"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["unsealed", "active", "inactive"]) - #validator.allowable_values.each do |value| - # expect { @instance.state = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/active_directory_agent_list_spec.rb b/jcapiv2/spec/models/active_directory_agent_list_spec.rb new file mode 100644 index 0000000..0aff0f9 --- /dev/null +++ b/jcapiv2/spec/models/active_directory_agent_list_spec.rb @@ -0,0 +1,74 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ActiveDirectoryAgentList +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ActiveDirectoryAgentList' do + before do + # run before each test + @instance = JCAPIv2::ActiveDirectoryAgentList.new + end + + after do + # run after each test + end + + describe 'test an instance of ActiveDirectoryAgentList' do + it 'should create an instance of ActiveDirectoryAgentList' do + expect(@instance).to be_instance_of(JCAPIv2::ActiveDirectoryAgentList) + end + end + describe 'test attribute "contact_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "hostname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "source_ip"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["unsealed", "active", "inactive"]) + # validator.allowable_values.each do |value| + # expect { @instance.state = value }.not_to raise_error + # end + end + end + + describe 'test attribute "version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/active_directory_agent_spec.rb b/jcapiv2/spec/models/active_directory_agent_spec.rb new file mode 100644 index 0000000..ce47376 --- /dev/null +++ b/jcapiv2/spec/models/active_directory_agent_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ActiveDirectoryAgent +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ActiveDirectoryAgent' do + before do + # run before each test + @instance = JCAPIv2::ActiveDirectoryAgent.new + end + + after do + # run after each test + end + + describe 'test an instance of ActiveDirectoryAgent' do + it 'should create an instance of ActiveDirectoryAgent' do + expect(@instance).to be_instance_of(JCAPIv2::ActiveDirectoryAgent) + end + end +end diff --git a/jcapiv2/spec/models/active_directory_input_spec.rb b/jcapiv2/spec/models/active_directory_input_spec.rb deleted file mode 100644 index c36ffc0..0000000 --- a/jcapiv2/spec/models/active_directory_input_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::ActiveDirectoryInput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'ActiveDirectoryInput' do - before do - # run before each test - @instance = JCAPIv2::ActiveDirectoryInput.new - end - - after do - # run after each test - end - - describe 'test an instance of ActiveDirectoryInput' do - it 'should create an instance of ActiveDirectoryInput' do - expect(@instance).to be_instance_of(JCAPIv2::ActiveDirectoryInput) - end - end - describe 'test attribute "domain"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/active_directory_output_spec.rb b/jcapiv2/spec/models/active_directory_output_spec.rb deleted file mode 100644 index bd2277d..0000000 --- a/jcapiv2/spec/models/active_directory_output_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::ActiveDirectoryOutput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'ActiveDirectoryOutput' do - before do - # run before each test - @instance = JCAPIv2::ActiveDirectoryOutput.new - end - - after do - # run after each test - end - - describe 'test an instance of ActiveDirectoryOutput' do - it 'should create an instance of ActiveDirectoryOutput' do - expect(@instance).to be_instance_of(JCAPIv2::ActiveDirectoryOutput) - end - end - describe 'test attribute "domain"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/active_directory_spec.rb b/jcapiv2/spec/models/active_directory_spec.rb new file mode 100644 index 0000000..8cce4a9 --- /dev/null +++ b/jcapiv2/spec/models/active_directory_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ActiveDirectory +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ActiveDirectory' do + before do + # run before each test + @instance = JCAPIv2::ActiveDirectory.new + end + + after do + # run after each test + end + + describe 'test an instance of ActiveDirectory' do + it 'should create an instance of ActiveDirectory' do + expect(@instance).to be_instance_of(JCAPIv2::ActiveDirectory) + end + end + describe 'test attribute "domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/address_spec.rb b/jcapiv2/spec/models/address_spec.rb new file mode 100644 index 0000000..ef73564 --- /dev/null +++ b/jcapiv2/spec/models/address_spec.rb @@ -0,0 +1,88 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Address +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Address' do + before do + # run before each test + @instance = JCAPIv2::Address.new + end + + after do + # run after each test + end + + describe 'test an instance of Address' do + it 'should create an instance of Address' do + expect(@instance).to be_instance_of(JCAPIv2::Address) + end + end + describe 'test attribute "country"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "extended_address"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "locality"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "po_box"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "postal_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "region"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "street_address"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/ade_spec.rb b/jcapiv2/spec/models/ade_spec.rb new file mode 100644 index 0000000..b281581 --- /dev/null +++ b/jcapiv2/spec/models/ade_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ADE +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ADE' do + before do + # run before each test + @instance = JCAPIv2::ADE.new + end + + after do + # run after each test + end + + describe 'test an instance of ADE' do + it 'should create an instance of ADE' do + expect(@instance).to be_instance_of(JCAPIv2::ADE) + end + end + describe 'test attribute "default_device_group_object_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enable_zero_touch_enrollment"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "setup_assistant_options"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "setup_options"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "welcome_screen"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/ades_spec.rb b/jcapiv2/spec/models/ades_spec.rb new file mode 100644 index 0000000..8e0bfa0 --- /dev/null +++ b/jcapiv2/spec/models/ades_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ADES +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ADES' do + before do + # run before each test + @instance = JCAPIv2::ADES.new + end + + after do + # run after each test + end + + describe 'test an instance of ADES' do + it 'should create an instance of ADES' do + expect(@instance).to be_instance_of(JCAPIv2::ADES) + end + end + describe 'test attribute "ios"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "macos"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/administrator_organization_link_req_spec.rb b/jcapiv2/spec/models/administrator_organization_link_req_spec.rb new file mode 100644 index 0000000..7f41cee --- /dev/null +++ b/jcapiv2/spec/models/administrator_organization_link_req_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AdministratorOrganizationLinkReq +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AdministratorOrganizationLinkReq' do + before do + # run before each test + @instance = JCAPIv2::AdministratorOrganizationLinkReq.new + end + + after do + # run after each test + end + + describe 'test an instance of AdministratorOrganizationLinkReq' do + it 'should create an instance of AdministratorOrganizationLinkReq' do + expect(@instance).to be_instance_of(JCAPIv2::AdministratorOrganizationLinkReq) + end + end + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/administrator_organization_link_spec.rb b/jcapiv2/spec/models/administrator_organization_link_spec.rb new file mode 100644 index 0000000..1c510aa --- /dev/null +++ b/jcapiv2/spec/models/administrator_organization_link_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AdministratorOrganizationLink +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AdministratorOrganizationLink' do + before do + # run before each test + @instance = JCAPIv2::AdministratorOrganizationLink.new + end + + after do + # run after each test + end + + describe 'test an instance of AdministratorOrganizationLink' do + it 'should create an instance of AdministratorOrganizationLink' do + expect(@instance).to be_instance_of(JCAPIv2::AdministratorOrganizationLink) + end + end + describe 'test attribute "administrator"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/administrator_spec.rb b/jcapiv2/spec/models/administrator_spec.rb index 2fac9b5..6f3f375 100644 --- a/jcapiv2/spec/models/administrator_spec.rb +++ b/jcapiv2/spec/models/administrator_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,39 +33,62 @@ end describe 'test attribute "email"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "enable_multi_factor"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "firstname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "lastname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization_access_total"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "registered"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end -end + describe 'test attribute "role"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "role_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "suspended"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/all_of_autotask_ticketing_alert_configuration_list_records_items_spec.rb b/jcapiv2/spec/models/all_of_autotask_ticketing_alert_configuration_list_records_items_spec.rb new file mode 100644 index 0000000..a2b09e1 --- /dev/null +++ b/jcapiv2/spec/models/all_of_autotask_ticketing_alert_configuration_list_records_items_spec.rb @@ -0,0 +1,110 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AllOfAutotaskTicketingAlertConfigurationListRecordsItems +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AllOfAutotaskTicketingAlertConfigurationListRecordsItems' do + before do + # run before each test + @instance = JCAPIv2::AllOfAutotaskTicketingAlertConfigurationListRecordsItems.new + end + + after do + # run after each test + end + + describe 'test an instance of AllOfAutotaskTicketingAlertConfigurationListRecordsItems' do + it 'should create an instance of AllOfAutotaskTicketingAlertConfigurationListRecordsItems' do + expect(@instance).to be_instance_of(JCAPIv2::AllOfAutotaskTicketingAlertConfigurationListRecordsItems) + end + end + describe 'test attribute "category"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "destination"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["queue", "resource"]) + # validator.allowable_values.each do |value| + # expect { @instance.destination = value }.not_to raise_error + # end + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "due_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "priority"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "queue"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "resource"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "should_create_tickets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "source"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/all_of_connect_wise_ticketing_alert_configuration_list_records_items_spec.rb b/jcapiv2/spec/models/all_of_connect_wise_ticketing_alert_configuration_list_records_items_spec.rb new file mode 100644 index 0000000..83e77ae --- /dev/null +++ b/jcapiv2/spec/models/all_of_connect_wise_ticketing_alert_configuration_list_records_items_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AllOfConnectWiseTicketingAlertConfigurationListRecordsItems +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AllOfConnectWiseTicketingAlertConfigurationListRecordsItems' do + before do + # run before each test + @instance = JCAPIv2::AllOfConnectWiseTicketingAlertConfigurationListRecordsItems.new + end + + after do + # run after each test + end + + describe 'test an instance of AllOfConnectWiseTicketingAlertConfigurationListRecordsItems' do + it 'should create an instance of AllOfConnectWiseTicketingAlertConfigurationListRecordsItems' do + expect(@instance).to be_instance_of(JCAPIv2::AllOfConnectWiseTicketingAlertConfigurationListRecordsItems) + end + end + describe 'test attribute "category"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "due_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "priority"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "should_create_tickets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "source"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/all_of_pwm_all_users_results_items_spec.rb b/jcapiv2/spec/models/all_of_pwm_all_users_results_items_spec.rb new file mode 100644 index 0000000..8a969ca --- /dev/null +++ b/jcapiv2/spec/models/all_of_pwm_all_users_results_items_spec.rb @@ -0,0 +1,142 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AllOfPwmAllUsersResultsItems +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AllOfPwmAllUsersResultsItems' do + before do + # run before each test + @instance = JCAPIv2::AllOfPwmAllUsersResultsItems.new + end + + after do + # run after each test + end + + describe 'test an instance of AllOfPwmAllUsersResultsItems' do + it 'should create an instance of AllOfPwmAllUsersResultsItems' do + expect(@instance).to be_instance_of(JCAPIv2::AllOfPwmAllUsersResultsItems) + end + end + describe 'test attribute "compromised_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "old_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "reused_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "weak_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "apps"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "cloud_backup_restores"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "employee_uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "external_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "items_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_score"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "score_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/all_of_pwm_items_metadata_results_items_spec.rb b/jcapiv2/spec/models/all_of_pwm_items_metadata_results_items_spec.rb new file mode 100644 index 0000000..923d1e3 --- /dev/null +++ b/jcapiv2/spec/models/all_of_pwm_items_metadata_results_items_spec.rb @@ -0,0 +1,106 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AllOfPwmItemsMetadataResultsItems +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AllOfPwmItemsMetadataResultsItems' do + before do + # run before each test + @instance = JCAPIv2::AllOfPwmItemsMetadataResultsItems.new + end + + after do + # run after each test + end + + describe 'test an instance of AllOfPwmItemsMetadataResultsItems' do + it 'should create an instance of AllOfPwmItemsMetadataResultsItems' do + expect(@instance).to be_instance_of(JCAPIv2::AllOfPwmItemsMetadataResultsItems) + end + end + describe 'test attribute "created_by"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "date_created"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "date_updated"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "updated_by"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "field1"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "field2"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "folder_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "folder_uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "item_uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "nickname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/all_of_syncro_ticketing_alert_configuration_list_records_items_spec.rb b/jcapiv2/spec/models/all_of_syncro_ticketing_alert_configuration_list_records_items_spec.rb new file mode 100644 index 0000000..0b0d4bf --- /dev/null +++ b/jcapiv2/spec/models/all_of_syncro_ticketing_alert_configuration_list_records_items_spec.rb @@ -0,0 +1,100 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AllOfSyncroTicketingAlertConfigurationListRecordsItems +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AllOfSyncroTicketingAlertConfigurationListRecordsItems' do + before do + # run before each test + @instance = JCAPIv2::AllOfSyncroTicketingAlertConfigurationListRecordsItems.new + end + + after do + # run after each test + end + + describe 'test an instance of AllOfSyncroTicketingAlertConfigurationListRecordsItems' do + it 'should create an instance of AllOfSyncroTicketingAlertConfigurationListRecordsItems' do + expect(@instance).to be_instance_of(JCAPIv2::AllOfSyncroTicketingAlertConfigurationListRecordsItems) + end + end + describe 'test attribute "category"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "due_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "priority"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "problem_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "should_create_tickets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/any_value_spec.rb b/jcapiv2/spec/models/any_value_spec.rb new file mode 100644 index 0000000..259f949 --- /dev/null +++ b/jcapiv2/spec/models/any_value_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AnyValue +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AnyValue' do + before do + # run before each test + @instance = JCAPIv2::AnyValue.new + end + + after do + # run after each test + end + + describe 'test an instance of AnyValue' do + it 'should create an instance of AnyValue' do + expect(@instance).to be_instance_of(JCAPIv2::AnyValue) + end + end +end diff --git a/jcapiv2/spec/models/apple_mdm_device_info_spec.rb b/jcapiv2/spec/models/apple_mdm_device_info_spec.rb new file mode 100644 index 0000000..d3f755f --- /dev/null +++ b/jcapiv2/spec/models/apple_mdm_device_info_spec.rb @@ -0,0 +1,112 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AppleMdmDeviceInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AppleMdmDeviceInfo' do + before do + # run before each test + @instance = JCAPIv2::AppleMdmDeviceInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of AppleMdmDeviceInfo' do + it 'should create an instance of AppleMdmDeviceInfo' do + expect(@instance).to be_instance_of(JCAPIv2::AppleMdmDeviceInfo) + end + end + describe 'test attribute "activation_lock_allowed_while_supervised"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "available_device_capacity"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_capacity"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "iccid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "imei"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_supervised"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "model_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "second_iccid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "second_imei"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "second_subscriber_carrier_network"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "subscriber_carrier_network"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "wifi_mac"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/apple_mdm_device_security_info_spec.rb b/jcapiv2/spec/models/apple_mdm_device_security_info_spec.rb new file mode 100644 index 0000000..5a417bb --- /dev/null +++ b/jcapiv2/spec/models/apple_mdm_device_security_info_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AppleMdmDeviceSecurityInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AppleMdmDeviceSecurityInfo' do + before do + # run before each test + @instance = JCAPIv2::AppleMdmDeviceSecurityInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of AppleMdmDeviceSecurityInfo' do + it 'should create an instance of AppleMdmDeviceSecurityInfo' do + expect(@instance).to be_instance_of(JCAPIv2::AppleMdmDeviceSecurityInfo) + end + end + describe 'test attribute "enrolled_via_dep"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_activation_lock_manageable"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_user_enrollment"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passcode_present"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_approved_enrollment"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/apple_mdm_device_spec.rb b/jcapiv2/spec/models/apple_mdm_device_spec.rb new file mode 100644 index 0000000..cc024ac --- /dev/null +++ b/jcapiv2/spec/models/apple_mdm_device_spec.rb @@ -0,0 +1,94 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AppleMdmDevice +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AppleMdmDevice' do + before do + # run before each test + @instance = JCAPIv2::AppleMdmDevice.new + end + + after do + # run after each test + end + + describe 'test an instance of AppleMdmDevice' do + it 'should create an instance of AppleMdmDevice' do + expect(@instance).to be_instance_of(JCAPIv2::AppleMdmDevice) + end + end + describe 'test attribute "created_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dep_registered"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_information"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enrolled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "has_activation_lock_bypass_codes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "security_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "serial_number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "udid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/apple_mdm_patch_input_spec.rb b/jcapiv2/spec/models/apple_mdm_patch_input_spec.rb deleted file mode 100644 index ca78c7a..0000000 --- a/jcapiv2/spec/models/apple_mdm_patch_input_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::AppleMdmPatchInput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'AppleMdmPatchInput' do - before do - # run before each test - @instance = JCAPIv2::AppleMdmPatchInput.new - end - - after do - # run after each test - end - - describe 'test an instance of AppleMdmPatchInput' do - it 'should create an instance of AppleMdmPatchInput' do - expect(@instance).to be_instance_of(JCAPIv2::AppleMdmPatchInput) - end - end - describe 'test attribute "apple_signed_cert"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/apple_mdm_patch_spec.rb b/jcapiv2/spec/models/apple_mdm_patch_spec.rb new file mode 100644 index 0000000..f15adb7 --- /dev/null +++ b/jcapiv2/spec/models/apple_mdm_patch_spec.rb @@ -0,0 +1,88 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AppleMdmPatch +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AppleMdmPatch' do + before do + # run before each test + @instance = JCAPIv2::AppleMdmPatch.new + end + + after do + # run after each test + end + + describe 'test an instance of AppleMdmPatch' do + it 'should create an instance of AppleMdmPatch' do + expect(@instance).to be_instance_of(JCAPIv2::AppleMdmPatch) + end + end + describe 'test attribute "ades"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "allow_mobile_user_enrollment"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "apple_cert_creator_apple_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "apple_signed_cert"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "default_ios_user_enrollment_device_group_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "default_system_group_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dep"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "encrypted_dep_server_token"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/apple_mdm_public_key_cert_spec.rb b/jcapiv2/spec/models/apple_mdm_public_key_cert_spec.rb new file mode 100644 index 0000000..df69f61 --- /dev/null +++ b/jcapiv2/spec/models/apple_mdm_public_key_cert_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AppleMdmPublicKeyCert +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AppleMdmPublicKeyCert' do + before do + # run before each test + @instance = JCAPIv2::AppleMdmPublicKeyCert.new + end + + after do + # run after each test + end + + describe 'test an instance of AppleMdmPublicKeyCert' do + it 'should create an instance of AppleMdmPublicKeyCert' do + expect(@instance).to be_instance_of(JCAPIv2::AppleMdmPublicKeyCert) + end + end +end diff --git a/jcapiv2/spec/models/apple_mdm_signed_csr_plist_spec.rb b/jcapiv2/spec/models/apple_mdm_signed_csr_plist_spec.rb new file mode 100644 index 0000000..035e317 --- /dev/null +++ b/jcapiv2/spec/models/apple_mdm_signed_csr_plist_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AppleMdmSignedCsrPlist +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AppleMdmSignedCsrPlist' do + before do + # run before each test + @instance = JCAPIv2::AppleMdmSignedCsrPlist.new + end + + after do + # run after each test + end + + describe 'test an instance of AppleMdmSignedCsrPlist' do + it 'should create an instance of AppleMdmSignedCsrPlist' do + expect(@instance).to be_instance_of(JCAPIv2::AppleMdmSignedCsrPlist) + end + end +end diff --git a/jcapiv2/spec/models/apple_mdm_spec.rb b/jcapiv2/spec/models/apple_mdm_spec.rb index 98571d9..9e4eb55 100644 --- a/jcapiv2/spec/models/apple_mdm_spec.rb +++ b/jcapiv2/spec/models/apple_mdm_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,23 +31,92 @@ expect(@instance).to be_instance_of(JCAPIv2::AppleMDM) end end + describe 'test attribute "ades"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "allow_mobile_user_enrollment"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "apns_cert_expiry"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "apns_push_topic"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "apple_cert_creator_apple_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "apple_cert_serial_number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "default_ios_user_enrollment_device_group_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "default_system_group_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dep"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dep_access_token_expiry"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dep_server_token_state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["unknown", "missing", "valid", "expired"]) + # validator.allowable_values.each do |value| + # expect { @instance.dep_server_token_state = value }.not_to raise_error + # end end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end -end + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end +end diff --git a/jcapiv2/spec/models/application_id_logo_body_spec.rb b/jcapiv2/spec/models/application_id_logo_body_spec.rb new file mode 100644 index 0000000..9b1dc87 --- /dev/null +++ b/jcapiv2/spec/models/application_id_logo_body_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ApplicationIdLogoBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ApplicationIdLogoBody' do + before do + # run before each test + @instance = JCAPIv2::ApplicationIdLogoBody.new + end + + after do + # run after each test + end + + describe 'test an instance of ApplicationIdLogoBody' do + it 'should create an instance of ApplicationIdLogoBody' do + expect(@instance).to be_instance_of(JCAPIv2::ApplicationIdLogoBody) + end + end + describe 'test attribute "image"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/apps_inner_spec.rb b/jcapiv2/spec/models/apps_inner_spec.rb new file mode 100644 index 0000000..e16931e --- /dev/null +++ b/jcapiv2/spec/models/apps_inner_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AppsInner +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AppsInner' do + before do + # run before each test + @instance = JCAPIv2::AppsInner.new + end + + after do + # run after each test + end + + describe 'test an instance of AppsInner' do + it 'should create an instance of AppsInner' do + expect(@instance).to be_instance_of(JCAPIv2::AppsInner) + end + end + describe 'test attribute "app_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/apps_spec.rb b/jcapiv2/spec/models/apps_spec.rb new file mode 100644 index 0000000..0f1646c --- /dev/null +++ b/jcapiv2/spec/models/apps_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Apps +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Apps' do + before do + # run before each test + @instance = JCAPIv2::Apps.new + end + + after do + # run after each test + end + + describe 'test an instance of Apps' do + it 'should create an instance of Apps' do + expect(@instance).to be_instance_of(JCAPIv2::Apps) + end + end +end diff --git a/jcapiv2/spec/models/auth_info_spec.rb b/jcapiv2/spec/models/auth_info_spec.rb index bad3821..89f5a5f 100644 --- a/jcapiv2/spec/models/auth_info_spec.rb +++ b/jcapiv2/spec/models/auth_info_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,20 @@ end describe 'test attribute "expiry"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "is_valid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "message"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/auth_input_object_spec.rb b/jcapiv2/spec/models/auth_input_object_spec.rb index f1dfc73..ca64e44 100644 --- a/jcapiv2/spec/models/auth_input_object_spec.rb +++ b/jcapiv2/spec/models/auth_input_object_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,8 @@ end describe 'test attribute "auth"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/auth_input_spec.rb b/jcapiv2/spec/models/auth_input_spec.rb index a903f39..6622420 100644 --- a/jcapiv2/spec/models/auth_input_spec.rb +++ b/jcapiv2/spec/models/auth_input_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "basic"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "oauth"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/authinput_basic_spec.rb b/jcapiv2/spec/models/authinput_basic_spec.rb index f105a29..e89d209 100644 --- a/jcapiv2/spec/models/authinput_basic_spec.rb +++ b/jcapiv2/spec/models/authinput_basic_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "password"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "username"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/authinput_oauth_spec.rb b/jcapiv2/spec/models/authinput_oauth_spec.rb index d5b071e..fa4e7a9 100644 --- a/jcapiv2/spec/models/authinput_oauth_spec.rb +++ b/jcapiv2/spec/models/authinput_oauth_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,8 @@ end describe 'test attribute "code"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/authn_policy_effect_spec.rb b/jcapiv2/spec/models/authn_policy_effect_spec.rb new file mode 100644 index 0000000..e64aa57 --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_effect_spec.rb @@ -0,0 +1,50 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyEffect +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyEffect' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyEffect.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyEffect' do + it 'should create an instance of AuthnPolicyEffect' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyEffect) + end + end + describe 'test attribute "action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["allow", "deny", "unknown"]) + # validator.allowable_values.each do |value| + # expect { @instance.action = value }.not_to raise_error + # end + end + end + + describe 'test attribute "obligations"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_obligations_external_identity_provider_spec.rb b/jcapiv2/spec/models/authn_policy_obligations_external_identity_provider_spec.rb new file mode 100644 index 0000000..08efb18 --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_obligations_external_identity_provider_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyObligationsExternalIdentityProvider +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyObligationsExternalIdentityProvider' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyObligationsExternalIdentityProvider.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyObligationsExternalIdentityProvider' do + it 'should create an instance of AuthnPolicyObligationsExternalIdentityProvider' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyObligationsExternalIdentityProvider) + end + end + describe 'test attribute "object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_obligations_mfa_spec.rb b/jcapiv2/spec/models/authn_policy_obligations_mfa_spec.rb new file mode 100644 index 0000000..f307494 --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_obligations_mfa_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyObligationsMfa +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyObligationsMfa' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyObligationsMfa.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyObligationsMfa' do + it 'should create an instance of AuthnPolicyObligationsMfa' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyObligationsMfa) + end + end + describe 'test attribute "required"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_obligations_spec.rb b/jcapiv2/spec/models/authn_policy_obligations_spec.rb new file mode 100644 index 0000000..16bb0e2 --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_obligations_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyObligations +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyObligations' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyObligations.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyObligations' do + it 'should create an instance of AuthnPolicyObligations' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyObligations) + end + end + describe 'test attribute "external_identity_provider"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "mfa"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_verification"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_obligations_user_verification_spec.rb b/jcapiv2/spec/models/authn_policy_obligations_user_verification_spec.rb new file mode 100644 index 0000000..8f1c49e --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_obligations_user_verification_spec.rb @@ -0,0 +1,44 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyObligationsUserVerification +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyObligationsUserVerification' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyObligationsUserVerification.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyObligationsUserVerification' do + it 'should create an instance of AuthnPolicyObligationsUserVerification' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyObligationsUserVerification) + end + end + describe 'test attribute "requirement"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["none", "optional", "required"]) + # validator.allowable_values.each do |value| + # expect { @instance.requirement = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_resource_target_spec.rb b/jcapiv2/spec/models/authn_policy_resource_target_spec.rb new file mode 100644 index 0000000..0995f9b --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_resource_target_spec.rb @@ -0,0 +1,50 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyResourceTarget +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyResourceTarget' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyResourceTarget.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyResourceTarget' do + it 'should create an instance of AuthnPolicyResourceTarget' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyResourceTarget) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user_portal", "application", "ldap"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_spec.rb b/jcapiv2/spec/models/authn_policy_spec.rb new file mode 100644 index 0000000..0bd0d39 --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicy +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicy' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicy.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicy' do + it 'should create an instance of AuthnPolicy' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicy) + end + end + describe 'test attribute "conditions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "effect"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "targets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_targets_spec.rb b/jcapiv2/spec/models/authn_policy_targets_spec.rb new file mode 100644 index 0000000..159ba1e --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_targets_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyTargets +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyTargets' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyTargets.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyTargets' do + it 'should create an instance of AuthnPolicyTargets' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyTargets) + end + end + describe 'test attribute "resources"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_type_spec.rb b/jcapiv2/spec/models/authn_policy_type_spec.rb new file mode 100644 index 0000000..ef2435c --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_type_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyType +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyType' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyType.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyType' do + it 'should create an instance of AuthnPolicyType' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyType) + end + end +end diff --git a/jcapiv2/spec/models/authn_policy_user_attribute_filter_spec.rb b/jcapiv2/spec/models/authn_policy_user_attribute_filter_spec.rb new file mode 100644 index 0000000..e4e5578 --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_user_attribute_filter_spec.rb @@ -0,0 +1,56 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyUserAttributeFilter +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyUserAttributeFilter' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyUserAttributeFilter.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyUserAttributeFilter' do + it 'should create an instance of AuthnPolicyUserAttributeFilter' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyUserAttributeFilter) + end + end + describe 'test attribute "field"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "operator"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["EQ"]) + # validator.allowable_values.each do |value| + # expect { @instance.operator = value }.not_to raise_error + # end + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_user_attribute_target_spec.rb b/jcapiv2/spec/models/authn_policy_user_attribute_target_spec.rb new file mode 100644 index 0000000..3bf09a9 --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_user_attribute_target_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyUserAttributeTarget +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyUserAttributeTarget' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyUserAttributeTarget.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyUserAttributeTarget' do + it 'should create an instance of AuthnPolicyUserAttributeTarget' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyUserAttributeTarget) + end + end + describe 'test attribute "exclusions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "inclusions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_user_group_target_spec.rb b/jcapiv2/spec/models/authn_policy_user_group_target_spec.rb new file mode 100644 index 0000000..1906577 --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_user_group_target_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyUserGroupTarget +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyUserGroupTarget' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyUserGroupTarget.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyUserGroupTarget' do + it 'should create an instance of AuthnPolicyUserGroupTarget' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyUserGroupTarget) + end + end + describe 'test attribute "exclusions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "inclusions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/authn_policy_user_target_spec.rb b/jcapiv2/spec/models/authn_policy_user_target_spec.rb new file mode 100644 index 0000000..a65852f --- /dev/null +++ b/jcapiv2/spec/models/authn_policy_user_target_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AuthnPolicyUserTarget +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AuthnPolicyUserTarget' do + before do + # run before each test + @instance = JCAPIv2::AuthnPolicyUserTarget.new + end + + after do + # run after each test + end + + describe 'test an instance of AuthnPolicyUserTarget' do + it 'should create an instance of AuthnPolicyUserTarget' do + expect(@instance).to be_instance_of(JCAPIv2::AuthnPolicyUserTarget) + end + end + describe 'test attribute "inclusions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_company_resp_spec.rb b/jcapiv2/spec/models/autotask_company_resp_spec.rb new file mode 100644 index 0000000..e7593b1 --- /dev/null +++ b/jcapiv2/spec/models/autotask_company_resp_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskCompanyResp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskCompanyResp' do + before do + # run before each test + @instance = JCAPIv2::AutotaskCompanyResp.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskCompanyResp' do + it 'should create an instance of AutotaskCompanyResp' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskCompanyResp) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_company_spec.rb b/jcapiv2/spec/models/autotask_company_spec.rb new file mode 100644 index 0000000..659c23e --- /dev/null +++ b/jcapiv2/spec/models/autotask_company_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskCompany +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskCompany' do + before do + # run before each test + @instance = JCAPIv2::AutotaskCompany.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskCompany' do + it 'should create an instance of AutotaskCompany' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskCompany) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_company_type_resp_spec.rb b/jcapiv2/spec/models/autotask_company_type_resp_spec.rb new file mode 100644 index 0000000..4b831d7 --- /dev/null +++ b/jcapiv2/spec/models/autotask_company_type_resp_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskCompanyTypeResp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskCompanyTypeResp' do + before do + # run before each test + @instance = JCAPIv2::AutotaskCompanyTypeResp.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskCompanyTypeResp' do + it 'should create an instance of AutotaskCompanyTypeResp' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskCompanyTypeResp) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_contract_field_spec.rb b/jcapiv2/spec/models/autotask_contract_field_spec.rb new file mode 100644 index 0000000..0c42b09 --- /dev/null +++ b/jcapiv2/spec/models/autotask_contract_field_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskContractField +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskContractField' do + before do + # run before each test + @instance = JCAPIv2::AutotaskContractField.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskContractField' do + it 'should create an instance of AutotaskContractField' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskContractField) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "values"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_contract_field_values_spec.rb b/jcapiv2/spec/models/autotask_contract_field_values_spec.rb new file mode 100644 index 0000000..e2d5bba --- /dev/null +++ b/jcapiv2/spec/models/autotask_contract_field_values_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskContractFieldValues +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskContractFieldValues' do + before do + # run before each test + @instance = JCAPIv2::AutotaskContractFieldValues.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskContractFieldValues' do + it 'should create an instance of AutotaskContractFieldValues' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskContractFieldValues) + end + end + describe 'test attribute "label"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_contract_spec.rb b/jcapiv2/spec/models/autotask_contract_spec.rb new file mode 100644 index 0000000..53db20d --- /dev/null +++ b/jcapiv2/spec/models/autotask_contract_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskContract +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskContract' do + before do + # run before each test + @instance = JCAPIv2::AutotaskContract.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskContract' do + it 'should create an instance of AutotaskContract' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskContract) + end + end + describe 'test attribute "company_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_integration_patch_req_spec.rb b/jcapiv2/spec/models/autotask_integration_patch_req_spec.rb new file mode 100644 index 0000000..190ae86 --- /dev/null +++ b/jcapiv2/spec/models/autotask_integration_patch_req_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskIntegrationPatchReq +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskIntegrationPatchReq' do + before do + # run before each test + @instance = JCAPIv2::AutotaskIntegrationPatchReq.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskIntegrationPatchReq' do + it 'should create an instance of AutotaskIntegrationPatchReq' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskIntegrationPatchReq) + end + end + describe 'test attribute "secret"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_integration_req_spec.rb b/jcapiv2/spec/models/autotask_integration_req_spec.rb new file mode 100644 index 0000000..f81c9c2 --- /dev/null +++ b/jcapiv2/spec/models/autotask_integration_req_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskIntegrationReq +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskIntegrationReq' do + before do + # run before each test + @instance = JCAPIv2::AutotaskIntegrationReq.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskIntegrationReq' do + it 'should create an instance of AutotaskIntegrationReq' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskIntegrationReq) + end + end + describe 'test attribute "secret"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_integration_spec.rb b/jcapiv2/spec/models/autotask_integration_spec.rb new file mode 100644 index 0000000..8b28165 --- /dev/null +++ b/jcapiv2/spec/models/autotask_integration_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskIntegration +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskIntegration' do + before do + # run before each test + @instance = JCAPIv2::AutotaskIntegration.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskIntegration' do + it 'should create an instance of AutotaskIntegration' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskIntegration) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_msp_auth_configured"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_mapping_request_company_spec.rb b/jcapiv2/spec/models/autotask_mapping_request_company_spec.rb new file mode 100644 index 0000000..1d00648 --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_request_company_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingRequestCompany +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingRequestCompany' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingRequestCompany.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingRequestCompany' do + it 'should create an instance of AutotaskMappingRequestCompany' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingRequestCompany) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_mapping_request_contract_spec.rb b/jcapiv2/spec/models/autotask_mapping_request_contract_spec.rb new file mode 100644 index 0000000..c24e4cf --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_request_contract_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingRequestContract +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingRequestContract' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingRequestContract.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingRequestContract' do + it 'should create an instance of AutotaskMappingRequestContract' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingRequestContract) + end + end +end diff --git a/jcapiv2/spec/models/autotask_mapping_request_data_spec.rb b/jcapiv2/spec/models/autotask_mapping_request_data_spec.rb new file mode 100644 index 0000000..706beef --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_request_data_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingRequestData +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingRequestData' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingRequestData.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingRequestData' do + it 'should create an instance of AutotaskMappingRequestData' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingRequestData) + end + end + describe 'test attribute "company"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "contract"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "delete"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "service"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_mapping_request_organization_spec.rb b/jcapiv2/spec/models/autotask_mapping_request_organization_spec.rb new file mode 100644 index 0000000..3e9d876 --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_request_organization_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingRequestOrganization +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingRequestOrganization' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingRequestOrganization.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingRequestOrganization' do + it 'should create an instance of AutotaskMappingRequestOrganization' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingRequestOrganization) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_mapping_request_service_spec.rb b/jcapiv2/spec/models/autotask_mapping_request_service_spec.rb new file mode 100644 index 0000000..148d679 --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_request_service_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingRequestService +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingRequestService' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingRequestService.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingRequestService' do + it 'should create an instance of AutotaskMappingRequestService' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingRequestService) + end + end +end diff --git a/jcapiv2/spec/models/autotask_mapping_request_spec.rb b/jcapiv2/spec/models/autotask_mapping_request_spec.rb new file mode 100644 index 0000000..94472c2 --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_request_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingRequest' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingRequest' do + it 'should create an instance of AutotaskMappingRequest' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingRequest) + end + end + describe 'test attribute "data"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_mapping_response_company_spec.rb b/jcapiv2/spec/models/autotask_mapping_response_company_spec.rb new file mode 100644 index 0000000..86abf82 --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_response_company_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingResponseCompany +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingResponseCompany' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingResponseCompany.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingResponseCompany' do + it 'should create an instance of AutotaskMappingResponseCompany' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingResponseCompany) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_mapping_response_contract_spec.rb b/jcapiv2/spec/models/autotask_mapping_response_contract_spec.rb new file mode 100644 index 0000000..cf64ecb --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_response_contract_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingResponseContract +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingResponseContract' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingResponseContract.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingResponseContract' do + it 'should create an instance of AutotaskMappingResponseContract' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingResponseContract) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_mapping_response_organization_spec.rb b/jcapiv2/spec/models/autotask_mapping_response_organization_spec.rb new file mode 100644 index 0000000..74c5140 --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_response_organization_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingResponseOrganization +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingResponseOrganization' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingResponseOrganization.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingResponseOrganization' do + it 'should create an instance of AutotaskMappingResponseOrganization' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingResponseOrganization) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_mapping_response_service_spec.rb b/jcapiv2/spec/models/autotask_mapping_response_service_spec.rb new file mode 100644 index 0000000..9eeb00f --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_response_service_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingResponseService +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingResponseService' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingResponseService.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingResponseService' do + it 'should create an instance of AutotaskMappingResponseService' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingResponseService) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "non_billable_users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_mapping_response_spec.rb b/jcapiv2/spec/models/autotask_mapping_response_spec.rb new file mode 100644 index 0000000..6c8db7b --- /dev/null +++ b/jcapiv2/spec/models/autotask_mapping_response_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskMappingResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskMappingResponse' do + before do + # run before each test + @instance = JCAPIv2::AutotaskMappingResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskMappingResponse' do + it 'should create an instance of AutotaskMappingResponse' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskMappingResponse) + end + end + describe 'test attribute "company"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "contract"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_sync_date_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_sync_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "service"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_service_spec.rb b/jcapiv2/spec/models/autotask_service_spec.rb new file mode 100644 index 0000000..e6683e7 --- /dev/null +++ b/jcapiv2/spec/models/autotask_service_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskService +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskService' do + before do + # run before each test + @instance = JCAPIv2::AutotaskService.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskService' do + it 'should create an instance of AutotaskService' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskService) + end + end + describe 'test attribute "contract_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_settings_patch_req_spec.rb b/jcapiv2/spec/models/autotask_settings_patch_req_spec.rb new file mode 100644 index 0000000..58b0086 --- /dev/null +++ b/jcapiv2/spec/models/autotask_settings_patch_req_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskSettingsPatchReq +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskSettingsPatchReq' do + before do + # run before each test + @instance = JCAPIv2::AutotaskSettingsPatchReq.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskSettingsPatchReq' do + it 'should create an instance of AutotaskSettingsPatchReq' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskSettingsPatchReq) + end + end + describe 'test attribute "automatic_ticketing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "company_type_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_settings_spec.rb b/jcapiv2/spec/models/autotask_settings_spec.rb new file mode 100644 index 0000000..7b96648 --- /dev/null +++ b/jcapiv2/spec/models/autotask_settings_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskSettings +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskSettings' do + before do + # run before each test + @instance = JCAPIv2::AutotaskSettings.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskSettings' do + it 'should create an instance of AutotaskSettings' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskSettings) + end + end + describe 'test attribute "automatic_ticketing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "company_type_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_ticketing_alert_configuration_list_spec.rb b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_list_spec.rb new file mode 100644 index 0000000..b43ac1d --- /dev/null +++ b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_list_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskTicketingAlertConfigurationList +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskTicketingAlertConfigurationList' do + before do + # run before each test + @instance = JCAPIv2::AutotaskTicketingAlertConfigurationList.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskTicketingAlertConfigurationList' do + it 'should create an instance of AutotaskTicketingAlertConfigurationList' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskTicketingAlertConfigurationList) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_ticketing_alert_configuration_option_spec.rb b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_option_spec.rb new file mode 100644 index 0000000..5e53d06 --- /dev/null +++ b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_option_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskTicketingAlertConfigurationOption +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskTicketingAlertConfigurationOption' do + before do + # run before each test + @instance = JCAPIv2::AutotaskTicketingAlertConfigurationOption.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskTicketingAlertConfigurationOption' do + it 'should create an instance of AutotaskTicketingAlertConfigurationOption' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskTicketingAlertConfigurationOption) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "values"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_ticketing_alert_configuration_option_values_spec.rb b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_option_values_spec.rb new file mode 100644 index 0000000..4637188 --- /dev/null +++ b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_option_values_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskTicketingAlertConfigurationOptionValues +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskTicketingAlertConfigurationOptionValues' do + before do + # run before each test + @instance = JCAPIv2::AutotaskTicketingAlertConfigurationOptionValues.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskTicketingAlertConfigurationOptionValues' do + it 'should create an instance of AutotaskTicketingAlertConfigurationOptionValues' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskTicketingAlertConfigurationOptionValues) + end + end + describe 'test attribute "label"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_ticketing_alert_configuration_options_spec.rb b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_options_spec.rb new file mode 100644 index 0000000..421c244 --- /dev/null +++ b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_options_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskTicketingAlertConfigurationOptions +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskTicketingAlertConfigurationOptions' do + before do + # run before each test + @instance = JCAPIv2::AutotaskTicketingAlertConfigurationOptions.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskTicketingAlertConfigurationOptions' do + it 'should create an instance of AutotaskTicketingAlertConfigurationOptions' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskTicketingAlertConfigurationOptions) + end + end + describe 'test attribute "options"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "resources"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_ticketing_alert_configuration_priority_spec.rb b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_priority_spec.rb new file mode 100644 index 0000000..2574290 --- /dev/null +++ b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_priority_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskTicketingAlertConfigurationPriority +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskTicketingAlertConfigurationPriority' do + before do + # run before each test + @instance = JCAPIv2::AutotaskTicketingAlertConfigurationPriority.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskTicketingAlertConfigurationPriority' do + it 'should create an instance of AutotaskTicketingAlertConfigurationPriority' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskTicketingAlertConfigurationPriority) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_ticketing_alert_configuration_request_spec.rb b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_request_spec.rb new file mode 100644 index 0000000..a56bc2c --- /dev/null +++ b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_request_spec.rb @@ -0,0 +1,86 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskTicketingAlertConfigurationRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskTicketingAlertConfigurationRequest' do + before do + # run before each test + @instance = JCAPIv2::AutotaskTicketingAlertConfigurationRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskTicketingAlertConfigurationRequest' do + it 'should create an instance of AutotaskTicketingAlertConfigurationRequest' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskTicketingAlertConfigurationRequest) + end + end + describe 'test attribute "destination"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["queue", "resource"]) + # validator.allowable_values.each do |value| + # expect { @instance.destination = value }.not_to raise_error + # end + end + end + + describe 'test attribute "due_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "priority"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "queue"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "resource"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "should_create_tickets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "source"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_ticketing_alert_configuration_resource_spec.rb b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_resource_spec.rb new file mode 100644 index 0000000..cf0c5eb --- /dev/null +++ b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_resource_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskTicketingAlertConfigurationResource +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskTicketingAlertConfigurationResource' do + before do + # run before each test + @instance = JCAPIv2::AutotaskTicketingAlertConfigurationResource.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskTicketingAlertConfigurationResource' do + it 'should create an instance of AutotaskTicketingAlertConfigurationResource' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskTicketingAlertConfigurationResource) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "role"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/autotask_ticketing_alert_configuration_spec.rb b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_spec.rb new file mode 100644 index 0000000..c2d3baf --- /dev/null +++ b/jcapiv2/spec/models/autotask_ticketing_alert_configuration_spec.rb @@ -0,0 +1,110 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::AutotaskTicketingAlertConfiguration +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'AutotaskTicketingAlertConfiguration' do + before do + # run before each test + @instance = JCAPIv2::AutotaskTicketingAlertConfiguration.new + end + + after do + # run after each test + end + + describe 'test an instance of AutotaskTicketingAlertConfiguration' do + it 'should create an instance of AutotaskTicketingAlertConfiguration' do + expect(@instance).to be_instance_of(JCAPIv2::AutotaskTicketingAlertConfiguration) + end + end + describe 'test attribute "category"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "destination"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["queue", "resource"]) + # validator.allowable_values.each do |value| + # expect { @instance.destination = value }.not_to raise_error + # end + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "due_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "priority"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "queue"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "resource"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "should_create_tickets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "source"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/billing_integration_company_type_spec.rb b/jcapiv2/spec/models/billing_integration_company_type_spec.rb new file mode 100644 index 0000000..6914297 --- /dev/null +++ b/jcapiv2/spec/models/billing_integration_company_type_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::BillingIntegrationCompanyType +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'BillingIntegrationCompanyType' do + before do + # run before each test + @instance = JCAPIv2::BillingIntegrationCompanyType.new + end + + after do + # run after each test + end + + describe 'test an instance of BillingIntegrationCompanyType' do + it 'should create an instance of BillingIntegrationCompanyType' do + expect(@instance).to be_instance_of(JCAPIv2::BillingIntegrationCompanyType) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/body_1_spec.rb b/jcapiv2/spec/models/body_1_spec.rb deleted file mode 100644 index 680057b..0000000 --- a/jcapiv2/spec/models/body_1_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::Body1 -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Body1' do - before do - # run before each test - @instance = JCAPIv2::Body1.new - end - - after do - # run after each test - end - - describe 'test an instance of Body1' do - it 'should create an instance of Body1' do - expect(@instance).to be_instance_of(JCAPIv2::Body1) - end - end - describe 'test attribute "groups"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "users"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/body_2_spec.rb b/jcapiv2/spec/models/body_2_spec.rb deleted file mode 100644 index 478dd1e..0000000 --- a/jcapiv2/spec/models/body_2_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::Body2 -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Body2' do - before do - # run before each test - @instance = JCAPIv2::Body2.new - end - - after do - # run after each test - end - - describe 'test an instance of Body2' do - it 'should create an instance of Body2' do - expect(@instance).to be_instance_of(JCAPIv2::Body2) - end - end - describe 'test attribute "groups"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "users"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/body_3_spec.rb b/jcapiv2/spec/models/body_3_spec.rb deleted file mode 100644 index ecefebc..0000000 --- a/jcapiv2/spec/models/body_3_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::Body3 -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Body3' do - before do - # run before each test - @instance = JCAPIv2::Body3.new - end - - after do - # run after each test - end - - describe 'test an instance of Body3' do - it 'should create an instance of Body3' do - expect(@instance).to be_instance_of(JCAPIv2::Body3) - end - end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "user_lockout_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "user_password_expiration_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/body_spec.rb b/jcapiv2/spec/models/body_spec.rb deleted file mode 100644 index 9b8ad31..0000000 --- a/jcapiv2/spec/models/body_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::Body -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Body' do - before do - # run before each test - @instance = JCAPIv2::Body.new - end - - after do - # run after each test - end - - describe 'test an instance of Body' do - it 'should create an instance of Body' do - expect(@instance).to be_instance_of(JCAPIv2::Body) - end - end - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/bulk_scheduled_statechange_create_spec.rb b/jcapiv2/spec/models/bulk_scheduled_statechange_create_spec.rb new file mode 100644 index 0000000..9cf279e --- /dev/null +++ b/jcapiv2/spec/models/bulk_scheduled_statechange_create_spec.rb @@ -0,0 +1,68 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::BulkScheduledStatechangeCreate +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'BulkScheduledStatechangeCreate' do + before do + # run before each test + @instance = JCAPIv2::BulkScheduledStatechangeCreate.new + end + + after do + # run after each test + end + + describe 'test an instance of BulkScheduledStatechangeCreate' do + it 'should create an instance of BulkScheduledStatechangeCreate' do + expect(@instance).to be_instance_of(JCAPIv2::BulkScheduledStatechangeCreate) + end + end + describe 'test attribute "activation_email_override"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "send_activation_emails"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "start_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["ACTIVATED", "SUSPENDED"]) + # validator.allowable_values.each do |value| + # expect { @instance.state = value }.not_to raise_error + # end + end + end + + describe 'test attribute "user_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/bulk_user_create_spec.rb b/jcapiv2/spec/models/bulk_user_create_spec.rb index f864995..60c1464 100644 --- a/jcapiv2/spec/models/bulk_user_create_spec.rb +++ b/jcapiv2/spec/models/bulk_user_create_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,33 +33,32 @@ end describe 'test attribute "attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "email"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "firstname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "lastname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "username"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/bulk_user_expire_spec.rb b/jcapiv2/spec/models/bulk_user_expire_spec.rb new file mode 100644 index 0000000..8f8c122 --- /dev/null +++ b/jcapiv2/spec/models/bulk_user_expire_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::BulkUserExpire +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'BulkUserExpire' do + before do + # run before each test + @instance = JCAPIv2::BulkUserExpire.new + end + + after do + # run after each test + end + + describe 'test an instance of BulkUserExpire' do + it 'should create an instance of BulkUserExpire' do + expect(@instance).to be_instance_of(JCAPIv2::BulkUserExpire) + end + end + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/bulk_user_unlock_spec.rb b/jcapiv2/spec/models/bulk_user_unlock_spec.rb new file mode 100644 index 0000000..3d8c1be --- /dev/null +++ b/jcapiv2/spec/models/bulk_user_unlock_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::BulkUserUnlock +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'BulkUserUnlock' do + before do + # run before each test + @instance = JCAPIv2::BulkUserUnlock.new + end + + after do + # run after each test + end + + describe 'test an instance of BulkUserUnlock' do + it 'should create an instance of BulkUserUnlock' do + expect(@instance).to be_instance_of(JCAPIv2::BulkUserUnlock) + end + end + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/bulk_user_update_spec.rb b/jcapiv2/spec/models/bulk_user_update_spec.rb index e892b34..1c42fe1 100644 --- a/jcapiv2/spec/models/bulk_user_update_spec.rb +++ b/jcapiv2/spec/models/bulk_user_update_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,39 +33,44 @@ end describe 'test attribute "attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "email"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "firstname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "lastname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "username"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/cases_response_spec.rb b/jcapiv2/spec/models/cases_response_spec.rb new file mode 100644 index 0000000..eb2a175 --- /dev/null +++ b/jcapiv2/spec/models/cases_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::CasesResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CasesResponse' do + before do + # run before each test + @instance = JCAPIv2::CasesResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of CasesResponse' do + it 'should create an instance of CasesResponse' do + expect(@instance).to be_instance_of(JCAPIv2::CasesResponse) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/command_result_list_results_spec.rb b/jcapiv2/spec/models/command_result_list_results_spec.rb new file mode 100644 index 0000000..8c33068 --- /dev/null +++ b/jcapiv2/spec/models/command_result_list_results_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::CommandResultListResults +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CommandResultListResults' do + before do + # run before each test + @instance = JCAPIv2::CommandResultListResults.new + end + + after do + # run after each test + end + + describe 'test an instance of CommandResultListResults' do + it 'should create an instance of CommandResultListResults' do + expect(@instance).to be_instance_of(JCAPIv2::CommandResultListResults) + end + end + describe 'test attribute "command"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "completed_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "pending_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/command_result_list_spec.rb b/jcapiv2/spec/models/command_result_list_spec.rb new file mode 100644 index 0000000..2df352e --- /dev/null +++ b/jcapiv2/spec/models/command_result_list_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::CommandResultList +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CommandResultList' do + before do + # run before each test + @instance = JCAPIv2::CommandResultList.new + end + + after do + # run after each test + end + + describe 'test an instance of CommandResultList' do + it 'should create an instance of CommandResultList' do + expect(@instance).to be_instance_of(JCAPIv2::CommandResultList) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/commands_graph_object_with_paths_spec.rb b/jcapiv2/spec/models/commands_graph_object_with_paths_spec.rb new file mode 100644 index 0000000..0bda6de --- /dev/null +++ b/jcapiv2/spec/models/commands_graph_object_with_paths_spec.rb @@ -0,0 +1,112 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::CommandsGraphObjectWithPaths +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CommandsGraphObjectWithPaths' do + before do + # run before each test + @instance = JCAPIv2::CommandsGraphObjectWithPaths.new + end + + after do + # run after each test + end + + describe 'test an instance of CommandsGraphObjectWithPaths' do + it 'should create an instance of CommandsGraphObjectWithPaths' do + expect(@instance).to be_instance_of(JCAPIv2::CommandsGraphObjectWithPaths) + end + end + describe 'test attribute "command"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "command_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "compiled_attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "launch_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "paths"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "schedule"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "schedule_repeat_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "time_to_live_seconds"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "timeout"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/configured_policy_template_spec.rb b/jcapiv2/spec/models/configured_policy_template_spec.rb new file mode 100644 index 0000000..6482e34 --- /dev/null +++ b/jcapiv2/spec/models/configured_policy_template_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConfiguredPolicyTemplate +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConfiguredPolicyTemplate' do + before do + # run before each test + @instance = JCAPIv2::ConfiguredPolicyTemplate.new + end + + after do + # run after each test + end + + describe 'test an instance of ConfiguredPolicyTemplate' do + it 'should create an instance of ConfiguredPolicyTemplate' do + expect(@instance).to be_instance_of(JCAPIv2::ConfiguredPolicyTemplate) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "policy_template_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "values"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/configured_policy_template_value_spec.rb b/jcapiv2/spec/models/configured_policy_template_value_spec.rb new file mode 100644 index 0000000..1a77aff --- /dev/null +++ b/jcapiv2/spec/models/configured_policy_template_value_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConfiguredPolicyTemplateValue +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConfiguredPolicyTemplateValue' do + before do + # run before each test + @instance = JCAPIv2::ConfiguredPolicyTemplateValue.new + end + + after do + # run after each test + end + + describe 'test an instance of ConfiguredPolicyTemplateValue' do + it 'should create an instance of ConfiguredPolicyTemplateValue' do + expect(@instance).to be_instance_of(JCAPIv2::ConfiguredPolicyTemplateValue) + end + end + describe 'test attribute "config_field_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_mapping_request_company_spec.rb b/jcapiv2/spec/models/connect_wise_mapping_request_company_spec.rb new file mode 100644 index 0000000..ffdf286 --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_mapping_request_company_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseMappingRequestCompany +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseMappingRequestCompany' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseMappingRequestCompany.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseMappingRequestCompany' do + it 'should create an instance of ConnectWiseMappingRequestCompany' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseMappingRequestCompany) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_mapping_request_data_spec.rb b/jcapiv2/spec/models/connect_wise_mapping_request_data_spec.rb new file mode 100644 index 0000000..8ea1682 --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_mapping_request_data_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseMappingRequestData +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseMappingRequestData' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseMappingRequestData.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseMappingRequestData' do + it 'should create an instance of ConnectWiseMappingRequestData' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseMappingRequestData) + end + end + describe 'test attribute "addition"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "agreement"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "company"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "delete"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_mapping_request_organization_spec.rb b/jcapiv2/spec/models/connect_wise_mapping_request_organization_spec.rb new file mode 100644 index 0000000..625a09a --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_mapping_request_organization_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseMappingRequestOrganization +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseMappingRequestOrganization' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseMappingRequestOrganization.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseMappingRequestOrganization' do + it 'should create an instance of ConnectWiseMappingRequestOrganization' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseMappingRequestOrganization) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_mapping_request_spec.rb b/jcapiv2/spec/models/connect_wise_mapping_request_spec.rb new file mode 100644 index 0000000..8d0febc --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_mapping_request_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseMappingRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseMappingRequest' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseMappingRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseMappingRequest' do + it 'should create an instance of ConnectWiseMappingRequest' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseMappingRequest) + end + end + describe 'test attribute "data"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_mapping_response_addition_spec.rb b/jcapiv2/spec/models/connect_wise_mapping_response_addition_spec.rb new file mode 100644 index 0000000..483d85f --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_mapping_response_addition_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseMappingResponseAddition +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseMappingResponseAddition' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseMappingResponseAddition.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseMappingResponseAddition' do + it 'should create an instance of ConnectWiseMappingResponseAddition' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseMappingResponseAddition) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_mapping_response_spec.rb b/jcapiv2/spec/models/connect_wise_mapping_response_spec.rb new file mode 100644 index 0000000..94de321 --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_mapping_response_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseMappingResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseMappingResponse' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseMappingResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseMappingResponse' do + it 'should create an instance of ConnectWiseMappingResponse' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseMappingResponse) + end + end + describe 'test attribute "addition"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "agreement"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "company"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_sync_date_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_sync_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_settings_patch_req_spec.rb b/jcapiv2/spec/models/connect_wise_settings_patch_req_spec.rb new file mode 100644 index 0000000..6d90d1c --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_settings_patch_req_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseSettingsPatchReq +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseSettingsPatchReq' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseSettingsPatchReq.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseSettingsPatchReq' do + it 'should create an instance of ConnectWiseSettingsPatchReq' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseSettingsPatchReq) + end + end + describe 'test attribute "automatic_ticketing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "company_type_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_settings_spec.rb b/jcapiv2/spec/models/connect_wise_settings_spec.rb new file mode 100644 index 0000000..b8e0f7a --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_settings_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseSettings +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseSettings' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseSettings.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseSettings' do + it 'should create an instance of ConnectWiseSettings' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseSettings) + end + end + describe 'test attribute "automatic_ticketing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "company_type_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_list_spec.rb b/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_list_spec.rb new file mode 100644 index 0000000..45dfe4d --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_list_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseTicketingAlertConfigurationList +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseTicketingAlertConfigurationList' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseTicketingAlertConfigurationList.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseTicketingAlertConfigurationList' do + it 'should create an instance of ConnectWiseTicketingAlertConfigurationList' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseTicketingAlertConfigurationList) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_option_spec.rb b/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_option_spec.rb new file mode 100644 index 0000000..72cf431 --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_option_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseTicketingAlertConfigurationOption +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseTicketingAlertConfigurationOption' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseTicketingAlertConfigurationOption.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseTicketingAlertConfigurationOption' do + it 'should create an instance of ConnectWiseTicketingAlertConfigurationOption' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseTicketingAlertConfigurationOption) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "values"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_options_spec.rb b/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_options_spec.rb new file mode 100644 index 0000000..faa31d4 --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_options_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseTicketingAlertConfigurationOptions +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseTicketingAlertConfigurationOptions' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseTicketingAlertConfigurationOptions.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseTicketingAlertConfigurationOptions' do + it 'should create an instance of ConnectWiseTicketingAlertConfigurationOptions' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseTicketingAlertConfigurationOptions) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_request_spec.rb b/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_request_spec.rb new file mode 100644 index 0000000..cefdee6 --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_request_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseTicketingAlertConfigurationRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseTicketingAlertConfigurationRequest' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseTicketingAlertConfigurationRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseTicketingAlertConfigurationRequest' do + it 'should create an instance of ConnectWiseTicketingAlertConfigurationRequest' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseTicketingAlertConfigurationRequest) + end + end + describe 'test attribute "due_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "priority"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "should_create_tickets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "source"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_spec.rb b/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_spec.rb new file mode 100644 index 0000000..1b00f14 --- /dev/null +++ b/jcapiv2/spec/models/connect_wise_ticketing_alert_configuration_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectWiseTicketingAlertConfiguration +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectWiseTicketingAlertConfiguration' do + before do + # run before each test + @instance = JCAPIv2::ConnectWiseTicketingAlertConfiguration.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectWiseTicketingAlertConfiguration' do + it 'should create an instance of ConnectWiseTicketingAlertConfiguration' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectWiseTicketingAlertConfiguration) + end + end + describe 'test attribute "category"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "due_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "priority"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "should_create_tickets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "source"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connectwise_addition_spec.rb b/jcapiv2/spec/models/connectwise_addition_spec.rb new file mode 100644 index 0000000..d42d829 --- /dev/null +++ b/jcapiv2/spec/models/connectwise_addition_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectwiseAddition +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectwiseAddition' do + before do + # run before each test + @instance = JCAPIv2::ConnectwiseAddition.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectwiseAddition' do + it 'should create an instance of ConnectwiseAddition' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectwiseAddition) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connectwise_agreement_spec.rb b/jcapiv2/spec/models/connectwise_agreement_spec.rb new file mode 100644 index 0000000..c8cff32 --- /dev/null +++ b/jcapiv2/spec/models/connectwise_agreement_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectwiseAgreement +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectwiseAgreement' do + before do + # run before each test + @instance = JCAPIv2::ConnectwiseAgreement.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectwiseAgreement' do + it 'should create an instance of ConnectwiseAgreement' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectwiseAgreement) + end + end + describe 'test attribute "company_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connectwise_company_resp_spec.rb b/jcapiv2/spec/models/connectwise_company_resp_spec.rb new file mode 100644 index 0000000..78bbf85 --- /dev/null +++ b/jcapiv2/spec/models/connectwise_company_resp_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectwiseCompanyResp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectwiseCompanyResp' do + before do + # run before each test + @instance = JCAPIv2::ConnectwiseCompanyResp.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectwiseCompanyResp' do + it 'should create an instance of ConnectwiseCompanyResp' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectwiseCompanyResp) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connectwise_company_spec.rb b/jcapiv2/spec/models/connectwise_company_spec.rb new file mode 100644 index 0000000..ddeed9e --- /dev/null +++ b/jcapiv2/spec/models/connectwise_company_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectwiseCompany +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectwiseCompany' do + before do + # run before each test + @instance = JCAPIv2::ConnectwiseCompany.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectwiseCompany' do + it 'should create an instance of ConnectwiseCompany' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectwiseCompany) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connectwise_company_type_resp_spec.rb b/jcapiv2/spec/models/connectwise_company_type_resp_spec.rb new file mode 100644 index 0000000..1596e94 --- /dev/null +++ b/jcapiv2/spec/models/connectwise_company_type_resp_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectwiseCompanyTypeResp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectwiseCompanyTypeResp' do + before do + # run before each test + @instance = JCAPIv2::ConnectwiseCompanyTypeResp.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectwiseCompanyTypeResp' do + it 'should create an instance of ConnectwiseCompanyTypeResp' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectwiseCompanyTypeResp) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connectwise_integration_patch_req_spec.rb b/jcapiv2/spec/models/connectwise_integration_patch_req_spec.rb new file mode 100644 index 0000000..cbc958f --- /dev/null +++ b/jcapiv2/spec/models/connectwise_integration_patch_req_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectwiseIntegrationPatchReq +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectwiseIntegrationPatchReq' do + before do + # run before each test + @instance = JCAPIv2::ConnectwiseIntegrationPatchReq.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectwiseIntegrationPatchReq' do + it 'should create an instance of ConnectwiseIntegrationPatchReq' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectwiseIntegrationPatchReq) + end + end + describe 'test attribute "company_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "private_key"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "public_key"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connectwise_integration_req_spec.rb b/jcapiv2/spec/models/connectwise_integration_req_spec.rb new file mode 100644 index 0000000..858e89c --- /dev/null +++ b/jcapiv2/spec/models/connectwise_integration_req_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectwiseIntegrationReq +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectwiseIntegrationReq' do + before do + # run before each test + @instance = JCAPIv2::ConnectwiseIntegrationReq.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectwiseIntegrationReq' do + it 'should create an instance of ConnectwiseIntegrationReq' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectwiseIntegrationReq) + end + end + describe 'test attribute "company_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "private_key"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "public_key"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/connectwise_integration_spec.rb b/jcapiv2/spec/models/connectwise_integration_spec.rb new file mode 100644 index 0000000..e28fa9b --- /dev/null +++ b/jcapiv2/spec/models/connectwise_integration_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ConnectwiseIntegration +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ConnectwiseIntegration' do + before do + # run before each test + @instance = JCAPIv2::ConnectwiseIntegration.new + end + + after do + # run after each test + end + + describe 'test an instance of ConnectwiseIntegration' do + it 'should create an instance of ConnectwiseIntegration' do + expect(@instance).to be_instance_of(JCAPIv2::ConnectwiseIntegration) + end + end + describe 'test attribute "company_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_msp_auth_configured"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/create_organization_spec.rb b/jcapiv2/spec/models/create_organization_spec.rb new file mode 100644 index 0000000..35c1125 --- /dev/null +++ b/jcapiv2/spec/models/create_organization_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::CreateOrganization +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CreateOrganization' do + before do + # run before each test + @instance = JCAPIv2::CreateOrganization.new + end + + after do + # run after each test + end + + describe 'test an instance of CreateOrganization' do + it 'should create an instance of CreateOrganization' do + expect(@instance).to be_instance_of(JCAPIv2::CreateOrganization) + end + end + describe 'test attribute "max_system_users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/custom_email_spec.rb b/jcapiv2/spec/models/custom_email_spec.rb new file mode 100644 index 0000000..96586e4 --- /dev/null +++ b/jcapiv2/spec/models/custom_email_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::CustomEmail +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CustomEmail' do + before do + # run before each test + @instance = JCAPIv2::CustomEmail.new + end + + after do + # run after each test + end + + describe 'test an instance of CustomEmail' do + it 'should create an instance of CustomEmail' do + expect(@instance).to be_instance_of(JCAPIv2::CustomEmail) + end + end + describe 'test attribute "body"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "button"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "header"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "next_step_contact_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "subject"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "title"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/custom_email_template_field_spec.rb b/jcapiv2/spec/models/custom_email_template_field_spec.rb new file mode 100644 index 0000000..9f622c2 --- /dev/null +++ b/jcapiv2/spec/models/custom_email_template_field_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::CustomEmailTemplateField +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CustomEmailTemplateField' do + before do + # run before each test + @instance = JCAPIv2::CustomEmailTemplateField.new + end + + after do + # run after each test + end + + describe 'test an instance of CustomEmailTemplateField' do + it 'should create an instance of CustomEmailTemplateField' do + expect(@instance).to be_instance_of(JCAPIv2::CustomEmailTemplateField) + end + end + describe 'test attribute "default_value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "field"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "multiline"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/custom_email_template_spec.rb b/jcapiv2/spec/models/custom_email_template_spec.rb new file mode 100644 index 0000000..b4f7470 --- /dev/null +++ b/jcapiv2/spec/models/custom_email_template_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::CustomEmailTemplate +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CustomEmailTemplate' do + before do + # run before each test + @instance = JCAPIv2::CustomEmailTemplate.new + end + + after do + # run after each test + end + + describe 'test an instance of CustomEmailTemplate' do + it 'should create an instance of CustomEmailTemplate' do + expect(@instance).to be_instance_of(JCAPIv2::CustomEmailTemplate) + end + end + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "fields"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/custom_email_type_spec.rb b/jcapiv2/spec/models/custom_email_type_spec.rb new file mode 100644 index 0000000..280ad10 --- /dev/null +++ b/jcapiv2/spec/models/custom_email_type_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::CustomEmailType +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'CustomEmailType' do + before do + # run before each test + @instance = JCAPIv2::CustomEmailType.new + end + + after do + # run after each test + end + + describe 'test an instance of CustomEmailType' do + it 'should create an instance of CustomEmailType' do + expect(@instance).to be_instance_of(JCAPIv2::CustomEmailType) + end + end +end diff --git a/jcapiv2/spec/models/default_domain_spec.rb b/jcapiv2/spec/models/default_domain_spec.rb new file mode 100644 index 0000000..7575de7 --- /dev/null +++ b/jcapiv2/spec/models/default_domain_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DefaultDomain +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DefaultDomain' do + before do + # run before each test + @instance = JCAPIv2::DefaultDomain.new + end + + after do + # run after each test + end + + describe 'test an instance of DefaultDomain' do + it 'should create an instance of DefaultDomain' do + expect(@instance).to be_instance_of(JCAPIv2::DefaultDomain) + end + end + describe 'test attribute "domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/dep_setup_assistant_option_spec.rb b/jcapiv2/spec/models/dep_setup_assistant_option_spec.rb new file mode 100644 index 0000000..5bc6b3b --- /dev/null +++ b/jcapiv2/spec/models/dep_setup_assistant_option_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DEPSetupAssistantOption +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DEPSetupAssistantOption' do + before do + # run before each test + @instance = JCAPIv2::DEPSetupAssistantOption.new + end + + after do + # run after each test + end + + describe 'test an instance of DEPSetupAssistantOption' do + it 'should create an instance of DEPSetupAssistantOption' do + expect(@instance).to be_instance_of(JCAPIv2::DEPSetupAssistantOption) + end + end + describe 'test attribute "option"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/dep_spec.rb b/jcapiv2/spec/models/dep_spec.rb new file mode 100644 index 0000000..a07d562 --- /dev/null +++ b/jcapiv2/spec/models/dep_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DEP +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DEP' do + before do + # run before each test + @instance = JCAPIv2::DEP.new + end + + after do + # run after each test + end + + describe 'test an instance of DEP' do + it 'should create an instance of DEP' do + expect(@instance).to be_instance_of(JCAPIv2::DEP) + end + end + describe 'test attribute "enable_zero_touch_enrollment"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "setup_assistant_options"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "welcome_screen"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/dep_welcome_screen_spec.rb b/jcapiv2/spec/models/dep_welcome_screen_spec.rb new file mode 100644 index 0000000..46c4c8b --- /dev/null +++ b/jcapiv2/spec/models/dep_welcome_screen_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DEPWelcomeScreen +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DEPWelcomeScreen' do + before do + # run before each test + @instance = JCAPIv2::DEPWelcomeScreen.new + end + + after do + # run after each test + end + + describe 'test an instance of DEPWelcomeScreen' do + it 'should create an instance of DEPWelcomeScreen' do + expect(@instance).to be_instance_of(JCAPIv2::DEPWelcomeScreen) + end + end + describe 'test attribute "button"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "paragraph"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "title"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/device_id_erase_body_spec.rb b/jcapiv2/spec/models/device_id_erase_body_spec.rb new file mode 100644 index 0000000..48ba300 --- /dev/null +++ b/jcapiv2/spec/models/device_id_erase_body_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DeviceIdEraseBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DeviceIdEraseBody' do + before do + # run before each test + @instance = JCAPIv2::DeviceIdEraseBody.new + end + + after do + # run after each test + end + + describe 'test an instance of DeviceIdEraseBody' do + it 'should create an instance of DeviceIdEraseBody' do + expect(@instance).to be_instance_of(JCAPIv2::DeviceIdEraseBody) + end + end + describe 'test attribute "pin"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/device_id_lock_body_spec.rb b/jcapiv2/spec/models/device_id_lock_body_spec.rb new file mode 100644 index 0000000..e2ea3bc --- /dev/null +++ b/jcapiv2/spec/models/device_id_lock_body_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DeviceIdLockBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DeviceIdLockBody' do + before do + # run before each test + @instance = JCAPIv2::DeviceIdLockBody.new + end + + after do + # run after each test + end + + describe 'test an instance of DeviceIdLockBody' do + it 'should create an instance of DeviceIdLockBody' do + expect(@instance).to be_instance_of(JCAPIv2::DeviceIdLockBody) + end + end + describe 'test attribute "pin"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/device_id_resetpassword_body_spec.rb b/jcapiv2/spec/models/device_id_resetpassword_body_spec.rb new file mode 100644 index 0000000..450fd51 --- /dev/null +++ b/jcapiv2/spec/models/device_id_resetpassword_body_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DeviceIdResetpasswordBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DeviceIdResetpasswordBody' do + before do + # run before each test + @instance = JCAPIv2::DeviceIdResetpasswordBody.new + end + + after do + # run after each test + end + + describe 'test an instance of DeviceIdResetpasswordBody' do + it 'should create an instance of DeviceIdResetpasswordBody' do + expect(@instance).to be_instance_of(JCAPIv2::DeviceIdResetpasswordBody) + end + end + describe 'test attribute "flags"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "new_password"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/device_id_restart_body_spec.rb b/jcapiv2/spec/models/device_id_restart_body_spec.rb new file mode 100644 index 0000000..e6f26a2 --- /dev/null +++ b/jcapiv2/spec/models/device_id_restart_body_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DeviceIdRestartBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DeviceIdRestartBody' do + before do + # run before each test + @instance = JCAPIv2::DeviceIdRestartBody.new + end + + after do + # run after each test + end + + describe 'test an instance of DeviceIdRestartBody' do + it 'should create an instance of DeviceIdRestartBody' do + expect(@instance).to be_instance_of(JCAPIv2::DeviceIdRestartBody) + end + end + describe 'test attribute "kext_paths"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/device_package_v1_device_spec.rb b/jcapiv2/spec/models/device_package_v1_device_spec.rb new file mode 100644 index 0000000..97c9a0a --- /dev/null +++ b/jcapiv2/spec/models/device_package_v1_device_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DevicePackageV1Device +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DevicePackageV1Device' do + before do + # run before each test + @instance = JCAPIv2::DevicePackageV1Device.new + end + + after do + # run after each test + end + + describe 'test an instance of DevicePackageV1Device' do + it 'should create an instance of DevicePackageV1Device' do + expect(@instance).to be_instance_of(JCAPIv2::DevicePackageV1Device) + end + end + describe 'test attribute "app_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "created_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "public_key"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/device_package_v1_list_devices_response_spec.rb b/jcapiv2/spec/models/device_package_v1_list_devices_response_spec.rb new file mode 100644 index 0000000..30f38f7 --- /dev/null +++ b/jcapiv2/spec/models/device_package_v1_list_devices_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DevicePackageV1ListDevicesResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DevicePackageV1ListDevicesResponse' do + before do + # run before each test + @instance = JCAPIv2::DevicePackageV1ListDevicesResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of DevicePackageV1ListDevicesResponse' do + it 'should create an instance of DevicePackageV1ListDevicesResponse' do + expect(@instance).to be_instance_of(JCAPIv2::DevicePackageV1ListDevicesResponse) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/devices_get_sign_in_with_jump_cloud_settings_response_spec.rb b/jcapiv2/spec/models/devices_get_sign_in_with_jump_cloud_settings_response_spec.rb new file mode 100644 index 0000000..b6942b1 --- /dev/null +++ b/jcapiv2/spec/models/devices_get_sign_in_with_jump_cloud_settings_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DevicesGetSignInWithJumpCloudSettingsResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DevicesGetSignInWithJumpCloudSettingsResponse' do + before do + # run before each test + @instance = JCAPIv2::DevicesGetSignInWithJumpCloudSettingsResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of DevicesGetSignInWithJumpCloudSettingsResponse' do + it 'should create an instance of DevicesGetSignInWithJumpCloudSettingsResponse' do + expect(@instance).to be_instance_of(JCAPIv2::DevicesGetSignInWithJumpCloudSettingsResponse) + end + end + describe 'test attribute "organization_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "settings"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/devices_set_sign_in_with_jump_cloud_settings_request_spec.rb b/jcapiv2/spec/models/devices_set_sign_in_with_jump_cloud_settings_request_spec.rb new file mode 100644 index 0000000..271a2cd --- /dev/null +++ b/jcapiv2/spec/models/devices_set_sign_in_with_jump_cloud_settings_request_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DevicesSetSignInWithJumpCloudSettingsRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DevicesSetSignInWithJumpCloudSettingsRequest' do + before do + # run before each test + @instance = JCAPIv2::DevicesSetSignInWithJumpCloudSettingsRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of DevicesSetSignInWithJumpCloudSettingsRequest' do + it 'should create an instance of DevicesSetSignInWithJumpCloudSettingsRequest' do + expect(@instance).to be_instance_of(JCAPIv2::DevicesSetSignInWithJumpCloudSettingsRequest) + end + end + describe 'test attribute "organization_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "settings"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_os_family_spec.rb b/jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_os_family_spec.rb new file mode 100644 index 0000000..376065d --- /dev/null +++ b/jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_os_family_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DevicesSignInWithJumpCloudSettingOSFamily +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DevicesSignInWithJumpCloudSettingOSFamily' do + before do + # run before each test + @instance = JCAPIv2::DevicesSignInWithJumpCloudSettingOSFamily.new + end + + after do + # run after each test + end + + describe 'test an instance of DevicesSignInWithJumpCloudSettingOSFamily' do + it 'should create an instance of DevicesSignInWithJumpCloudSettingOSFamily' do + expect(@instance).to be_instance_of(JCAPIv2::DevicesSignInWithJumpCloudSettingOSFamily) + end + end +end diff --git a/jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_permission_spec.rb b/jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_permission_spec.rb new file mode 100644 index 0000000..2a61581 --- /dev/null +++ b/jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_permission_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DevicesSignInWithJumpCloudSettingPermission +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DevicesSignInWithJumpCloudSettingPermission' do + before do + # run before each test + @instance = JCAPIv2::DevicesSignInWithJumpCloudSettingPermission.new + end + + after do + # run after each test + end + + describe 'test an instance of DevicesSignInWithJumpCloudSettingPermission' do + it 'should create an instance of DevicesSignInWithJumpCloudSettingPermission' do + expect(@instance).to be_instance_of(JCAPIv2::DevicesSignInWithJumpCloudSettingPermission) + end + end +end diff --git a/jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_spec.rb b/jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_spec.rb new file mode 100644 index 0000000..88d1bce --- /dev/null +++ b/jcapiv2/spec/models/devices_sign_in_with_jump_cloud_setting_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DevicesSignInWithJumpCloudSetting +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DevicesSignInWithJumpCloudSetting' do + before do + # run before each test + @instance = JCAPIv2::DevicesSignInWithJumpCloudSetting.new + end + + after do + # run after each test + end + + describe 'test an instance of DevicesSignInWithJumpCloudSetting' do + it 'should create an instance of DevicesSignInWithJumpCloudSetting' do + expect(@instance).to be_instance_of(JCAPIv2::DevicesSignInWithJumpCloudSetting) + end + end + describe 'test attribute "default_permission"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os_family"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/directory_default_domain_spec.rb b/jcapiv2/spec/models/directory_default_domain_spec.rb new file mode 100644 index 0000000..1a272b0 --- /dev/null +++ b/jcapiv2/spec/models/directory_default_domain_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::DirectoryDefaultDomain +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'DirectoryDefaultDomain' do + before do + # run before each test + @instance = JCAPIv2::DirectoryDefaultDomain.new + end + + after do + # run after each test + end + + describe 'test an instance of DirectoryDefaultDomain' do + it 'should create an instance of DirectoryDefaultDomain' do + expect(@instance).to be_instance_of(JCAPIv2::DirectoryDefaultDomain) + end + end + describe 'test attribute "domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/directory_spec.rb b/jcapiv2/spec/models/directory_spec.rb index 37d6924..af9282e 100644 --- a/jcapiv2/spec/models/directory_spec.rb +++ b/jcapiv2/spec/models/directory_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,27 +31,38 @@ expect(@instance).to be_instance_of(JCAPIv2::Directory) end end + describe 'test attribute "default_domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "o_auth_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["active_directory", "g_suite", "ldap_server", "office_365", "workday"]) - #validator.allowable_values.each do |value| - # expect { @instance.type = value }.not_to raise_error - #end + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["active_directory", "g_suite", "ldap_server", "office_365", "workday"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end end end end - diff --git a/jcapiv2/spec/models/duo_account_spec.rb b/jcapiv2/spec/models/duo_account_spec.rb index 8ef4ae9..5ffd8af 100644 --- a/jcapiv2/spec/models/duo_account_spec.rb +++ b/jcapiv2/spec/models/duo_account_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/duo_application_req_spec.rb b/jcapiv2/spec/models/duo_application_req_spec.rb index aac3ec8..5c803d0 100644 --- a/jcapiv2/spec/models/duo_application_req_spec.rb +++ b/jcapiv2/spec/models/duo_application_req_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,27 +33,26 @@ end describe 'test attribute "api_host"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "integration_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "secret_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/duo_application_spec.rb b/jcapiv2/spec/models/duo_application_spec.rb index 0de9a71..2446d91 100644 --- a/jcapiv2/spec/models/duo_application_spec.rb +++ b/jcapiv2/spec/models/duo_application_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,27 +33,26 @@ end describe 'test attribute "api_host"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "integration_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/duo_application_update_req_spec.rb b/jcapiv2/spec/models/duo_application_update_req_spec.rb index 716e05e..78e5556 100644 --- a/jcapiv2/spec/models/duo_application_update_req_spec.rb +++ b/jcapiv2/spec/models/duo_application_update_req_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,27 +33,26 @@ end describe 'test attribute "api_host"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "integration_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "secret_key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/duo_registration_application_req_spec.rb b/jcapiv2/spec/models/duo_registration_application_req_spec.rb deleted file mode 100644 index a1a01df..0000000 --- a/jcapiv2/spec/models/duo_registration_application_req_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::DuoRegistrationApplicationReq -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'DuoRegistrationApplicationReq' do - before do - # run before each test - @instance = JCAPIv2::DuoRegistrationApplicationReq.new - end - - after do - # run after each test - end - - describe 'test an instance of DuoRegistrationApplicationReq' do - it 'should create an instance of DuoRegistrationApplicationReq' do - expect(@instance).to be_instance_of(JCAPIv2::DuoRegistrationApplicationReq) - end - end - describe 'test attribute "registration_application"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/duo_registration_application_spec.rb b/jcapiv2/spec/models/duo_registration_application_spec.rb deleted file mode 100644 index 38e8062..0000000 --- a/jcapiv2/spec/models/duo_registration_application_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::DuoRegistrationApplication -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'DuoRegistrationApplication' do - before do - # run before each test - @instance = JCAPIv2::DuoRegistrationApplication.new - end - - after do - # run after each test - end - - describe 'test an instance of DuoRegistrationApplication' do - it 'should create an instance of DuoRegistrationApplication' do - expect(@instance).to be_instance_of(JCAPIv2::DuoRegistrationApplication) - end - end - describe 'test attribute "api_host"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "integration_key"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "secret_key"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/emailrequest_spec.rb b/jcapiv2/spec/models/emailrequest_spec.rb deleted file mode 100644 index c120321..0000000 --- a/jcapiv2/spec/models/emailrequest_spec.rb +++ /dev/null @@ -1,46 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::Emailrequest -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Emailrequest' do - before do - # run before each test - @instance = JCAPIv2::Emailrequest.new - end - - after do - # run after each test - end - - describe 'test an instance of Emailrequest' do - it 'should create an instance of Emailrequest' do - expect(@instance).to be_instance_of(JCAPIv2::Emailrequest) - end - end - describe 'test attribute "email_type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["activation"]) - #validator.allowable_values.each do |value| - # expect { @instance.email_type = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/enrollment_profile_spec.rb b/jcapiv2/spec/models/enrollment_profile_spec.rb deleted file mode 100644 index 70c9225..0000000 --- a/jcapiv2/spec/models/enrollment_profile_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::EnrollmentProfile -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'EnrollmentProfile' do - before do - # run before each test - @instance = JCAPIv2::EnrollmentProfile.new - end - - after do - # run after each test - end - - describe 'test an instance of EnrollmentProfile' do - it 'should create an instance of EnrollmentProfile' do - expect(@instance).to be_instance_of(JCAPIv2::EnrollmentProfile) - end - end - describe 'test attribute "apple_mdm_id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/enterprises_enterprise_id_body_spec.rb b/jcapiv2/spec/models/enterprises_enterprise_id_body_spec.rb new file mode 100644 index 0000000..e3878c7 --- /dev/null +++ b/jcapiv2/spec/models/enterprises_enterprise_id_body_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::EnterprisesEnterpriseIdBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'EnterprisesEnterpriseIdBody' do + before do + # run before each test + @instance = JCAPIv2::EnterprisesEnterpriseIdBody.new + end + + after do + # run after each test + end + + describe 'test an instance of EnterprisesEnterpriseIdBody' do + it 'should create an instance of EnterprisesEnterpriseIdBody' do + expect(@instance).to be_instance_of(JCAPIv2::EnterprisesEnterpriseIdBody) + end + end + describe 'test attribute "allow_device_enrollment"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_group_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/error_details_spec.rb b/jcapiv2/spec/models/error_details_spec.rb new file mode 100644 index 0000000..e44ee1a --- /dev/null +++ b/jcapiv2/spec/models/error_details_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ErrorDetails +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ErrorDetails' do + before do + # run before each test + @instance = JCAPIv2::ErrorDetails.new + end + + after do + # run after each test + end + + describe 'test an instance of ErrorDetails' do + it 'should create an instance of ErrorDetails' do + expect(@instance).to be_instance_of(JCAPIv2::ErrorDetails) + end + end + describe 'test attribute "code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "message"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "details"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/error_spec.rb b/jcapiv2/spec/models/error_spec.rb index 61df941..25c6bc0 100644 --- a/jcapiv2/spec/models/error_spec.rb +++ b/jcapiv2/spec/models/error_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,20 @@ end describe 'test attribute "code"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - describe 'test attribute "fields"' do + describe 'test attribute "message"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - describe 'test attribute "message"' do + describe 'test attribute "status"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/errorresponse_spec.rb b/jcapiv2/spec/models/errorresponse_spec.rb deleted file mode 100644 index c31a36d..0000000 --- a/jcapiv2/spec/models/errorresponse_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::Errorresponse -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Errorresponse' do - before do - # run before each test - @instance = JCAPIv2::Errorresponse.new - end - - after do - # run after each test - end - - describe 'test an instance of Errorresponse' do - it 'should create an instance of Errorresponse' do - expect(@instance).to be_instance_of(JCAPIv2::Errorresponse) - end - end - describe 'test attribute "message"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/feature_spec.rb b/jcapiv2/spec/models/feature_spec.rb new file mode 100644 index 0000000..fb1a424 --- /dev/null +++ b/jcapiv2/spec/models/feature_spec.rb @@ -0,0 +1,44 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Feature +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Feature' do + before do + # run before each test + @instance = JCAPIv2::Feature.new + end + + after do + # run after each test + end + + describe 'test an instance of Feature' do + it 'should create an instance of Feature' do + expect(@instance).to be_instance_of(JCAPIv2::Feature) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["cloudDirectory", "deviceManagement", "directoryInsightsPremium", "implementationQuickstart", "ldap", "mdm", "mfa", "premiumSupport", "radius", "sso", "systemInsights", "userLifecycle", "zeroTrust", "jumpcloudProtect", "osPatchManagement", "remoteAssist", "cloudInsights", "passwordManagement"]) + # validator.allowable_values.each do |value| + # expect { @instance.name = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/feature_trial_data_spec.rb b/jcapiv2/spec/models/feature_trial_data_spec.rb new file mode 100644 index 0000000..d89f8fa --- /dev/null +++ b/jcapiv2/spec/models/feature_trial_data_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::FeatureTrialData +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'FeatureTrialData' do + before do + # run before each test + @instance = JCAPIv2::FeatureTrialData.new + end + + after do + # run after each test + end + + describe 'test an instance of FeatureTrialData' do + it 'should create an instance of FeatureTrialData' do + expect(@instance).to be_instance_of(JCAPIv2::FeatureTrialData) + end + end + describe 'test attribute "end_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "start_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/filter_query_spec.rb b/jcapiv2/spec/models/filter_query_spec.rb new file mode 100644 index 0000000..ce6f065 --- /dev/null +++ b/jcapiv2/spec/models/filter_query_spec.rb @@ -0,0 +1,50 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::FilterQuery +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'FilterQuery' do + before do + # run before each test + @instance = JCAPIv2::FilterQuery.new + end + + after do + # run after each test + end + + describe 'test an instance of FilterQuery' do + it 'should create an instance of FilterQuery' do + expect(@instance).to be_instance_of(JCAPIv2::FilterQuery) + end + end + describe 'test attribute "query_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["FilterQuery"]) + # validator.allowable_values.each do |value| + # expect { @instance.query_type = value }.not_to raise_error + # end + end + end + + describe 'test attribute "filters"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/filter_spec.rb b/jcapiv2/spec/models/filter_spec.rb new file mode 100644 index 0000000..a269424 --- /dev/null +++ b/jcapiv2/spec/models/filter_spec.rb @@ -0,0 +1,56 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Filter +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Filter' do + before do + # run before each test + @instance = JCAPIv2::Filter.new + end + + after do + # run after each test + end + + describe 'test an instance of Filter' do + it 'should create an instance of Filter' do + expect(@instance).to be_instance_of(JCAPIv2::Filter) + end + end + describe 'test attribute "field"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "operator"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["eq", "ne", "gt", "ge", "lt", "le", "between", "search", "in"]) + # validator.allowable_values.each do |value| + # expect { @instance.operator = value }.not_to raise_error + # end + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/g_suite_builtin_translation_spec.rb b/jcapiv2/spec/models/g_suite_builtin_translation_spec.rb index 76012e8..3bff820 100644 --- a/jcapiv2/spec/models/g_suite_builtin_translation_spec.rb +++ b/jcapiv2/spec/models/g_suite_builtin_translation_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -33,4 +32,3 @@ end end end - diff --git a/jcapiv2/spec/models/g_suite_direction_translation_spec.rb b/jcapiv2/spec/models/g_suite_direction_translation_spec.rb new file mode 100644 index 0000000..abec1e9 --- /dev/null +++ b/jcapiv2/spec/models/g_suite_direction_translation_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GSuiteDirectionTranslation +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GSuiteDirectionTranslation' do + before do + # run before each test + @instance = JCAPIv2::GSuiteDirectionTranslation.new + end + + after do + # run after each test + end + + describe 'test an instance of GSuiteDirectionTranslation' do + it 'should create an instance of GSuiteDirectionTranslation' do + expect(@instance).to be_instance_of(JCAPIv2::GSuiteDirectionTranslation) + end + end +end diff --git a/jcapiv2/spec/models/g_suite_translation_rule_request_spec.rb b/jcapiv2/spec/models/g_suite_translation_rule_request_spec.rb index 4203aba..9739ea4 100644 --- a/jcapiv2/spec/models/g_suite_translation_rule_request_spec.rb +++ b/jcapiv2/spec/models/g_suite_translation_rule_request_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,14 @@ end describe 'test attribute "built_in"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end -end + describe 'test attribute "direction"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end +end diff --git a/jcapiv2/spec/models/g_suite_translation_rule_spec.rb b/jcapiv2/spec/models/g_suite_translation_rule_spec.rb index da930ec..04fff02 100644 --- a/jcapiv2/spec/models/g_suite_translation_rule_spec.rb +++ b/jcapiv2/spec/models/g_suite_translation_rule_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,20 @@ end describe 'test attribute "built_in"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "direction"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/google_protobuf_any_spec.rb b/jcapiv2/spec/models/google_protobuf_any_spec.rb new file mode 100644 index 0000000..bb42887 --- /dev/null +++ b/jcapiv2/spec/models/google_protobuf_any_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GoogleProtobufAny +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GoogleProtobufAny' do + before do + # run before each test + @instance = JCAPIv2::GoogleProtobufAny.new + end + + after do + # run after each test + end + + describe 'test an instance of GoogleProtobufAny' do + it 'should create an instance of GoogleProtobufAny' do + expect(@instance).to be_instance_of(JCAPIv2::GoogleProtobufAny) + end + end +end diff --git a/jcapiv2/spec/models/google_rpc_status_spec.rb b/jcapiv2/spec/models/google_rpc_status_spec.rb new file mode 100644 index 0000000..286b8f7 --- /dev/null +++ b/jcapiv2/spec/models/google_rpc_status_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GoogleRpcStatus +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GoogleRpcStatus' do + before do + # run before each test + @instance = JCAPIv2::GoogleRpcStatus.new + end + + after do + # run after each test + end + + describe 'test an instance of GoogleRpcStatus' do + it 'should create an instance of GoogleRpcStatus' do + expect(@instance).to be_instance_of(JCAPIv2::GoogleRpcStatus) + end + end + describe 'test attribute "code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "details"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "message"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/graph_attribute_ldap_groups_spec.rb b/jcapiv2/spec/models/graph_attribute_ldap_groups_spec.rb new file mode 100644 index 0000000..40e591b --- /dev/null +++ b/jcapiv2/spec/models/graph_attribute_ldap_groups_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphAttributeLdapGroups +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphAttributeLdapGroups' do + before do + # run before each test + @instance = JCAPIv2::GraphAttributeLdapGroups.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphAttributeLdapGroups' do + it 'should create an instance of GraphAttributeLdapGroups' do + expect(@instance).to be_instance_of(JCAPIv2::GraphAttributeLdapGroups) + end + end + describe 'test attribute "ldap_groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/graph_attribute_posix_groups_posix_groups_spec.rb b/jcapiv2/spec/models/graph_attribute_posix_groups_posix_groups_spec.rb new file mode 100644 index 0000000..d43e5f2 --- /dev/null +++ b/jcapiv2/spec/models/graph_attribute_posix_groups_posix_groups_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphAttributePosixGroupsPosixGroups +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphAttributePosixGroupsPosixGroups' do + before do + # run before each test + @instance = JCAPIv2::GraphAttributePosixGroupsPosixGroups.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphAttributePosixGroupsPosixGroups' do + it 'should create an instance of GraphAttributePosixGroupsPosixGroups' do + expect(@instance).to be_instance_of(JCAPIv2::GraphAttributePosixGroupsPosixGroups) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/graph_attribute_posix_groups_spec.rb b/jcapiv2/spec/models/graph_attribute_posix_groups_spec.rb new file mode 100644 index 0000000..fcf97a7 --- /dev/null +++ b/jcapiv2/spec/models/graph_attribute_posix_groups_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphAttributePosixGroups +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphAttributePosixGroups' do + before do + # run before each test + @instance = JCAPIv2::GraphAttributePosixGroups.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphAttributePosixGroups' do + it 'should create an instance of GraphAttributePosixGroups' do + expect(@instance).to be_instance_of(JCAPIv2::GraphAttributePosixGroups) + end + end + describe 'test attribute "posix_groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/graph_attribute_radius_radius_reply_spec.rb b/jcapiv2/spec/models/graph_attribute_radius_radius_reply_spec.rb new file mode 100644 index 0000000..3b489fd --- /dev/null +++ b/jcapiv2/spec/models/graph_attribute_radius_radius_reply_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphAttributeRadiusRadiusReply +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphAttributeRadiusRadiusReply' do + before do + # run before each test + @instance = JCAPIv2::GraphAttributeRadiusRadiusReply.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphAttributeRadiusRadiusReply' do + it 'should create an instance of GraphAttributeRadiusRadiusReply' do + expect(@instance).to be_instance_of(JCAPIv2::GraphAttributeRadiusRadiusReply) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/graph_attribute_radius_radius_spec.rb b/jcapiv2/spec/models/graph_attribute_radius_radius_spec.rb new file mode 100644 index 0000000..2acbf00 --- /dev/null +++ b/jcapiv2/spec/models/graph_attribute_radius_radius_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphAttributeRadiusRadius +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphAttributeRadiusRadius' do + before do + # run before each test + @instance = JCAPIv2::GraphAttributeRadiusRadius.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphAttributeRadiusRadius' do + it 'should create an instance of GraphAttributeRadiusRadius' do + expect(@instance).to be_instance_of(JCAPIv2::GraphAttributeRadiusRadius) + end + end + describe 'test attribute "reply"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/graph_attribute_radius_spec.rb b/jcapiv2/spec/models/graph_attribute_radius_spec.rb new file mode 100644 index 0000000..17a60e6 --- /dev/null +++ b/jcapiv2/spec/models/graph_attribute_radius_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphAttributeRadius +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphAttributeRadius' do + before do + # run before each test + @instance = JCAPIv2::GraphAttributeRadius.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphAttributeRadius' do + it 'should create an instance of GraphAttributeRadius' do + expect(@instance).to be_instance_of(JCAPIv2::GraphAttributeRadius) + end + end + describe 'test attribute "radius"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/graph_attribute_samba_enabled_spec.rb b/jcapiv2/spec/models/graph_attribute_samba_enabled_spec.rb new file mode 100644 index 0000000..6dea4b2 --- /dev/null +++ b/jcapiv2/spec/models/graph_attribute_samba_enabled_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphAttributeSambaEnabled +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphAttributeSambaEnabled' do + before do + # run before each test + @instance = JCAPIv2::GraphAttributeSambaEnabled.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphAttributeSambaEnabled' do + it 'should create an instance of GraphAttributeSambaEnabled' do + expect(@instance).to be_instance_of(JCAPIv2::GraphAttributeSambaEnabled) + end + end + describe 'test attribute "samba_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/graph_attribute_sudo_spec.rb b/jcapiv2/spec/models/graph_attribute_sudo_spec.rb new file mode 100644 index 0000000..3397d2f --- /dev/null +++ b/jcapiv2/spec/models/graph_attribute_sudo_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphAttributeSudo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphAttributeSudo' do + before do + # run before each test + @instance = JCAPIv2::GraphAttributeSudo.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphAttributeSudo' do + it 'should create an instance of GraphAttributeSudo' do + expect(@instance).to be_instance_of(JCAPIv2::GraphAttributeSudo) + end + end + describe 'test attribute "sudo"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/graph_attribute_sudo_sudo_spec.rb b/jcapiv2/spec/models/graph_attribute_sudo_sudo_spec.rb new file mode 100644 index 0000000..46544f6 --- /dev/null +++ b/jcapiv2/spec/models/graph_attribute_sudo_sudo_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphAttributeSudoSudo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphAttributeSudoSudo' do + before do + # run before each test + @instance = JCAPIv2::GraphAttributeSudoSudo.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphAttributeSudoSudo' do + it 'should create an instance of GraphAttributeSudoSudo' do + expect(@instance).to be_instance_of(JCAPIv2::GraphAttributeSudoSudo) + end + end + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "without_password"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/graph_attributes_spec.rb b/jcapiv2/spec/models/graph_attributes_spec.rb new file mode 100644 index 0000000..01717b8 --- /dev/null +++ b/jcapiv2/spec/models/graph_attributes_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphAttributes +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphAttributes' do + before do + # run before each test + @instance = JCAPIv2::GraphAttributes.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphAttributes' do + it 'should create an instance of GraphAttributes' do + expect(@instance).to be_instance_of(JCAPIv2::GraphAttributes) + end + end +end diff --git a/jcapiv2/spec/models/graph_connection_spec.rb b/jcapiv2/spec/models/graph_connection_spec.rb index 4348567..515da69 100644 --- a/jcapiv2/spec/models/graph_connection_spec.rb +++ b/jcapiv2/spec/models/graph_connection_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,17 +31,22 @@ expect(@instance).to be_instance_of(JCAPIv2::GraphConnection) end end + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "from"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "to"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/graph_management_req_spec.rb b/jcapiv2/spec/models/graph_management_req_spec.rb deleted file mode 100644 index 6e7c90d..0000000 --- a/jcapiv2/spec/models/graph_management_req_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::GraphManagementReq -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'GraphManagementReq' do - before do - # run before each test - @instance = JCAPIv2::GraphManagementReq.new - end - - after do - # run after each test - end - - describe 'test an instance of GraphManagementReq' do - it 'should create an instance of GraphManagementReq' do - expect(@instance).to be_instance_of(JCAPIv2::GraphManagementReq) - end - end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "op"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) - #validator.allowable_values.each do |value| - # expect { @instance.op = value }.not_to raise_error - #end - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/graph_object_spec.rb b/jcapiv2/spec/models/graph_object_spec.rb index 2fb3d6c..d4ab5a1 100644 --- a/jcapiv2/spec/models/graph_object_spec.rb +++ b/jcapiv2/spec/models/graph_object_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,17 +31,22 @@ expect(@instance).to be_instance_of(JCAPIv2::GraphObject) end end + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/graph_object_with_paths_spec.rb b/jcapiv2/spec/models/graph_object_with_paths_spec.rb index 249f180..dab5ec8 100644 --- a/jcapiv2/spec/models/graph_object_with_paths_spec.rb +++ b/jcapiv2/spec/models/graph_object_with_paths_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,23 +31,28 @@ expect(@instance).to be_instance_of(JCAPIv2::GraphObjectWithPaths) end end + describe 'test attribute "compiled_attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "paths"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/graph_operation_active_directory_spec.rb b/jcapiv2/spec/models/graph_operation_active_directory_spec.rb new file mode 100644 index 0000000..eee7982 --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_active_directory_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationActiveDirectory +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationActiveDirectory' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationActiveDirectory.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationActiveDirectory' do + it 'should create an instance of GraphOperationActiveDirectory' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationActiveDirectory) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user", "user_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_application_spec.rb b/jcapiv2/spec/models/graph_operation_application_spec.rb new file mode 100644 index 0000000..6aa682d --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_application_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationApplication +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationApplication' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationApplication.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationApplication' do + it 'should create an instance of GraphOperationApplication' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationApplication) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user", "user_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_command_spec.rb b/jcapiv2/spec/models/graph_operation_command_spec.rb new file mode 100644 index 0000000..29d485d --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_command_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationCommand +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationCommand' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationCommand.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationCommand' do + it 'should create an instance of GraphOperationCommand' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationCommand) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["system", "system_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_g_suite_spec.rb b/jcapiv2/spec/models/graph_operation_g_suite_spec.rb new file mode 100644 index 0000000..1d2c20c --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_g_suite_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationGSuite +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationGSuite' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationGSuite.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationGSuite' do + it 'should create an instance of GraphOperationGSuite' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationGSuite) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user", "user_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_ldap_server_spec.rb b/jcapiv2/spec/models/graph_operation_ldap_server_spec.rb new file mode 100644 index 0000000..9d1ff20 --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_ldap_server_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationLdapServer +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationLdapServer' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationLdapServer.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationLdapServer' do + it 'should create an instance of GraphOperationLdapServer' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationLdapServer) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user", "user_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_office365_spec.rb b/jcapiv2/spec/models/graph_operation_office365_spec.rb new file mode 100644 index 0000000..17c8d68 --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_office365_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationOffice365 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationOffice365' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationOffice365.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationOffice365' do + it 'should create an instance of GraphOperationOffice365' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationOffice365) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user", "user_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_policy_group_member_spec.rb b/jcapiv2/spec/models/graph_operation_policy_group_member_spec.rb new file mode 100644 index 0000000..939fdcf --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_policy_group_member_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationPolicyGroupMember +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationPolicyGroupMember' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationPolicyGroupMember.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationPolicyGroupMember' do + it 'should create an instance of GraphOperationPolicyGroupMember' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationPolicyGroupMember) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["policy"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_policy_group_spec.rb b/jcapiv2/spec/models/graph_operation_policy_group_spec.rb new file mode 100644 index 0000000..33cb06e --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_policy_group_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationPolicyGroup +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationPolicyGroup' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationPolicyGroup.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationPolicyGroup' do + it 'should create an instance of GraphOperationPolicyGroup' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationPolicyGroup) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["system", "system_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_policy_spec.rb b/jcapiv2/spec/models/graph_operation_policy_spec.rb new file mode 100644 index 0000000..5d3b8ac --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_policy_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationPolicy +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationPolicy' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationPolicy.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationPolicy' do + it 'should create an instance of GraphOperationPolicy' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationPolicy) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["system", "system_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_radius_server_spec.rb b/jcapiv2/spec/models/graph_operation_radius_server_spec.rb new file mode 100644 index 0000000..8056b32 --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_radius_server_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationRadiusServer +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationRadiusServer' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationRadiusServer.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationRadiusServer' do + it 'should create an instance of GraphOperationRadiusServer' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationRadiusServer) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user", "user_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_software_app_spec.rb b/jcapiv2/spec/models/graph_operation_software_app_spec.rb new file mode 100644 index 0000000..74dba53 --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_software_app_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationSoftwareApp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationSoftwareApp' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationSoftwareApp.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationSoftwareApp' do + it 'should create an instance of GraphOperationSoftwareApp' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationSoftwareApp) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["system", "system_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_spec.rb b/jcapiv2/spec/models/graph_operation_spec.rb new file mode 100644 index 0000000..c689719 --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_spec.rb @@ -0,0 +1,50 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperation +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperation' do + before do + # run before each test + @instance = JCAPIv2::GraphOperation.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperation' do + it 'should create an instance of GraphOperation' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperation) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_system_group_member_spec.rb b/jcapiv2/spec/models/graph_operation_system_group_member_spec.rb new file mode 100644 index 0000000..3be51d0 --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_system_group_member_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationSystemGroupMember +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationSystemGroupMember' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationSystemGroupMember.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationSystemGroupMember' do + it 'should create an instance of GraphOperationSystemGroupMember' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationSystemGroupMember) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["system"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_system_group_spec.rb b/jcapiv2/spec/models/graph_operation_system_group_spec.rb new file mode 100644 index 0000000..f60bc9c --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_system_group_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationSystemGroup +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationSystemGroup' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationSystemGroup.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationSystemGroup' do + it 'should create an instance of GraphOperationSystemGroup' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationSystemGroup) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["command", "policy", "policy_group", "user", "user_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_system_spec.rb b/jcapiv2/spec/models/graph_operation_system_spec.rb new file mode 100644 index 0000000..6cb07f4 --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_system_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationSystem +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationSystem' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationSystem.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationSystem' do + it 'should create an instance of GraphOperationSystem' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationSystem) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["command", "policy", "policy_group", "user", "user_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_user_group_member_spec.rb b/jcapiv2/spec/models/graph_operation_user_group_member_spec.rb new file mode 100644 index 0000000..e641ddf --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_user_group_member_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationUserGroupMember +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationUserGroupMember' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationUserGroupMember.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationUserGroupMember' do + it 'should create an instance of GraphOperationUserGroupMember' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationUserGroupMember) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_user_group_spec.rb b/jcapiv2/spec/models/graph_operation_user_group_spec.rb new file mode 100644 index 0000000..d0338eb --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_user_group_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationUserGroup +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationUserGroup' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationUserGroup.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationUserGroup' do + it 'should create an instance of GraphOperationUserGroup' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationUserGroup) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["active_directory", "application", "g_suite", "ldap_server", "office_365", "radius_server", "system", "system_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_operation_user_spec.rb b/jcapiv2/spec/models/graph_operation_user_spec.rb new file mode 100644 index 0000000..0b5f1d5 --- /dev/null +++ b/jcapiv2/spec/models/graph_operation_user_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GraphOperationUser +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GraphOperationUser' do + before do + # run before each test + @instance = JCAPIv2::GraphOperationUser.new + end + + after do + # run after each test + end + + describe 'test an instance of GraphOperationUser' do + it 'should create an instance of GraphOperationUser' do + expect(@instance).to be_instance_of(JCAPIv2::GraphOperationUser) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["active_directory", "application", "g_suite", "ldap_server", "office_365", "radius_server", "system", "system_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/graph_type_spec.rb b/jcapiv2/spec/models/graph_type_spec.rb index 160c6e8..72131df 100644 --- a/jcapiv2/spec/models/graph_type_spec.rb +++ b/jcapiv2/spec/models/graph_type_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -33,4 +32,3 @@ end end end - diff --git a/jcapiv2/spec/models/group_attributes_user_group_spec.rb b/jcapiv2/spec/models/group_attributes_user_group_spec.rb new file mode 100644 index 0000000..1e1564a --- /dev/null +++ b/jcapiv2/spec/models/group_attributes_user_group_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GroupAttributesUserGroup +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GroupAttributesUserGroup' do + before do + # run before each test + @instance = JCAPIv2::GroupAttributesUserGroup.new + end + + after do + # run after each test + end + + describe 'test an instance of GroupAttributesUserGroup' do + it 'should create an instance of GroupAttributesUserGroup' do + expect(@instance).to be_instance_of(JCAPIv2::GroupAttributesUserGroup) + end + end + describe 'test attribute "sudo"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ldap_groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "posix_groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "radius"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "samba_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/group_id_suggestions_body_1_spec.rb b/jcapiv2/spec/models/group_id_suggestions_body_1_spec.rb new file mode 100644 index 0000000..cc151e2 --- /dev/null +++ b/jcapiv2/spec/models/group_id_suggestions_body_1_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GroupIdSuggestionsBody1 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GroupIdSuggestionsBody1' do + before do + # run before each test + @instance = JCAPIv2::GroupIdSuggestionsBody1.new + end + + after do + # run after each test + end + + describe 'test an instance of GroupIdSuggestionsBody1' do + it 'should create an instance of GroupIdSuggestionsBody1' do + expect(@instance).to be_instance_of(JCAPIv2::GroupIdSuggestionsBody1) + end + end + describe 'test attribute "user_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/group_id_suggestions_body_spec.rb b/jcapiv2/spec/models/group_id_suggestions_body_spec.rb new file mode 100644 index 0000000..893cad7 --- /dev/null +++ b/jcapiv2/spec/models/group_id_suggestions_body_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GroupIdSuggestionsBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GroupIdSuggestionsBody' do + before do + # run before each test + @instance = JCAPIv2::GroupIdSuggestionsBody.new + end + + after do + # run after each test + end + + describe 'test an instance of GroupIdSuggestionsBody' do + it 'should create an instance of GroupIdSuggestionsBody' do + expect(@instance).to be_instance_of(JCAPIv2::GroupIdSuggestionsBody) + end + end + describe 'test attribute "object_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/group_membership_method_type_spec.rb b/jcapiv2/spec/models/group_membership_method_type_spec.rb new file mode 100644 index 0000000..62c31ad --- /dev/null +++ b/jcapiv2/spec/models/group_membership_method_type_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GroupMembershipMethodType +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GroupMembershipMethodType' do + before do + # run before each test + @instance = JCAPIv2::GroupMembershipMethodType.new + end + + after do + # run after each test + end + + describe 'test an instance of GroupMembershipMethodType' do + it 'should create an instance of GroupMembershipMethodType' do + expect(@instance).to be_instance_of(JCAPIv2::GroupMembershipMethodType) + end + end +end diff --git a/jcapiv2/spec/models/group_pwm_spec.rb b/jcapiv2/spec/models/group_pwm_spec.rb new file mode 100644 index 0000000..0a47e7a --- /dev/null +++ b/jcapiv2/spec/models/group_pwm_spec.rb @@ -0,0 +1,76 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GroupPwm +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GroupPwm' do + before do + # run before each test + @instance = JCAPIv2::GroupPwm.new + end + + after do + # run after each test + end + + describe 'test an instance of GroupPwm' do + it 'should create an instance of GroupPwm' do + expect(@instance).to be_instance_of(JCAPIv2::GroupPwm) + end + end + describe 'test attribute "access_level_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "access_level_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "external_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "users_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/group_spec.rb b/jcapiv2/spec/models/group_spec.rb index 241aca8..73fada0 100644 --- a/jcapiv2/spec/models/group_spec.rb +++ b/jcapiv2/spec/models/group_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,23 +31,40 @@ expect(@instance).to be_instance_of(JCAPIv2::Group) end end + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/group_type_spec.rb b/jcapiv2/spec/models/group_type_spec.rb index d0f7222..f970ed9 100644 --- a/jcapiv2/spec/models/group_type_spec.rb +++ b/jcapiv2/spec/models/group_type_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -33,4 +32,3 @@ end end end - diff --git a/jcapiv2/spec/models/groups_inner_spec.rb b/jcapiv2/spec/models/groups_inner_spec.rb new file mode 100644 index 0000000..8f7538f --- /dev/null +++ b/jcapiv2/spec/models/groups_inner_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::GroupsInner +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'GroupsInner' do + before do + # run before each test + @instance = JCAPIv2::GroupsInner.new + end + + after do + # run after each test + end + + describe 'test an instance of GroupsInner' do + it 'should create an instance of GroupsInner' do + expect(@instance).to be_instance_of(JCAPIv2::GroupsInner) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/groups_spec.rb b/jcapiv2/spec/models/groups_spec.rb new file mode 100644 index 0000000..2428965 --- /dev/null +++ b/jcapiv2/spec/models/groups_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Groups +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Groups' do + before do + # run before each test + @instance = JCAPIv2::Groups.new + end + + after do + # run after each test + end + + describe 'test an instance of Groups' do + it 'should create an instance of Groups' do + expect(@instance).to be_instance_of(JCAPIv2::Groups) + end + end +end diff --git a/jcapiv2/spec/models/gsuite_output_spec.rb b/jcapiv2/spec/models/gsuite_output_spec.rb deleted file mode 100644 index 9168f72..0000000 --- a/jcapiv2/spec/models/gsuite_output_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::GsuiteOutput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'GsuiteOutput' do - before do - # run before each test - @instance = JCAPIv2::GsuiteOutput.new - end - - after do - # run after each test - end - - describe 'test an instance of GsuiteOutput' do - it 'should create an instance of GsuiteOutput' do - expect(@instance).to be_instance_of(JCAPIv2::GsuiteOutput) - end - end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "user_lockout_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["suspend", "maintain"]) - #validator.allowable_values.each do |value| - # expect { @instance.user_lockout_action = value }.not_to raise_error - #end - end - end - - describe 'test attribute "user_password_expiration_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["suspend", "maintain"]) - #validator.allowable_values.each do |value| - # expect { @instance.user_password_expiration_action = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/gsuite_patch_input_spec.rb b/jcapiv2/spec/models/gsuite_patch_input_spec.rb deleted file mode 100644 index a37ae25..0000000 --- a/jcapiv2/spec/models/gsuite_patch_input_spec.rb +++ /dev/null @@ -1,56 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::GsuitePatchInput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'GsuitePatchInput' do - before do - # run before each test - @instance = JCAPIv2::GsuitePatchInput.new - end - - after do - # run after each test - end - - describe 'test an instance of GsuitePatchInput' do - it 'should create an instance of GsuitePatchInput' do - expect(@instance).to be_instance_of(JCAPIv2::GsuitePatchInput) - end - end - describe 'test attribute "user_lockout_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["suspend", "maintain"]) - #validator.allowable_values.each do |value| - # expect { @instance.user_lockout_action = value }.not_to raise_error - #end - end - end - - describe 'test attribute "user_password_expiration_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["suspend", "maintain"]) - #validator.allowable_values.each do |value| - # expect { @instance.user_password_expiration_action = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/gsuite_spec.rb b/jcapiv2/spec/models/gsuite_spec.rb new file mode 100644 index 0000000..acff2ca --- /dev/null +++ b/jcapiv2/spec/models/gsuite_spec.rb @@ -0,0 +1,78 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Gsuite +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Gsuite' do + before do + # run before each test + @instance = JCAPIv2::Gsuite.new + end + + after do + # run after each test + end + + describe 'test an instance of Gsuite' do + it 'should create an instance of Gsuite' do + expect(@instance).to be_instance_of(JCAPIv2::Gsuite) + end + end + describe 'test attribute "default_domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "groups_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_lockout_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["suspend", "maintain"]) + # validator.allowable_values.each do |value| + # expect { @instance.user_lockout_action = value }.not_to raise_error + # end + end + end + + describe 'test attribute "user_password_expiration_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["suspend", "maintain", "remove_access"]) + # validator.allowable_values.each do |value| + # expect { @instance.user_password_expiration_action = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/import_operation_spec.rb b/jcapiv2/spec/models/import_operation_spec.rb new file mode 100644 index 0000000..f465f6d --- /dev/null +++ b/jcapiv2/spec/models/import_operation_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ImportOperation +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ImportOperation' do + before do + # run before each test + @instance = JCAPIv2::ImportOperation.new + end + + after do + # run after each test + end + + describe 'test an instance of ImportOperation' do + it 'should create an instance of ImportOperation' do + expect(@instance).to be_instance_of(JCAPIv2::ImportOperation) + end + end +end diff --git a/jcapiv2/spec/models/import_user_address_spec.rb b/jcapiv2/spec/models/import_user_address_spec.rb new file mode 100644 index 0000000..b58a45d --- /dev/null +++ b/jcapiv2/spec/models/import_user_address_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ImportUserAddress +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ImportUserAddress' do + before do + # run before each test + @instance = JCAPIv2::ImportUserAddress.new + end + + after do + # run after each test + end + + describe 'test an instance of ImportUserAddress' do + it 'should create an instance of ImportUserAddress' do + expect(@instance).to be_instance_of(JCAPIv2::ImportUserAddress) + end + end + describe 'test attribute "country"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "locality"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "postal_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "region"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "street_address"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/import_user_phone_number_spec.rb b/jcapiv2/spec/models/import_user_phone_number_spec.rb new file mode 100644 index 0000000..2991eb3 --- /dev/null +++ b/jcapiv2/spec/models/import_user_phone_number_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ImportUserPhoneNumber +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ImportUserPhoneNumber' do + before do + # run before each test + @instance = JCAPIv2::ImportUserPhoneNumber.new + end + + after do + # run after each test + end + + describe 'test an instance of ImportUserPhoneNumber' do + it 'should create an instance of ImportUserPhoneNumber' do + expect(@instance).to be_instance_of(JCAPIv2::ImportUserPhoneNumber) + end + end + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/import_user_spec.rb b/jcapiv2/spec/models/import_user_spec.rb new file mode 100644 index 0000000..04476d9 --- /dev/null +++ b/jcapiv2/spec/models/import_user_spec.rb @@ -0,0 +1,142 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ImportUser +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ImportUser' do + before do + # run before each test + @instance = JCAPIv2::ImportUser.new + end + + after do + # run after each test + end + + describe 'test an instance of ImportUser' do + it 'should create an instance of ImportUser' do + expect(@instance).to be_instance_of(JCAPIv2::ImportUser) + end + end + describe 'test attribute "addresses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "alternate_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "company"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "cost_center"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "department"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "displayname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "employee_identifier"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "employee_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "firstname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "job_title"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "lastname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "location"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manager"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "middlename"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "phone_numbers"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/import_users_request_spec.rb b/jcapiv2/spec/models/import_users_request_spec.rb new file mode 100644 index 0000000..53f4950 --- /dev/null +++ b/jcapiv2/spec/models/import_users_request_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ImportUsersRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ImportUsersRequest' do + before do + # run before each test + @instance = JCAPIv2::ImportUsersRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of ImportUsersRequest' do + it 'should create an instance of ImportUsersRequest' do + expect(@instance).to be_instance_of(JCAPIv2::ImportUsersRequest) + end + end + describe 'test attribute "allow_user_reactivation"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "operations"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "query_string"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/import_users_response_spec.rb b/jcapiv2/spec/models/import_users_response_spec.rb new file mode 100644 index 0000000..3de1203 --- /dev/null +++ b/jcapiv2/spec/models/import_users_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ImportUsersResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ImportUsersResponse' do + before do + # run before each test + @instance = JCAPIv2::ImportUsersResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of ImportUsersResponse' do + it 'should create an instance of ImportUsersResponse' do + expect(@instance).to be_instance_of(JCAPIv2::ImportUsersResponse) + end + end + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_10_spec.rb b/jcapiv2/spec/models/inline_response_200_10_spec.rb new file mode 100644 index 0000000..121ad7e --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_10_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse20010 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse20010' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse20010.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse20010' do + it 'should create an instance of InlineResponse20010' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse20010) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_11_spec.rb b/jcapiv2/spec/models/inline_response_200_11_spec.rb new file mode 100644 index 0000000..608e793 --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_11_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse20011 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse20011' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse20011.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse20011' do + it 'should create an instance of InlineResponse20011' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse20011) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_lockout_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_password_expiration_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_12_spec.rb b/jcapiv2/spec/models/inline_response_200_12_spec.rb new file mode 100644 index 0000000..093b651 --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_12_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse20012 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse20012' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse20012.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse20012' do + it 'should create an instance of InlineResponse20012' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse20012) + end + end + describe 'test attribute "skip_token"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "top"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_12_users_spec.rb b/jcapiv2/spec/models/inline_response_200_12_users_spec.rb new file mode 100644 index 0000000..18fa785 --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_12_users_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse20012Users +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse20012Users' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse20012Users.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse20012Users' do + it 'should create an instance of InlineResponse20012Users' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse20012Users) + end + end + describe 'test attribute "given_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "surname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_principal_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_13_spec.rb b/jcapiv2/spec/models/inline_response_200_13_spec.rb new file mode 100644 index 0000000..7674542 --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_13_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse20013 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse20013' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse20013.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse20013' do + it 'should create an instance of InlineResponse20013' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse20013) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_14_spec.rb b/jcapiv2/spec/models/inline_response_200_14_spec.rb new file mode 100644 index 0000000..2df4caf --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_14_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse20014 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse20014' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse20014.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse20014' do + it 'should create an instance of InlineResponse20014' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse20014) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_15_spec.rb b/jcapiv2/spec/models/inline_response_200_15_spec.rb new file mode 100644 index 0000000..df2ef66 --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_15_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse20015 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse20015' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse20015.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse20015' do + it 'should create an instance of InlineResponse20015' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse20015) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_1_spec.rb b/jcapiv2/spec/models/inline_response_200_1_spec.rb index e09bb7a..6e33d11 100644 --- a/jcapiv2/spec/models/inline_response_200_1_spec.rb +++ b/jcapiv2/spec/models/inline_response_200_1_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,17 +31,16 @@ expect(@instance).to be_instance_of(JCAPIv2::InlineResponse2001) end end - describe 'test attribute "results"' do + describe 'test attribute "next_page_token"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - describe 'test attribute "total_count"' do + describe 'test attribute "users"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/inline_response_200_2_spec.rb b/jcapiv2/spec/models/inline_response_200_2_spec.rb new file mode 100644 index 0000000..4f1a9ff --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_2_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse2002 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse2002' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse2002.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse2002' do + it 'should create an instance of InlineResponse2002' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse2002) + end + end + describe 'test attribute "next_page_token"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_2_users_spec.rb b/jcapiv2/spec/models/inline_response_200_2_users_spec.rb new file mode 100644 index 0000000..3ae2988 --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_2_users_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse2002Users +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse2002Users' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse2002Users.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse2002Users' do + it 'should create an instance of InlineResponse2002Users' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse2002Users) + end + end + describe 'test attribute "family_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "given_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "primary_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "thumbnail_photo_url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_3_spec.rb b/jcapiv2/spec/models/inline_response_200_3_spec.rb new file mode 100644 index 0000000..41601fb --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_3_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse2003 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse2003' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse2003.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse2003' do + it 'should create an instance of InlineResponse2003' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse2003) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_4_spec.rb b/jcapiv2/spec/models/inline_response_200_4_spec.rb new file mode 100644 index 0000000..9f698af --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_4_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse2004 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse2004' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse2004.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse2004' do + it 'should create an instance of InlineResponse2004' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse2004) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_5_spec.rb b/jcapiv2/spec/models/inline_response_200_5_spec.rb new file mode 100644 index 0000000..f26c854 --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_5_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse2005 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse2005' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse2005.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse2005' do + it 'should create an instance of InlineResponse2005' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse2005) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_6_spec.rb b/jcapiv2/spec/models/inline_response_200_6_spec.rb new file mode 100644 index 0000000..b184ec0 --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_6_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse2006 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse2006' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse2006.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse2006' do + it 'should create an instance of InlineResponse2006' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse2006) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_7_spec.rb b/jcapiv2/spec/models/inline_response_200_7_spec.rb new file mode 100644 index 0000000..7ca0f1e --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_7_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse2007 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse2007' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse2007.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse2007' do + it 'should create an instance of InlineResponse2007' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse2007) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_8_spec.rb b/jcapiv2/spec/models/inline_response_200_8_spec.rb new file mode 100644 index 0000000..76f5cf9 --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_8_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse2008 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse2008' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse2008.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse2008' do + it 'should create an instance of InlineResponse2008' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse2008) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_9_spec.rb b/jcapiv2/spec/models/inline_response_200_9_spec.rb new file mode 100644 index 0000000..aef47e3 --- /dev/null +++ b/jcapiv2/spec/models/inline_response_200_9_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InlineResponse2009 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InlineResponse2009' do + before do + # run before each test + @instance = JCAPIv2::InlineResponse2009.new + end + + after do + # run after each test + end + + describe 'test an instance of InlineResponse2009' do + it 'should create an instance of InlineResponse2009' do + expect(@instance).to be_instance_of(JCAPIv2::InlineResponse2009) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/inline_response_200_spec.rb b/jcapiv2/spec/models/inline_response_200_spec.rb index 53522ed..e12d3ca 100644 --- a/jcapiv2/spec/models/inline_response_200_spec.rb +++ b/jcapiv2/spec/models/inline_response_200_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,29 +31,16 @@ expect(@instance).to be_instance_of(JCAPIv2::InlineResponse200) end end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do + describe 'test attribute "events_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - describe 'test attribute "user_lockout_action"' do + describe 'test attribute "results"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "user_password_expiration_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/inline_response_201_spec.rb b/jcapiv2/spec/models/inline_response_201_spec.rb index f949fab..603fe12 100644 --- a/jcapiv2/spec/models/inline_response_201_spec.rb +++ b/jcapiv2/spec/models/inline_response_201_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,17 +31,10 @@ expect(@instance).to be_instance_of(JCAPIv2::InlineResponse201) end end - describe 'test attribute "apple_mdm"' do + describe 'test attribute "integration_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "signed_csr_plist"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/inline_response_400_spec.rb b/jcapiv2/spec/models/inline_response_400_spec.rb index bc758c5..727d263 100644 --- a/jcapiv2/spec/models/inline_response_400_spec.rb +++ b/jcapiv2/spec/models/inline_response_400_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,8 @@ end describe 'test attribute "message"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/install_action_type_spec.rb b/jcapiv2/spec/models/install_action_type_spec.rb new file mode 100644 index 0000000..c03cc8c --- /dev/null +++ b/jcapiv2/spec/models/install_action_type_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::InstallActionType +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'InstallActionType' do + before do + # run before each test + @instance = JCAPIv2::InstallActionType.new + end + + after do + # run after each test + end + + describe 'test an instance of InstallActionType' do + it 'should create an instance of InstallActionType' do + expect(@instance).to be_instance_of(JCAPIv2::InstallActionType) + end + end +end diff --git a/jcapiv2/spec/models/integration_spec.rb b/jcapiv2/spec/models/integration_spec.rb new file mode 100644 index 0000000..a37b966 --- /dev/null +++ b/jcapiv2/spec/models/integration_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Integration +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Integration' do + before do + # run before each test + @instance = JCAPIv2::Integration.new + end + + after do + # run after each test + end + + describe 'test an instance of Integration' do + it 'should create an instance of Integration' do + expect(@instance).to be_instance_of(JCAPIv2::Integration) + end + end + describe 'test attribute "integration_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/integration_sync_error_resp_spec.rb b/jcapiv2/spec/models/integration_sync_error_resp_spec.rb new file mode 100644 index 0000000..9584955 --- /dev/null +++ b/jcapiv2/spec/models/integration_sync_error_resp_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::IntegrationSyncErrorResp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'IntegrationSyncErrorResp' do + before do + # run before each test + @instance = JCAPIv2::IntegrationSyncErrorResp.new + end + + after do + # run after each test + end + + describe 'test an instance of IntegrationSyncErrorResp' do + it 'should create an instance of IntegrationSyncErrorResp' do + expect(@instance).to be_instance_of(JCAPIv2::IntegrationSyncErrorResp) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/integration_sync_error_spec.rb b/jcapiv2/spec/models/integration_sync_error_spec.rb new file mode 100644 index 0000000..25bec50 --- /dev/null +++ b/jcapiv2/spec/models/integration_sync_error_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::IntegrationSyncError +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'IntegrationSyncError' do + before do + # run before each test + @instance = JCAPIv2::IntegrationSyncError.new + end + + after do + # run after each test + end + + describe 'test an instance of IntegrationSyncError' do + it 'should create an instance of IntegrationSyncError' do + expect(@instance).to be_instance_of(JCAPIv2::IntegrationSyncError) + end + end + describe 'test attribute "error_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "message"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "org_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "timestamp"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/integration_type_spec.rb b/jcapiv2/spec/models/integration_type_spec.rb new file mode 100644 index 0000000..b2c9234 --- /dev/null +++ b/jcapiv2/spec/models/integration_type_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::IntegrationType +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'IntegrationType' do + before do + # run before each test + @instance = JCAPIv2::IntegrationType.new + end + + after do + # run after each test + end + + describe 'test an instance of IntegrationType' do + it 'should create an instance of IntegrationType' do + expect(@instance).to be_instance_of(JCAPIv2::IntegrationType) + end + end +end diff --git a/jcapiv2/spec/models/integrations_response_spec.rb b/jcapiv2/spec/models/integrations_response_spec.rb new file mode 100644 index 0000000..7c19e15 --- /dev/null +++ b/jcapiv2/spec/models/integrations_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::IntegrationsResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'IntegrationsResponse' do + before do + # run before each test + @instance = JCAPIv2::IntegrationsResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of IntegrationsResponse' do + it 'should create an instance of IntegrationsResponse' do + expect(@instance).to be_instance_of(JCAPIv2::IntegrationsResponse) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/ip_list_request_spec.rb b/jcapiv2/spec/models/ip_list_request_spec.rb new file mode 100644 index 0000000..04d2906 --- /dev/null +++ b/jcapiv2/spec/models/ip_list_request_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::IPListRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'IPListRequest' do + before do + # run before each test + @instance = JCAPIv2::IPListRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of IPListRequest' do + it 'should create an instance of IPListRequest' do + expect(@instance).to be_instance_of(JCAPIv2::IPListRequest) + end + end + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ips"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/ip_list_spec.rb b/jcapiv2/spec/models/ip_list_spec.rb new file mode 100644 index 0000000..4b52cef --- /dev/null +++ b/jcapiv2/spec/models/ip_list_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::IPList +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'IPList' do + before do + # run before each test + @instance = JCAPIv2::IPList.new + end + + after do + # run after each test + end + + describe 'test an instance of IPList' do + it 'should create an instance of IPList' do + expect(@instance).to be_instance_of(JCAPIv2::IPList) + end + end + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ips"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jc_enrollment_profile_spec.rb b/jcapiv2/spec/models/jc_enrollment_profile_spec.rb deleted file mode 100644 index 3972b1f..0000000 --- a/jcapiv2/spec/models/jc_enrollment_profile_spec.rb +++ /dev/null @@ -1,66 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::JcEnrollmentProfile -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'JcEnrollmentProfile' do - before do - # run before each test - @instance = JCAPIv2::JcEnrollmentProfile.new - end - - after do - # run after each test - end - - describe 'test an instance of JcEnrollmentProfile' do - it 'should create an instance of JcEnrollmentProfile' do - expect(@instance).to be_instance_of(JCAPIv2::JcEnrollmentProfile) - end - end - describe 'test attribute "groups"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "organization"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "users"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/job_details_spec.rb b/jcapiv2/spec/models/job_details_spec.rb deleted file mode 100644 index 6617fdc..0000000 --- a/jcapiv2/spec/models/job_details_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::JobDetails -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'JobDetails' do - before do - # run before each test - @instance = JCAPIv2::JobDetails.new - end - - after do - # run after each test - end - - describe 'test an instance of JobDetails' do - it 'should create an instance of JobDetails' do - expect(@instance).to be_instance_of(JCAPIv2::JobDetails) - end - end - describe 'test attribute "admin_id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "meta"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "persisted_fields"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "status"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "updated_at"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "work_units_count"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/job_id_spec.rb b/jcapiv2/spec/models/job_id_spec.rb index 47b4dba..453b867 100644 --- a/jcapiv2/spec/models/job_id_spec.rb +++ b/jcapiv2/spec/models/job_id_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,8 @@ end describe 'test attribute "job_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/job_workresult_spec.rb b/jcapiv2/spec/models/job_workresult_spec.rb index 03d4bdd..e516f46 100644 --- a/jcapiv2/spec/models/job_workresult_spec.rb +++ b/jcapiv2/spec/models/job_workresult_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,11 +31,46 @@ expect(@instance).to be_instance_of(JCAPIv2::JobWorkresult) end end + describe 'test attribute "created_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "meta"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end -end + describe 'test attribute "persisted_fields"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status_msg"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_gapps_domain_list_response_spec.rb b/jcapiv2/spec/models/jumpcloud_gapps_domain_list_response_spec.rb new file mode 100644 index 0000000..8410096 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_gapps_domain_list_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGappsDomainListResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGappsDomainListResponse' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGappsDomainListResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGappsDomainListResponse' do + it 'should create an instance of JumpcloudGappsDomainListResponse' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGappsDomainListResponse) + end + end + describe 'test attribute "domains"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_gapps_domain_response_spec.rb b/jcapiv2/spec/models/jumpcloud_gapps_domain_response_spec.rb new file mode 100644 index 0000000..d6a4655 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_gapps_domain_response_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGappsDomainResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGappsDomainResponse' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGappsDomainResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGappsDomainResponse' do + it 'should create an instance of JumpcloudGappsDomainResponse' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGappsDomainResponse) + end + end + describe 'test attribute "domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_gapps_domain_spec.rb b/jcapiv2/spec/models/jumpcloud_gapps_domain_spec.rb new file mode 100644 index 0000000..458ad0e --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_gapps_domain_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGappsDomain +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGappsDomain' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGappsDomain.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGappsDomain' do + it 'should create an instance of JumpcloudGappsDomain' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGappsDomain) + end + end + describe 'test attribute "account_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "default"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_allow_personal_usage_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_allow_personal_usage_spec.rb new file mode 100644 index 0000000..e8b675f --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_allow_personal_usage_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmAllowPersonalUsage +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmAllowPersonalUsage' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmAllowPersonalUsage.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmAllowPersonalUsage' do + it 'should create an instance of JumpcloudGoogleEmmAllowPersonalUsage' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmAllowPersonalUsage) + end + end +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_command_response_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_command_response_spec.rb new file mode 100644 index 0000000..794cbb7 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_command_response_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmCommandResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmCommandResponse' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmCommandResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmCommandResponse' do + it 'should create an instance of JumpcloudGoogleEmmCommandResponse' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmCommandResponse) + end + end +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_common_criteria_mode_info_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_common_criteria_mode_info_spec.rb new file mode 100644 index 0000000..c036699 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_common_criteria_mode_info_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmCommonCriteriaModeInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmCommonCriteriaModeInfo' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmCommonCriteriaModeInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmCommonCriteriaModeInfo' do + it 'should create an instance of JumpcloudGoogleEmmCommonCriteriaModeInfo' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmCommonCriteriaModeInfo) + end + end + describe 'test attribute "common_criteria_mode_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_connection_status_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_connection_status_spec.rb new file mode 100644 index 0000000..31b6a24 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_connection_status_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmConnectionStatus +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmConnectionStatus' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmConnectionStatus.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmConnectionStatus' do + it 'should create an instance of JumpcloudGoogleEmmConnectionStatus' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmConnectionStatus) + end + end + describe 'test attribute "enterprise_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_connected"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_create_enrollment_token_request_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_create_enrollment_token_request_spec.rb new file mode 100644 index 0000000..2690c37 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_create_enrollment_token_request_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmCreateEnrollmentTokenRequest' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmCreateEnrollmentTokenRequest' do + it 'should create an instance of JumpcloudGoogleEmmCreateEnrollmentTokenRequest' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenRequest) + end + end + describe 'test attribute "allow_personal_usage"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enterprise_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "one_time_only"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "zero_touch"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_create_enrollment_token_response_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_create_enrollment_token_response_spec.rb new file mode 100644 index 0000000..b3864e3 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_create_enrollment_token_response_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmCreateEnrollmentTokenResponse' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmCreateEnrollmentTokenResponse' do + it 'should create an instance of JumpcloudGoogleEmmCreateEnrollmentTokenResponse' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmCreateEnrollmentTokenResponse) + end + end + describe 'test attribute "enrollment_link"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "expiration_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "metadata"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "qr_code_image"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_create_enterprise_request_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_create_enterprise_request_spec.rb new file mode 100644 index 0000000..c03fde9 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_create_enterprise_request_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmCreateEnterpriseRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmCreateEnterpriseRequest' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmCreateEnterpriseRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmCreateEnterpriseRequest' do + it 'should create an instance of JumpcloudGoogleEmmCreateEnterpriseRequest' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmCreateEnterpriseRequest) + end + end + describe 'test attribute "enrollment_token"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "signup_url_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_create_web_token_request_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_create_web_token_request_spec.rb new file mode 100644 index 0000000..9238de9 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_create_web_token_request_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmCreateWebTokenRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmCreateWebTokenRequest' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmCreateWebTokenRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmCreateWebTokenRequest' do + it 'should create an instance of JumpcloudGoogleEmmCreateWebTokenRequest' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmCreateWebTokenRequest) + end + end + describe 'test attribute "enterprise_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "iframe_feature"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "parent_frame_url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_device_android_policy_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_device_android_policy_spec.rb new file mode 100644 index 0000000..d368506 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_device_android_policy_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmDeviceAndroidPolicy +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmDeviceAndroidPolicy' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmDeviceAndroidPolicy.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmDeviceAndroidPolicy' do + it 'should create an instance of JumpcloudGoogleEmmDeviceAndroidPolicy' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmDeviceAndroidPolicy) + end + end + describe 'test attribute "policy"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_device_data_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_device_data_spec.rb new file mode 100644 index 0000000..31b9f44 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_device_data_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmDeviceData +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmDeviceData' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmDeviceData.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmDeviceData' do + it 'should create an instance of JumpcloudGoogleEmmDeviceData' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmDeviceData) + end + end + describe 'test attribute "device_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_device_information_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_device_information_spec.rb new file mode 100644 index 0000000..540d305 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_device_information_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmDeviceInformation +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmDeviceInformation' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmDeviceInformation.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmDeviceInformation' do + it 'should create an instance of JumpcloudGoogleEmmDeviceInformation' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmDeviceInformation) + end + end + describe 'test attribute "device_state_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "emm_enrollment_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "hardware_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "memory_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "network_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "software_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_device_settings_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_device_settings_spec.rb new file mode 100644 index 0000000..dd1052e --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_device_settings_spec.rb @@ -0,0 +1,76 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmDeviceSettings +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmDeviceSettings' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmDeviceSettings.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmDeviceSettings' do + it 'should create an instance of JumpcloudGoogleEmmDeviceSettings' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmDeviceSettings) + end + end + describe 'test attribute "adb_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "development_settings_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "encryption_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_device_secure"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_encrypted"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "unknown_sources_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "verify_apps_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_device_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_device_spec.rb new file mode 100644 index 0000000..cbfe954 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_device_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmDevice +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmDevice' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmDevice.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmDevice' do + it 'should create an instance of JumpcloudGoogleEmmDevice' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmDevice) + end + end + describe 'test attribute "device_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_information"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_device_state_info_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_device_state_info_spec.rb new file mode 100644 index 0000000..01291da --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_device_state_info_spec.rb @@ -0,0 +1,88 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmDeviceStateInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmDeviceStateInfo' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmDeviceStateInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmDeviceStateInfo' do + it 'should create an instance of JumpcloudGoogleEmmDeviceStateInfo' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmDeviceStateInfo) + end + end + describe 'test attribute "applied_device_state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "common_criteria_mode_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_settings"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disabled_reason"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_policy_sync_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_status_report_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "policy_compliant"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "security_posture"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_emm_enrollment_info_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_emm_enrollment_info_spec.rb new file mode 100644 index 0000000..44df744 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_emm_enrollment_info_spec.rb @@ -0,0 +1,76 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmEMMEnrollmentInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmEMMEnrollmentInfo' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmEMMEnrollmentInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmEMMEnrollmentInfo' do + it 'should create an instance of JumpcloudGoogleEmmEMMEnrollmentInfo' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmEMMEnrollmentInfo) + end + end + describe 'test attribute "applied_policy_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "applied_policy_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enrollment_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enrollment_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "management_mode"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ownership"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "policy_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_enterprise_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_enterprise_spec.rb new file mode 100644 index 0000000..bd3dcc5 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_enterprise_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmEnterprise +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmEnterprise' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmEnterprise.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmEnterprise' do + it 'should create an instance of JumpcloudGoogleEmmEnterprise' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmEnterprise) + end + end + describe 'test attribute "allow_device_enrollment"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "contact_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "created_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_group_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_feature_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_feature_spec.rb new file mode 100644 index 0000000..79bde7b --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_feature_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmFeature +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmFeature' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmFeature.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmFeature' do + it 'should create an instance of JumpcloudGoogleEmmFeature' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmFeature) + end + end +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_hardware_info_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_hardware_info_spec.rb new file mode 100644 index 0000000..f475141 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_hardware_info_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmHardwareInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmHardwareInfo' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmHardwareInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmHardwareInfo' do + it 'should create an instance of JumpcloudGoogleEmmHardwareInfo' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmHardwareInfo) + end + end + describe 'test attribute "brand"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_base_band_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "hardware"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manufacturer"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "model"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "serial_number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_list_devices_response_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_list_devices_response_spec.rb new file mode 100644 index 0000000..ebe5448 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_list_devices_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmListDevicesResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmListDevicesResponse' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmListDevicesResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmListDevicesResponse' do + it 'should create an instance of JumpcloudGoogleEmmListDevicesResponse' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmListDevicesResponse) + end + end + describe 'test attribute "count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "devices"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_list_enterprises_response_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_list_enterprises_response_spec.rb new file mode 100644 index 0000000..0d9bd47 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_list_enterprises_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmListEnterprisesResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmListEnterprisesResponse' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmListEnterprisesResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmListEnterprisesResponse' do + it 'should create an instance of JumpcloudGoogleEmmListEnterprisesResponse' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmListEnterprisesResponse) + end + end + describe 'test attribute "count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enterprises"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_memory_info_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_memory_info_spec.rb new file mode 100644 index 0000000..f451985 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_memory_info_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmMemoryInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmMemoryInfo' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmMemoryInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmMemoryInfo' do + it 'should create an instance of JumpcloudGoogleEmmMemoryInfo' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmMemoryInfo) + end + end + describe 'test attribute "total_internal_storage"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_ram"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_network_info_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_network_info_spec.rb new file mode 100644 index 0000000..17fac1b --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_network_info_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmNetworkInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmNetworkInfo' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmNetworkInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmNetworkInfo' do + it 'should create an instance of JumpcloudGoogleEmmNetworkInfo' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmNetworkInfo) + end + end + describe 'test attribute "imei"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "meid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "telephony_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "wifi_mac_address"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_security_posture_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_security_posture_spec.rb new file mode 100644 index 0000000..e54a795 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_security_posture_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmSecurityPosture +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmSecurityPosture' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmSecurityPosture.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmSecurityPosture' do + it 'should create an instance of JumpcloudGoogleEmmSecurityPosture' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmSecurityPosture) + end + end + describe 'test attribute "device_posture"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_signup_url_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_signup_url_spec.rb new file mode 100644 index 0000000..3705798 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_signup_url_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmSignupURL +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmSignupURL' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmSignupURL.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmSignupURL' do + it 'should create an instance of JumpcloudGoogleEmmSignupURL' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmSignupURL) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_software_info_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_software_info_spec.rb new file mode 100644 index 0000000..b03777b --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_software_info_spec.rb @@ -0,0 +1,94 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmSoftwareInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmSoftwareInfo' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmSoftwareInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmSoftwareInfo' do + it 'should create an instance of JumpcloudGoogleEmmSoftwareInfo' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmSoftwareInfo) + end + end + describe 'test attribute "android_build_number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "android_build_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "android_device_policy_version_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "android_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "bootloader_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_build_signature"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_kernel_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "primary_language_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "security_patch_level"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_update_info"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_system_update_info_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_system_update_info_spec.rb new file mode 100644 index 0000000..d7b706e --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_system_update_info_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmSystemUpdateInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmSystemUpdateInfo' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmSystemUpdateInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmSystemUpdateInfo' do + it 'should create an instance of JumpcloudGoogleEmmSystemUpdateInfo' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmSystemUpdateInfo) + end + end + describe 'test attribute "update_received_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "update_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_telephony_info_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_telephony_info_spec.rb new file mode 100644 index 0000000..7f3a14c --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_telephony_info_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmTelephonyInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmTelephonyInfo' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmTelephonyInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmTelephonyInfo' do + it 'should create an instance of JumpcloudGoogleEmmTelephonyInfo' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmTelephonyInfo) + end + end + describe 'test attribute "carrier_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "phone_number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_google_emm_web_token_spec.rb b/jcapiv2/spec/models/jumpcloud_google_emm_web_token_spec.rb new file mode 100644 index 0000000..b080240 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_google_emm_web_token_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudGoogleEmmWebToken +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudGoogleEmmWebToken' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudGoogleEmmWebToken.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudGoogleEmmWebToken' do + it 'should create an instance of JumpcloudGoogleEmmWebToken' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudGoogleEmmWebToken) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_msp_get_details_response_spec.rb b/jcapiv2/spec/models/jumpcloud_msp_get_details_response_spec.rb new file mode 100644 index 0000000..0372f6d --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_msp_get_details_response_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudMspGetDetailsResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudMspGetDetailsResponse' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudMspGetDetailsResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudMspGetDetailsResponse' do + it 'should create an instance of JumpcloudMspGetDetailsResponse' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudMspGetDetailsResponse) + end + end + describe 'test attribute "assigned_licenses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "contract_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "has_contract"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "products"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_msp_product_spec.rb b/jcapiv2/spec/models/jumpcloud_msp_product_spec.rb new file mode 100644 index 0000000..8ca088b --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_msp_product_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudMspProduct +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudMspProduct' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudMspProduct.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudMspProduct' do + it 'should create an instance of JumpcloudMspProduct' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudMspProduct) + end + end + describe 'test attribute "capabilities"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "included_licenses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "purchased_licenses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_package_validator_apple_package_details_spec.rb b/jcapiv2/spec/models/jumpcloud_package_validator_apple_package_details_spec.rb new file mode 100644 index 0000000..2f365ae --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_package_validator_apple_package_details_spec.rb @@ -0,0 +1,88 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudPackageValidatorApplePackageDetails +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudPackageValidatorApplePackageDetails' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudPackageValidatorApplePackageDetails.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudPackageValidatorApplePackageDetails' do + it 'should create an instance of JumpcloudPackageValidatorApplePackageDetails' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudPackageValidatorApplePackageDetails) + end + end + describe 'test attribute "asset_kind"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "asset_sha256_size"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "asset_sha256_strings"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "asset_url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "bundle_identifier"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "bundle_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "package_kind"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "subtitle"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "title"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_package_validator_validate_application_install_package_request_spec.rb b/jcapiv2/spec/models/jumpcloud_package_validator_validate_application_install_package_request_spec.rb new file mode 100644 index 0000000..9fbbfdb --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_package_validator_validate_application_install_package_request_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudPackageValidatorValidateApplicationInstallPackageRequest' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudPackageValidatorValidateApplicationInstallPackageRequest' do + it 'should create an instance of JumpcloudPackageValidatorValidateApplicationInstallPackageRequest' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageRequest) + end + end + describe 'test attribute "url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/jumpcloud_package_validator_validate_application_install_package_response_spec.rb b/jcapiv2/spec/models/jumpcloud_package_validator_validate_application_install_package_response_spec.rb new file mode 100644 index 0000000..c7d3b24 --- /dev/null +++ b/jcapiv2/spec/models/jumpcloud_package_validator_validate_application_install_package_response_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'JumpcloudPackageValidatorValidateApplicationInstallPackageResponse' do + before do + # run before each test + @instance = JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of JumpcloudPackageValidatorValidateApplicationInstallPackageResponse' do + it 'should create an instance of JumpcloudPackageValidatorValidateApplicationInstallPackageResponse' do + expect(@instance).to be_instance_of(JCAPIv2::JumpcloudPackageValidatorValidateApplicationInstallPackageResponse) + end + end + describe 'test attribute "apple_package_details"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/ldap_group_spec.rb b/jcapiv2/spec/models/ldap_group_spec.rb new file mode 100644 index 0000000..8c6ffda --- /dev/null +++ b/jcapiv2/spec/models/ldap_group_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::LdapGroup +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'LdapGroup' do + before do + # run before each test + @instance = JCAPIv2::LdapGroup.new + end + + after do + # run after each test + end + + describe 'test an instance of LdapGroup' do + it 'should create an instance of LdapGroup' do + expect(@instance).to be_instance_of(JCAPIv2::LdapGroup) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/ldap_server_action_spec.rb b/jcapiv2/spec/models/ldap_server_action_spec.rb index 6d15f5b..5c9d365 100644 --- a/jcapiv2/spec/models/ldap_server_action_spec.rb +++ b/jcapiv2/spec/models/ldap_server_action_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -33,4 +32,3 @@ end end end - diff --git a/jcapiv2/spec/models/ldap_server_input_spec.rb b/jcapiv2/spec/models/ldap_server_input_spec.rb deleted file mode 100644 index 1e5696f..0000000 --- a/jcapiv2/spec/models/ldap_server_input_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::LdapServerInput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'LdapServerInput' do - before do - # run before each test - @instance = JCAPIv2::LdapServerInput.new - end - - after do - # run after each test - end - - describe 'test an instance of LdapServerInput' do - it 'should create an instance of LdapServerInput' do - expect(@instance).to be_instance_of(JCAPIv2::LdapServerInput) - end - end - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "user_lockout_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["disable", "remove"]) - #validator.allowable_values.each do |value| - # expect { @instance.user_lockout_action = value }.not_to raise_error - #end - end - end - - describe 'test attribute "user_password_expiration_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["disable", "remove"]) - #validator.allowable_values.each do |value| - # expect { @instance.user_password_expiration_action = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/ldap_server_output_spec.rb b/jcapiv2/spec/models/ldap_server_output_spec.rb deleted file mode 100644 index d5342cf..0000000 --- a/jcapiv2/spec/models/ldap_server_output_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::LdapServerOutput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'LdapServerOutput' do - before do - # run before each test - @instance = JCAPIv2::LdapServerOutput.new - end - - after do - # run after each test - end - - describe 'test an instance of LdapServerOutput' do - it 'should create an instance of LdapServerOutput' do - expect(@instance).to be_instance_of(JCAPIv2::LdapServerOutput) - end - end - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "user_lockout_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["disable", "remove"]) - #validator.allowable_values.each do |value| - # expect { @instance.user_lockout_action = value }.not_to raise_error - #end - end - end - - describe 'test attribute "user_password_expiration_action"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["disable", "remove"]) - #validator.allowable_values.each do |value| - # expect { @instance.user_password_expiration_action = value }.not_to raise_error - #end - end - end - - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/ldap_server_spec.rb b/jcapiv2/spec/models/ldap_server_spec.rb new file mode 100644 index 0000000..dd70aa8 --- /dev/null +++ b/jcapiv2/spec/models/ldap_server_spec.rb @@ -0,0 +1,66 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::LdapServer +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'LdapServer' do + before do + # run before each test + @instance = JCAPIv2::LdapServer.new + end + + after do + # run after each test + end + + describe 'test an instance of LdapServer' do + it 'should create an instance of LdapServer' do + expect(@instance).to be_instance_of(JCAPIv2::LdapServer) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_lockout_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["disable", "remove"]) + # validator.allowable_values.each do |value| + # expect { @instance.user_lockout_action = value }.not_to raise_error + # end + end + end + + describe 'test attribute "user_password_expiration_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["disable", "remove"]) + # validator.allowable_values.each do |value| + # expect { @instance.user_password_expiration_action = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/ldapservers_id_body_spec.rb b/jcapiv2/spec/models/ldapservers_id_body_spec.rb new file mode 100644 index 0000000..6638b27 --- /dev/null +++ b/jcapiv2/spec/models/ldapservers_id_body_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::LdapserversIdBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'LdapserversIdBody' do + before do + # run before each test + @instance = JCAPIv2::LdapserversIdBody.new + end + + after do + # run after each test + end + + describe 'test an instance of LdapserversIdBody' do + it 'should create an instance of LdapserversIdBody' do + expect(@instance).to be_instance_of(JCAPIv2::LdapserversIdBody) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_lockout_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_password_expiration_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/member_suggestion_spec.rb b/jcapiv2/spec/models/member_suggestion_spec.rb new file mode 100644 index 0000000..1601414 --- /dev/null +++ b/jcapiv2/spec/models/member_suggestion_spec.rb @@ -0,0 +1,50 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::MemberSuggestion +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'MemberSuggestion' do + before do + # run before each test + @instance = JCAPIv2::MemberSuggestion.new + end + + after do + # run after each test + end + + describe 'test an instance of MemberSuggestion' do + it 'should create an instance of MemberSuggestion' do + expect(@instance).to be_instance_of(JCAPIv2::MemberSuggestion) + end + end + describe 'test attribute "object"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "op"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove"]) + # validator.allowable_values.each do |value| + # expect { @instance.op = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/member_suggestions_post_result_spec.rb b/jcapiv2/spec/models/member_suggestions_post_result_spec.rb new file mode 100644 index 0000000..b23c677 --- /dev/null +++ b/jcapiv2/spec/models/member_suggestions_post_result_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::MemberSuggestionsPostResult +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'MemberSuggestionsPostResult' do + before do + # run before each test + @instance = JCAPIv2::MemberSuggestionsPostResult.new + end + + after do + # run after each test + end + + describe 'test an instance of MemberSuggestionsPostResult' do + it 'should create an instance of MemberSuggestionsPostResult' do + expect(@instance).to be_instance_of(JCAPIv2::MemberSuggestionsPostResult) + end + end + describe 'test attribute "suggestions_found"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "suggestions_not_found"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/mfa_spec.rb b/jcapiv2/spec/models/mfa_spec.rb deleted file mode 100644 index bd7993e..0000000 --- a/jcapiv2/spec/models/mfa_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::Mfa -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Mfa' do - before do - # run before each test - @instance = JCAPIv2::Mfa.new - end - - after do - # run after each test - end - - describe 'test an instance of Mfa' do - it 'should create an instance of Mfa' do - expect(@instance).to be_instance_of(JCAPIv2::Mfa) - end - end - describe 'test attribute "configured"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "exclusion"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "exclusion_until"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/mobileconfig_spec.rb b/jcapiv2/spec/models/mobileconfig_spec.rb index d8acffe..239d4b5 100644 --- a/jcapiv2/spec/models/mobileconfig_spec.rb +++ b/jcapiv2/spec/models/mobileconfig_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -33,4 +32,3 @@ end end end - diff --git a/jcapiv2/spec/models/model_case_spec.rb b/jcapiv2/spec/models/model_case_spec.rb new file mode 100644 index 0000000..45aa85e --- /dev/null +++ b/jcapiv2/spec/models/model_case_spec.rb @@ -0,0 +1,88 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ModelCase +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ModelCase' do + before do + # run before each test + @instance = JCAPIv2::ModelCase.new + end + + after do + # run after each test + end + + describe 'test an instance of ModelCase' do + it 'should create an instance of ModelCase' do + expect(@instance).to be_instance_of(JCAPIv2::ModelCase) + end + end + describe 'test attribute "case_number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "label"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "reporter"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "reporter_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "subject"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/o365_domain_response_spec.rb b/jcapiv2/spec/models/o365_domain_response_spec.rb new file mode 100644 index 0000000..d40ff0e --- /dev/null +++ b/jcapiv2/spec/models/o365_domain_response_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::O365DomainResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'O365DomainResponse' do + before do + # run before each test + @instance = JCAPIv2::O365DomainResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of O365DomainResponse' do + it 'should create an instance of O365DomainResponse' do + expect(@instance).to be_instance_of(JCAPIv2::O365DomainResponse) + end + end + describe 'test attribute "domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/o365_domain_spec.rb b/jcapiv2/spec/models/o365_domain_spec.rb new file mode 100644 index 0000000..d3df8de --- /dev/null +++ b/jcapiv2/spec/models/o365_domain_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::O365Domain +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'O365Domain' do + before do + # run before each test + @instance = JCAPIv2::O365Domain.new + end + + after do + # run after each test + end + + describe 'test an instance of O365Domain' do + it 'should create an instance of O365Domain' do + expect(@instance).to be_instance_of(JCAPIv2::O365Domain) + end + end + describe 'test attribute "default"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "resource_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/o365_domains_list_response_spec.rb b/jcapiv2/spec/models/o365_domains_list_response_spec.rb new file mode 100644 index 0000000..63da18d --- /dev/null +++ b/jcapiv2/spec/models/o365_domains_list_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::O365DomainsListResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'O365DomainsListResponse' do + before do + # run before each test + @instance = JCAPIv2::O365DomainsListResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of O365DomainsListResponse' do + it 'should create an instance of O365DomainsListResponse' do + expect(@instance).to be_instance_of(JCAPIv2::O365DomainsListResponse) + end + end + describe 'test attribute "domains"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/oauth_code_input_spec.rb b/jcapiv2/spec/models/oauth_code_input_spec.rb deleted file mode 100644 index 68196f6..0000000 --- a/jcapiv2/spec/models/oauth_code_input_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::OauthCodeInput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'OauthCodeInput' do - before do - # run before each test - @instance = JCAPIv2::OauthCodeInput.new - end - - after do - # run after each test - end - - describe 'test an instance of OauthCodeInput' do - it 'should create an instance of OauthCodeInput' do - expect(@instance).to be_instance_of(JCAPIv2::OauthCodeInput) - end - end - describe 'test attribute "code"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/object_storage_item_spec.rb b/jcapiv2/spec/models/object_storage_item_spec.rb new file mode 100644 index 0000000..a157a26 --- /dev/null +++ b/jcapiv2/spec/models/object_storage_item_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ObjectStorageItem +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ObjectStorageItem' do + before do + # run before each test + @instance = JCAPIv2::ObjectStorageItem.new + end + + after do + # run after each test + end + + describe 'test an instance of ObjectStorageItem' do + it 'should create an instance of ObjectStorageItem' do + expect(@instance).to be_instance_of(JCAPIv2::ObjectStorageItem) + end + end + describe 'test attribute "object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "versions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/object_storage_version_spec.rb b/jcapiv2/spec/models/object_storage_version_spec.rb new file mode 100644 index 0000000..c837fac --- /dev/null +++ b/jcapiv2/spec/models/object_storage_version_spec.rb @@ -0,0 +1,76 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ObjectStorageVersion +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ObjectStorageVersion' do + before do + # run before each test + @instance = JCAPIv2::ObjectStorageVersion.new + end + + after do + # run after each test + end + + describe 'test an instance of ObjectStorageVersion' do + it 'should create an instance of ObjectStorageVersion' do + expect(@instance).to be_instance_of(JCAPIv2::ObjectStorageVersion) + end + end + describe 'test attribute "metadata"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "rejected_reason"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sha256sum"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "size"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/office365_builtin_translation_spec.rb b/jcapiv2/spec/models/office365_builtin_translation_spec.rb index f242a84..0b138fd 100644 --- a/jcapiv2/spec/models/office365_builtin_translation_spec.rb +++ b/jcapiv2/spec/models/office365_builtin_translation_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -33,4 +32,3 @@ end end end - diff --git a/jcapiv2/spec/models/office365_direction_translation_spec.rb b/jcapiv2/spec/models/office365_direction_translation_spec.rb new file mode 100644 index 0000000..e3320d5 --- /dev/null +++ b/jcapiv2/spec/models/office365_direction_translation_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Office365DirectionTranslation +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Office365DirectionTranslation' do + before do + # run before each test + @instance = JCAPIv2::Office365DirectionTranslation.new + end + + after do + # run after each test + end + + describe 'test an instance of Office365DirectionTranslation' do + it 'should create an instance of Office365DirectionTranslation' do + expect(@instance).to be_instance_of(JCAPIv2::Office365DirectionTranslation) + end + end +end diff --git a/jcapiv2/spec/models/office365_id_domains_body_spec.rb b/jcapiv2/spec/models/office365_id_domains_body_spec.rb new file mode 100644 index 0000000..9895667 --- /dev/null +++ b/jcapiv2/spec/models/office365_id_domains_body_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Office365IdDomainsBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Office365IdDomainsBody' do + before do + # run before each test + @instance = JCAPIv2::Office365IdDomainsBody.new + end + + after do + # run after each test + end + + describe 'test an instance of Office365IdDomainsBody' do + it 'should create an instance of Office365IdDomainsBody' do + expect(@instance).to be_instance_of(JCAPIv2::Office365IdDomainsBody) + end + end + describe 'test attribute "domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/office365_spec.rb b/jcapiv2/spec/models/office365_spec.rb new file mode 100644 index 0000000..4de8a98 --- /dev/null +++ b/jcapiv2/spec/models/office365_spec.rb @@ -0,0 +1,78 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Office365 +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Office365' do + before do + # run before each test + @instance = JCAPIv2::Office365.new + end + + after do + # run after each test + end + + describe 'test an instance of Office365' do + it 'should create an instance of Office365' do + expect(@instance).to be_instance_of(JCAPIv2::Office365) + end + end + describe 'test attribute "default_domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "groups_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_lockout_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["suspend", "maintain"]) + # validator.allowable_values.each do |value| + # expect { @instance.user_lockout_action = value }.not_to raise_error + # end + end + end + + describe 'test attribute "user_password_expiration_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["suspend", "maintain"]) + # validator.allowable_values.each do |value| + # expect { @instance.user_password_expiration_action = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/office365_translation_rule_request_spec.rb b/jcapiv2/spec/models/office365_translation_rule_request_spec.rb index 75dad8b..f342746 100644 --- a/jcapiv2/spec/models/office365_translation_rule_request_spec.rb +++ b/jcapiv2/spec/models/office365_translation_rule_request_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,14 @@ end describe 'test attribute "built_in"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end -end + describe 'test attribute "direction"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end +end diff --git a/jcapiv2/spec/models/office365_translation_rule_spec.rb b/jcapiv2/spec/models/office365_translation_rule_spec.rb index 3ff4f99..ea68596 100644 --- a/jcapiv2/spec/models/office365_translation_rule_spec.rb +++ b/jcapiv2/spec/models/office365_translation_rule_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,20 @@ end describe 'test attribute "built_in"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "direction"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/org_crypto_settings_spec.rb b/jcapiv2/spec/models/org_crypto_settings_spec.rb deleted file mode 100644 index cca80e4..0000000 --- a/jcapiv2/spec/models/org_crypto_settings_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::OrgCryptoSettings -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'OrgCryptoSettings' do - before do - # run before each test - @instance = JCAPIv2::OrgCryptoSettings.new - end - - after do - # run after each test - end - - describe 'test an instance of OrgCryptoSettings' do - it 'should create an instance of OrgCryptoSettings' do - expect(@instance).to be_instance_of(JCAPIv2::OrgCryptoSettings) - end - end - describe 'test attribute "ssh_keys"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/organization_spec.rb b/jcapiv2/spec/models/organization_spec.rb new file mode 100644 index 0000000..b4de5ce --- /dev/null +++ b/jcapiv2/spec/models/organization_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Organization +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Organization' do + before do + # run before each test + @instance = JCAPIv2::Organization.new + end + + after do + # run after each test + end + + describe 'test an instance of Organization' do + it 'should create an instance of Organization' do + expect(@instance).to be_instance_of(JCAPIv2::Organization) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "max_system_users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/orgcryptosettings_ssh_keys_spec.rb b/jcapiv2/spec/models/orgcryptosettings_ssh_keys_spec.rb deleted file mode 100644 index a223fb6..0000000 --- a/jcapiv2/spec/models/orgcryptosettings_ssh_keys_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::OrgcryptosettingsSshKeys -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'OrgcryptosettingsSshKeys' do - before do - # run before each test - @instance = JCAPIv2::OrgcryptosettingsSshKeys.new - end - - after do - # run after each test - end - - describe 'test an instance of OrgcryptosettingsSshKeys' do - it 'should create an instance of OrgcryptosettingsSshKeys' do - expect(@instance).to be_instance_of(JCAPIv2::OrgcryptosettingsSshKeys) - end - end - describe 'test attribute "key_size"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "validate"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "validate_key_size"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/os_restriction_apple_restrictions_spec.rb b/jcapiv2/spec/models/os_restriction_apple_restrictions_spec.rb new file mode 100644 index 0000000..1513a69 --- /dev/null +++ b/jcapiv2/spec/models/os_restriction_apple_restrictions_spec.rb @@ -0,0 +1,50 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::OSRestrictionAppleRestrictions +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OSRestrictionAppleRestrictions' do + before do + # run before each test + @instance = JCAPIv2::OSRestrictionAppleRestrictions.new + end + + after do + # run after each test + end + + describe 'test an instance of OSRestrictionAppleRestrictions' do + it 'should create an instance of OSRestrictionAppleRestrictions' do + expect(@instance).to be_instance_of(JCAPIv2::OSRestrictionAppleRestrictions) + end + end + describe 'test attribute "requires_supervision"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "supported_enrollment_types"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('Array', ["automated", "device", "user"]) + # validator.allowable_values.each do |value| + # expect { @instance.supported_enrollment_types = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/os_restriction_spec.rb b/jcapiv2/spec/models/os_restriction_spec.rb new file mode 100644 index 0000000..5eeceaa --- /dev/null +++ b/jcapiv2/spec/models/os_restriction_spec.rb @@ -0,0 +1,68 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::OSRestriction +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'OSRestriction' do + before do + # run before each test + @instance = JCAPIv2::OSRestriction.new + end + + after do + # run after each test + end + + describe 'test an instance of OSRestriction' do + it 'should create an instance of OSRestriction' do + expect(@instance).to be_instance_of(JCAPIv2::OSRestriction) + end + end + describe 'test attribute "apple_restrictions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "deprecated_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "earliest_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "supported_enrollment_types"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('Array', ["automated", "device", "user"]) + # validator.allowable_values.each do |value| + # expect { @instance.supported_enrollment_types = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/passwords_security_spec.rb b/jcapiv2/spec/models/passwords_security_spec.rb new file mode 100644 index 0000000..4923825 --- /dev/null +++ b/jcapiv2/spec/models/passwords_security_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PasswordsSecurity +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PasswordsSecurity' do + before do + # run before each test + @instance = JCAPIv2::PasswordsSecurity.new + end + + after do + # run after each test + end + + describe 'test an instance of PasswordsSecurity' do + it 'should create an instance of PasswordsSecurity' do + expect(@instance).to be_instance_of(JCAPIv2::PasswordsSecurity) + end + end + describe 'test attribute "compromised_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "old_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "reused_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "weak_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/phone_number_spec.rb b/jcapiv2/spec/models/phone_number_spec.rb new file mode 100644 index 0000000..333bb85 --- /dev/null +++ b/jcapiv2/spec/models/phone_number_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PhoneNumber +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PhoneNumber' do + before do + # run before each test + @instance = JCAPIv2::PhoneNumber.new + end + + after do + # run after each test + end + + describe 'test an instance of PhoneNumber' do + it 'should create an instance of PhoneNumber' do + expect(@instance).to be_instance_of(JCAPIv2::PhoneNumber) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "number"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/policy_group_data_spec.rb b/jcapiv2/spec/models/policy_group_data_spec.rb new file mode 100644 index 0000000..aef5b10 --- /dev/null +++ b/jcapiv2/spec/models/policy_group_data_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PolicyGroupData +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PolicyGroupData' do + before do + # run before each test + @instance = JCAPIv2::PolicyGroupData.new + end + + after do + # run after each test + end + + describe 'test an instance of PolicyGroupData' do + it 'should create an instance of PolicyGroupData' do + expect(@instance).to be_instance_of(JCAPIv2::PolicyGroupData) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/policy_group_spec.rb b/jcapiv2/spec/models/policy_group_spec.rb new file mode 100644 index 0000000..99516fd --- /dev/null +++ b/jcapiv2/spec/models/policy_group_spec.rb @@ -0,0 +1,74 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PolicyGroup +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PolicyGroup' do + before do + # run before each test + @instance = JCAPIv2::PolicyGroup.new + end + + after do + # run after each test + end + + describe 'test an instance of PolicyGroup' do + it 'should create an instance of PolicyGroup' do + expect(@instance).to be_instance_of(JCAPIv2::PolicyGroup) + end + end + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["policy_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/policy_group_template_member_spec.rb b/jcapiv2/spec/models/policy_group_template_member_spec.rb new file mode 100644 index 0000000..73543d0 --- /dev/null +++ b/jcapiv2/spec/models/policy_group_template_member_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PolicyGroupTemplateMember +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PolicyGroupTemplateMember' do + before do + # run before each test + @instance = JCAPIv2::PolicyGroupTemplateMember.new + end + + after do + # run after each test + end + + describe 'test an instance of PolicyGroupTemplateMember' do + it 'should create an instance of PolicyGroupTemplateMember' do + expect(@instance).to be_instance_of(JCAPIv2::PolicyGroupTemplateMember) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "policy_template_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/policy_group_template_members_spec.rb b/jcapiv2/spec/models/policy_group_template_members_spec.rb new file mode 100644 index 0000000..5107c40 --- /dev/null +++ b/jcapiv2/spec/models/policy_group_template_members_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PolicyGroupTemplateMembers +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PolicyGroupTemplateMembers' do + before do + # run before each test + @instance = JCAPIv2::PolicyGroupTemplateMembers.new + end + + after do + # run after each test + end + + describe 'test an instance of PolicyGroupTemplateMembers' do + it 'should create an instance of PolicyGroupTemplateMembers' do + expect(@instance).to be_instance_of(JCAPIv2::PolicyGroupTemplateMembers) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/policy_group_template_spec.rb b/jcapiv2/spec/models/policy_group_template_spec.rb new file mode 100644 index 0000000..db21c1d --- /dev/null +++ b/jcapiv2/spec/models/policy_group_template_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PolicyGroupTemplate +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PolicyGroupTemplate' do + before do + # run before each test + @instance = JCAPIv2::PolicyGroupTemplate.new + end + + after do + # run after each test + end + + describe 'test an instance of PolicyGroupTemplate' do + it 'should create an instance of PolicyGroupTemplate' do + expect(@instance).to be_instance_of(JCAPIv2::PolicyGroupTemplate) + end + end + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "members"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/policy_group_templates_spec.rb b/jcapiv2/spec/models/policy_group_templates_spec.rb new file mode 100644 index 0000000..662185a --- /dev/null +++ b/jcapiv2/spec/models/policy_group_templates_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PolicyGroupTemplates +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PolicyGroupTemplates' do + before do + # run before each test + @instance = JCAPIv2::PolicyGroupTemplates.new + end + + after do + # run after each test + end + + describe 'test an instance of PolicyGroupTemplates' do + it 'should create an instance of PolicyGroupTemplates' do + expect(@instance).to be_instance_of(JCAPIv2::PolicyGroupTemplates) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/policy_request_spec.rb b/jcapiv2/spec/models/policy_request_spec.rb index fe9b049..1974179 100644 --- a/jcapiv2/spec/models/policy_request_spec.rb +++ b/jcapiv2/spec/models/policy_request_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,26 @@ end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "notes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "template"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "values"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/policy_request_template_spec.rb b/jcapiv2/spec/models/policy_request_template_spec.rb index 3e90d4a..4a318ee 100644 --- a/jcapiv2/spec/models/policy_request_template_spec.rb +++ b/jcapiv2/spec/models/policy_request_template_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,8 @@ end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/policy_result_spec.rb b/jcapiv2/spec/models/policy_result_spec.rb index 2faea18..b914d46 100644 --- a/jcapiv2/spec/models/policy_result_spec.rb +++ b/jcapiv2/spec/models/policy_result_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,69 +33,68 @@ end describe 'test attribute "detail"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "ended_at"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "exit_status"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "policy_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "started_at"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "state"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "std_err"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "std_out"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "success"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/policy_spec.rb b/jcapiv2/spec/models/policy_spec.rb index d6e2824..cb86ce0 100644 --- a/jcapiv2/spec/models/policy_spec.rb +++ b/jcapiv2/spec/models/policy_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,20 @@ end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "template"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/policy_template_config_field_spec.rb b/jcapiv2/spec/models/policy_template_config_field_spec.rb index 7de2ac5..cba8c82 100644 --- a/jcapiv2/spec/models/policy_template_config_field_spec.rb +++ b/jcapiv2/spec/models/policy_template_config_field_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,57 +31,80 @@ expect(@instance).to be_instance_of(JCAPIv2::PolicyTemplateConfigField) end end + describe 'test attribute "default_value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_options"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "display_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["checkbox", "date", "email", "number", "select", "text", "textarea"]) - #validator.allowable_values.each do |value| - # expect { @instance.display_type = value }.not_to raise_error - #end + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["checkbox", "date", "email", "file", "number", "select", "text", "textarea", "singlelistbox", "doublelistbox", "table", "segmentedbutton", "radio", "copywell", "timeinput", "datepickerrange", "multilist"]) + # validator.allowable_values.each do |value| + # expect { @instance.display_type = value }.not_to raise_error + # end end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "label"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "position"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "read_only"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "required"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sensitive"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tooltip"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end -end + describe 'test attribute "validators"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end +end diff --git a/jcapiv2/spec/models/policy_template_config_field_tooltip_spec.rb b/jcapiv2/spec/models/policy_template_config_field_tooltip_spec.rb index 708550d..4e77c79 100644 --- a/jcapiv2/spec/models/policy_template_config_field_tooltip_spec.rb +++ b/jcapiv2/spec/models/policy_template_config_field_tooltip_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "template"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "variables"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/policy_template_config_field_tooltip_variables_spec.rb b/jcapiv2/spec/models/policy_template_config_field_tooltip_variables_spec.rb index 4278de2..8e75d6e 100644 --- a/jcapiv2/spec/models/policy_template_config_field_tooltip_variables_spec.rb +++ b/jcapiv2/spec/models/policy_template_config_field_tooltip_variables_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "icon"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "message"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/policy_template_spec.rb b/jcapiv2/spec/models/policy_template_spec.rb index f169c56..5cc0cb3 100644 --- a/jcapiv2/spec/models/policy_template_spec.rb +++ b/jcapiv2/spec/models/policy_template_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,55 +33,82 @@ end describe 'test attribute "activation"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "alert"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "behavior"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "delivery_types"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('Array', ["agent", "mdm"]) + # validator.allowable_values.each do |value| + # expect { @instance.delivery_types = value }.not_to raise_error + # end end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "display_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "os_meta_family"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["linux", "darwin", "windows"]) - #validator.allowable_values.each do |value| - # expect { @instance.os_meta_family = value }.not_to raise_error - #end + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["linux", "darwin", "windows", "ios", "universal", "android"]) + # validator.allowable_values.each do |value| + # expect { @instance.os_meta_family = value }.not_to raise_error + # end + end + end + + describe 'test attribute "os_restrictions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "reference"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "state"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/policy_template_with_details_spec.rb b/jcapiv2/spec/models/policy_template_with_details_spec.rb index 14253f6..61907a7 100644 --- a/jcapiv2/spec/models/policy_template_with_details_spec.rb +++ b/jcapiv2/spec/models/policy_template_with_details_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,55 +33,60 @@ end describe 'test attribute "activation"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "behavior"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "config_fields"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "display_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "os_meta_family"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["linux", "darwin", "windows"]) - #validator.allowable_values.each do |value| - # expect { @instance.os_meta_family = value }.not_to raise_error - #end + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["linux", "darwin", "windows", "ios", "universal", "android"]) + # validator.allowable_values.each do |value| + # expect { @instance.os_meta_family = value }.not_to raise_error + # end end end -end + describe 'test attribute "os_restrictions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end +end diff --git a/jcapiv2/spec/models/policy_value_spec.rb b/jcapiv2/spec/models/policy_value_spec.rb index ad517b7..e76827a 100644 --- a/jcapiv2/spec/models/policy_value_spec.rb +++ b/jcapiv2/spec/models/policy_value_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,20 @@ end describe 'test attribute "config_field_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end -end + describe 'test attribute "sensitive"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/policy_with_details_spec.rb b/jcapiv2/spec/models/policy_with_details_spec.rb index 5b62a4b..9a2b360 100644 --- a/jcapiv2/spec/models/policy_with_details_spec.rb +++ b/jcapiv2/spec/models/policy_with_details_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,33 +33,38 @@ end describe 'test attribute "config_fields"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "notes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "template"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "values"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/provider_admin_req_spec.rb b/jcapiv2/spec/models/provider_admin_req_spec.rb index a1a5455..6ab66d0 100644 --- a/jcapiv2/spec/models/provider_admin_req_spec.rb +++ b/jcapiv2/spec/models/provider_admin_req_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,29 +31,46 @@ expect(@instance).to be_instance_of(JCAPIv2::ProviderAdminReq) end end + describe 'test attribute "bind_no_orgs"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "email"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "enable_multi_factor"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "firstname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "lastname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end -end + describe 'test attribute "role"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "role_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/provider_contact_spec.rb b/jcapiv2/spec/models/provider_contact_spec.rb deleted file mode 100644 index b5ad1c5..0000000 --- a/jcapiv2/spec/models/provider_contact_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::ProviderContact -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'ProviderContact' do - before do - # run before each test - @instance = JCAPIv2::ProviderContact.new - end - - after do - # run after each test - end - - describe 'test an instance of ProviderContact' do - it 'should create an instance of ProviderContact' do - expect(@instance).to be_instance_of(JCAPIv2::ProviderContact) - end - end - describe 'test attribute "email"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/provider_invoice_response_spec.rb b/jcapiv2/spec/models/provider_invoice_response_spec.rb new file mode 100644 index 0000000..49bbaf2 --- /dev/null +++ b/jcapiv2/spec/models/provider_invoice_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ProviderInvoiceResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ProviderInvoiceResponse' do + before do + # run before each test + @instance = JCAPIv2::ProviderInvoiceResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of ProviderInvoiceResponse' do + it 'should create an instance of ProviderInvoiceResponse' do + expect(@instance).to be_instance_of(JCAPIv2::ProviderInvoiceResponse) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/provider_invoice_spec.rb b/jcapiv2/spec/models/provider_invoice_spec.rb new file mode 100644 index 0000000..6b873de --- /dev/null +++ b/jcapiv2/spec/models/provider_invoice_spec.rb @@ -0,0 +1,76 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ProviderInvoice +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ProviderInvoice' do + before do + # run before each test + @instance = JCAPIv2::ProviderInvoice.new + end + + after do + # run after each test + end + + describe 'test an instance of ProviderInvoice' do + it 'should create an instance of ProviderInvoice' do + expect(@instance).to be_instance_of(JCAPIv2::ProviderInvoice) + end + end + describe 'test attribute "amount_billed"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "amount_paid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "amount_remaining"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "currency"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "due_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/provider_spec.rb b/jcapiv2/spec/models/provider_spec.rb index 162d6ee..b5ee0ad 100644 --- a/jcapiv2/spec/models/provider_spec.rb +++ b/jcapiv2/spec/models/provider_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,17 +31,16 @@ expect(@instance).to be_instance_of(JCAPIv2::Provider) end end - describe 'test attribute "contact"' do + describe 'test attribute "disallow_org_creation"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end - describe 'test attribute "name"' do + describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/push_endpoint_response_device_spec.rb b/jcapiv2/spec/models/push_endpoint_response_device_spec.rb new file mode 100644 index 0000000..6123621 --- /dev/null +++ b/jcapiv2/spec/models/push_endpoint_response_device_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PushEndpointResponseDevice +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PushEndpointResponseDevice' do + before do + # run before each test + @instance = JCAPIv2::PushEndpointResponseDevice.new + end + + after do + # run after each test + end + + describe 'test an instance of PushEndpointResponseDevice' do + it 'should create an instance of PushEndpointResponseDevice' do + expect(@instance).to be_instance_of(JCAPIv2::PushEndpointResponseDevice) + end + end + describe 'test attribute "app_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "make"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "model"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "uv_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/push_endpoint_response_spec.rb b/jcapiv2/spec/models/push_endpoint_response_spec.rb new file mode 100644 index 0000000..b155728 --- /dev/null +++ b/jcapiv2/spec/models/push_endpoint_response_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PushEndpointResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PushEndpointResponse' do + before do + # run before each test + @instance = JCAPIv2::PushEndpointResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of PushEndpointResponse' do + it 'should create an instance of PushEndpointResponse' do + expect(@instance).to be_instance_of(JCAPIv2::PushEndpointResponse) + end + end + describe 'test attribute "device"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enrollment_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_used_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pushendpoints_push_endpoint_id_body_spec.rb b/jcapiv2/spec/models/pushendpoints_push_endpoint_id_body_spec.rb new file mode 100644 index 0000000..82e0e00 --- /dev/null +++ b/jcapiv2/spec/models/pushendpoints_push_endpoint_id_body_spec.rb @@ -0,0 +1,50 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PushendpointsPushEndpointIdBody +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PushendpointsPushEndpointIdBody' do + before do + # run before each test + @instance = JCAPIv2::PushendpointsPushEndpointIdBody.new + end + + after do + # run after each test + end + + describe 'test an instance of PushendpointsPushEndpointIdBody' do + it 'should create an instance of PushendpointsPushEndpointIdBody' do + expect(@instance).to be_instance_of(JCAPIv2::PushendpointsPushEndpointIdBody) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["active", "inactive"]) + # validator.allowable_values.each do |value| + # expect { @instance.state = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/pwm_all_users_spec.rb b/jcapiv2/spec/models/pwm_all_users_spec.rb new file mode 100644 index 0000000..a729790 --- /dev/null +++ b/jcapiv2/spec/models/pwm_all_users_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmAllUsers +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmAllUsers' do + before do + # run before each test + @instance = JCAPIv2::PwmAllUsers.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmAllUsers' do + it 'should create an instance of PwmAllUsers' do + expect(@instance).to be_instance_of(JCAPIv2::PwmAllUsers) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_cloud_backup_restores_spec.rb b/jcapiv2/spec/models/pwm_cloud_backup_restores_spec.rb new file mode 100644 index 0000000..233933d --- /dev/null +++ b/jcapiv2/spec/models/pwm_cloud_backup_restores_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmCloudBackupRestores +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmCloudBackupRestores' do + before do + # run before each test + @instance = JCAPIv2::PwmCloudBackupRestores.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmCloudBackupRestores' do + it 'should create an instance of PwmCloudBackupRestores' do + expect(@instance).to be_instance_of(JCAPIv2::PwmCloudBackupRestores) + end + end + describe 'test attribute "approved"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "requested"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_item_history_spec.rb b/jcapiv2/spec/models/pwm_item_history_spec.rb new file mode 100644 index 0000000..91d3566 --- /dev/null +++ b/jcapiv2/spec/models/pwm_item_history_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmItemHistory +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmItemHistory' do + before do + # run before each test + @instance = JCAPIv2::PwmItemHistory.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmItemHistory' do + it 'should create an instance of PwmItemHistory' do + expect(@instance).to be_instance_of(JCAPIv2::PwmItemHistory) + end + end + describe 'test attribute "created_by"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "date_created"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "date_updated"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "updated_by"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_items_count_by_type_spec.rb b/jcapiv2/spec/models/pwm_items_count_by_type_spec.rb new file mode 100644 index 0000000..85b09a2 --- /dev/null +++ b/jcapiv2/spec/models/pwm_items_count_by_type_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmItemsCountByType +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmItemsCountByType' do + before do + # run before each test + @instance = JCAPIv2::PwmItemsCountByType.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmItemsCountByType' do + it 'should create an instance of PwmItemsCountByType' do + expect(@instance).to be_instance_of(JCAPIv2::PwmItemsCountByType) + end + end + describe 'test attribute "count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_items_metadata_spec.rb b/jcapiv2/spec/models/pwm_items_metadata_spec.rb new file mode 100644 index 0000000..9f9ef09 --- /dev/null +++ b/jcapiv2/spec/models/pwm_items_metadata_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmItemsMetadata +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmItemsMetadata' do + before do + # run before each test + @instance = JCAPIv2::PwmItemsMetadata.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmItemsMetadata' do + it 'should create an instance of PwmItemsMetadata' do + expect(@instance).to be_instance_of(JCAPIv2::PwmItemsMetadata) + end + end + describe 'test attribute "items"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_overview_app_versions_results_spec.rb b/jcapiv2/spec/models/pwm_overview_app_versions_results_spec.rb new file mode 100644 index 0000000..5196d12 --- /dev/null +++ b/jcapiv2/spec/models/pwm_overview_app_versions_results_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmOverviewAppVersionsResults +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmOverviewAppVersionsResults' do + before do + # run before each test + @instance = JCAPIv2::PwmOverviewAppVersionsResults.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmOverviewAppVersionsResults' do + it 'should create an instance of PwmOverviewAppVersionsResults' do + expect(@instance).to be_instance_of(JCAPIv2::PwmOverviewAppVersionsResults) + end + end + describe 'test attribute "users_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_overview_app_versions_spec.rb b/jcapiv2/spec/models/pwm_overview_app_versions_spec.rb new file mode 100644 index 0000000..5da323a --- /dev/null +++ b/jcapiv2/spec/models/pwm_overview_app_versions_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmOverviewAppVersions +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmOverviewAppVersions' do + before do + # run before each test + @instance = JCAPIv2::PwmOverviewAppVersions.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmOverviewAppVersions' do + it 'should create an instance of PwmOverviewAppVersions' do + expect(@instance).to be_instance_of(JCAPIv2::PwmOverviewAppVersions) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_overview_main_devices_spec.rb b/jcapiv2/spec/models/pwm_overview_main_devices_spec.rb new file mode 100644 index 0000000..931a15e --- /dev/null +++ b/jcapiv2/spec/models/pwm_overview_main_devices_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmOverviewMainDevices +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmOverviewMainDevices' do + before do + # run before each test + @instance = JCAPIv2::PwmOverviewMainDevices.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmOverviewMainDevices' do + it 'should create an instance of PwmOverviewMainDevices' do + expect(@instance).to be_instance_of(JCAPIv2::PwmOverviewMainDevices) + end + end + describe 'test attribute "count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_overview_main_spec.rb b/jcapiv2/spec/models/pwm_overview_main_spec.rb new file mode 100644 index 0000000..d5dcce8 --- /dev/null +++ b/jcapiv2/spec/models/pwm_overview_main_spec.rb @@ -0,0 +1,94 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmOverviewMain +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmOverviewMain' do + before do + # run before each test + @instance = JCAPIv2::PwmOverviewMain.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmOverviewMain' do + it 'should create an instance of PwmOverviewMain' do + expect(@instance).to be_instance_of(JCAPIv2::PwmOverviewMain) + end + end + describe 'test attribute "compromised_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "devices"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enrolled_groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "old_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_score"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "pending_invites"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "shared_folders"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_users"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "weak_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_user_by_id_spec.rb b/jcapiv2/spec/models/pwm_user_by_id_spec.rb new file mode 100644 index 0000000..8c030c3 --- /dev/null +++ b/jcapiv2/spec/models/pwm_user_by_id_spec.rb @@ -0,0 +1,142 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmUserById +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmUserById' do + before do + # run before each test + @instance = JCAPIv2::PwmUserById.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmUserById' do + it 'should create an instance of PwmUserById' do + expect(@instance).to be_instance_of(JCAPIv2::PwmUserById) + end + end + describe 'test attribute "compromised_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "old_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "reused_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "weak_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "apps"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "cloud_backup_restores"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "employee_uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "external_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "items_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_score"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "score_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_user_item_spec.rb b/jcapiv2/spec/models/pwm_user_item_spec.rb new file mode 100644 index 0000000..8ad326c --- /dev/null +++ b/jcapiv2/spec/models/pwm_user_item_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmUserItem +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmUserItem' do + before do + # run before each test + @instance = JCAPIv2::PwmUserItem.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmUserItem' do + it 'should create an instance of PwmUserItem' do + expect(@instance).to be_instance_of(JCAPIv2::PwmUserItem) + end + end + describe 'test attribute "field1"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "field2"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "folder_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "folder_uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "item_uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "nickname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_user_items_spec.rb b/jcapiv2/spec/models/pwm_user_items_spec.rb new file mode 100644 index 0000000..796b5fc --- /dev/null +++ b/jcapiv2/spec/models/pwm_user_items_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmUserItems +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmUserItems' do + before do + # run before each test + @instance = JCAPIv2::PwmUserItems.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmUserItems' do + it 'should create an instance of PwmUserItems' do + expect(@instance).to be_instance_of(JCAPIv2::PwmUserItems) + end + end + describe 'test attribute "items"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_user_shared_folders_results_spec.rb b/jcapiv2/spec/models/pwm_user_shared_folders_results_spec.rb new file mode 100644 index 0000000..d13832f --- /dev/null +++ b/jcapiv2/spec/models/pwm_user_shared_folders_results_spec.rb @@ -0,0 +1,88 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmUserSharedFoldersResults +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmUserSharedFoldersResults' do + before do + # run before each test + @instance = JCAPIv2::PwmUserSharedFoldersResults.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmUserSharedFoldersResults' do + it 'should create an instance of PwmUserSharedFoldersResults' do + expect(@instance).to be_instance_of(JCAPIv2::PwmUserSharedFoldersResults) + end + end + describe 'test attribute "access_level_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "access_level_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "created_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "items_in_folder"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_score"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "score_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "users_with_access"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_user_shared_folders_spec.rb b/jcapiv2/spec/models/pwm_user_shared_folders_spec.rb new file mode 100644 index 0000000..4f626ec --- /dev/null +++ b/jcapiv2/spec/models/pwm_user_shared_folders_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmUserSharedFolders +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmUserSharedFolders' do + before do + # run before each test + @instance = JCAPIv2::PwmUserSharedFolders.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmUserSharedFolders' do + it 'should create an instance of PwmUserSharedFolders' do + expect(@instance).to be_instance_of(JCAPIv2::PwmUserSharedFolders) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/pwm_user_spec.rb b/jcapiv2/spec/models/pwm_user_spec.rb new file mode 100644 index 0000000..21bf40e --- /dev/null +++ b/jcapiv2/spec/models/pwm_user_spec.rb @@ -0,0 +1,118 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::PwmUser +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'PwmUser' do + before do + # run before each test + @instance = JCAPIv2::PwmUser.new + end + + after do + # run after each test + end + + describe 'test an instance of PwmUser' do + it 'should create an instance of PwmUser' do + expect(@instance).to be_instance_of(JCAPIv2::PwmUser) + end + end + describe 'test attribute "apps"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "cloud_backup_restores"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "employee_uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "external_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "groups"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "items_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_score"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "score_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/query_spec.rb b/jcapiv2/spec/models/query_spec.rb new file mode 100644 index 0000000..52a520b --- /dev/null +++ b/jcapiv2/spec/models/query_spec.rb @@ -0,0 +1,44 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Query +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Query' do + before do + # run before each test + @instance = JCAPIv2::Query.new + end + + after do + # run after each test + end + + describe 'test an instance of Query' do + it 'should create an instance of Query' do + expect(@instance).to be_instance_of(JCAPIv2::Query) + end + end + describe 'test attribute "query_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["FilterQuery"]) + # validator.allowable_values.each do |value| + # expect { @instance.query_type = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/queued_command_list_results_spec.rb b/jcapiv2/spec/models/queued_command_list_results_spec.rb new file mode 100644 index 0000000..1080192 --- /dev/null +++ b/jcapiv2/spec/models/queued_command_list_results_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::QueuedCommandListResults +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'QueuedCommandListResults' do + before do + # run before each test + @instance = JCAPIv2::QueuedCommandListResults.new + end + + after do + # run after each test + end + + describe 'test an instance of QueuedCommandListResults' do + it 'should create an instance of QueuedCommandListResults' do + expect(@instance).to be_instance_of(JCAPIv2::QueuedCommandListResults) + end + end + describe 'test attribute "command"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "pending_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/queued_command_list_spec.rb b/jcapiv2/spec/models/queued_command_list_spec.rb new file mode 100644 index 0000000..1648d88 --- /dev/null +++ b/jcapiv2/spec/models/queued_command_list_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::QueuedCommandList +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'QueuedCommandList' do + before do + # run before each test + @instance = JCAPIv2::QueuedCommandList.new + end + + after do + # run after each test + end + + describe 'test an instance of QueuedCommandList' do + it 'should create an instance of QueuedCommandList' do + expect(@instance).to be_instance_of(JCAPIv2::QueuedCommandList) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/salesforce_knowledge_list_output_spec.rb b/jcapiv2/spec/models/salesforce_knowledge_list_output_spec.rb deleted file mode 100644 index be49e54..0000000 --- a/jcapiv2/spec/models/salesforce_knowledge_list_output_spec.rb +++ /dev/null @@ -1,36 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SalesforceKnowledgeListOutput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SalesforceKnowledgeListOutput' do - before do - # run before each test - @instance = JCAPIv2::SalesforceKnowledgeListOutput.new - end - - after do - # run after each test - end - - describe 'test an instance of SalesforceKnowledgeListOutput' do - it 'should create an instance of SalesforceKnowledgeListOutput' do - expect(@instance).to be_instance_of(JCAPIv2::SalesforceKnowledgeListOutput) - end - end -end - diff --git a/jcapiv2/spec/models/salesforceknowledgelistoutput_inner_spec.rb b/jcapiv2/spec/models/salesforceknowledgelistoutput_inner_spec.rb deleted file mode 100644 index 357451d..0000000 --- a/jcapiv2/spec/models/salesforceknowledgelistoutput_inner_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SalesforceknowledgelistoutputInner -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SalesforceknowledgelistoutputInner' do - before do - # run before each test - @instance = JCAPIv2::SalesforceknowledgelistoutputInner.new - end - - after do - # run after each test - end - - describe 'test an instance of SalesforceknowledgelistoutputInner' do - it 'should create an instance of SalesforceknowledgelistoutputInner' do - expect(@instance).to be_instance_of(JCAPIv2::SalesforceknowledgelistoutputInner) - end - end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/samba_domain_input_spec.rb b/jcapiv2/spec/models/samba_domain_input_spec.rb deleted file mode 100644 index 5d70048..0000000 --- a/jcapiv2/spec/models/samba_domain_input_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SambaDomainInput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SambaDomainInput' do - before do - # run before each test - @instance = JCAPIv2::SambaDomainInput.new - end - - after do - # run after each test - end - - describe 'test an instance of SambaDomainInput' do - it 'should create an instance of SambaDomainInput' do - expect(@instance).to be_instance_of(JCAPIv2::SambaDomainInput) - end - end - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "sid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/samba_domain_output_spec.rb b/jcapiv2/spec/models/samba_domain_output_spec.rb deleted file mode 100644 index e987d9e..0000000 --- a/jcapiv2/spec/models/samba_domain_output_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SambaDomainOutput -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SambaDomainOutput' do - before do - # run before each test - @instance = JCAPIv2::SambaDomainOutput.new - end - - after do - # run after each test - end - - describe 'test an instance of SambaDomainOutput' do - it 'should create an instance of SambaDomainOutput' do - expect(@instance).to be_instance_of(JCAPIv2::SambaDomainOutput) - end - end - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "sid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/samba_domain_spec.rb b/jcapiv2/spec/models/samba_domain_spec.rb new file mode 100644 index 0000000..8e87ace --- /dev/null +++ b/jcapiv2/spec/models/samba_domain_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SambaDomain +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SambaDomain' do + before do + # run before each test + @instance = JCAPIv2::SambaDomain.new + end + + after do + # run after each test + end + + describe 'test an instance of SambaDomain' do + it 'should create an instance of SambaDomain' do + expect(@instance).to be_instance_of(JCAPIv2::SambaDomain) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/schedule_os_update_spec.rb b/jcapiv2/spec/models/schedule_os_update_spec.rb new file mode 100644 index 0000000..091c149 --- /dev/null +++ b/jcapiv2/spec/models/schedule_os_update_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ScheduleOSUpdate +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ScheduleOSUpdate' do + before do + # run before each test + @instance = JCAPIv2::ScheduleOSUpdate.new + end + + after do + # run after each test + end + + describe 'test an instance of ScheduleOSUpdate' do + it 'should create an instance of ScheduleOSUpdate' do + expect(@instance).to be_instance_of(JCAPIv2::ScheduleOSUpdate) + end + end + describe 'test attribute "install_action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "max_user_deferrals"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "product_key"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/scheduled_userstate_result_spec.rb b/jcapiv2/spec/models/scheduled_userstate_result_spec.rb new file mode 100644 index 0000000..40aba77 --- /dev/null +++ b/jcapiv2/spec/models/scheduled_userstate_result_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::ScheduledUserstateResult +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'ScheduledUserstateResult' do + before do + # run before each test + @instance = JCAPIv2::ScheduledUserstateResult.new + end + + after do + # run after each test + end + + describe 'test an instance of ScheduledUserstateResult' do + it 'should create an instance of ScheduledUserstateResult' do + expect(@instance).to be_instance_of(JCAPIv2::ScheduledUserstateResult) + end + end + describe 'test attribute "scheduled_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "scheduled_job_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_user_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/setup_assistant_option_spec.rb b/jcapiv2/spec/models/setup_assistant_option_spec.rb new file mode 100644 index 0000000..dc410e4 --- /dev/null +++ b/jcapiv2/spec/models/setup_assistant_option_spec.rb @@ -0,0 +1,34 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SetupAssistantOption +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SetupAssistantOption' do + before do + # run before each test + @instance = JCAPIv2::SetupAssistantOption.new + end + + after do + # run after each test + end + + describe 'test an instance of SetupAssistantOption' do + it 'should create an instance of SetupAssistantOption' do + expect(@instance).to be_instance_of(JCAPIv2::SetupAssistantOption) + end + end +end diff --git a/jcapiv2/spec/models/shared_folder_access_levels_results_spec.rb b/jcapiv2/spec/models/shared_folder_access_levels_results_spec.rb new file mode 100644 index 0000000..99ad0eb --- /dev/null +++ b/jcapiv2/spec/models/shared_folder_access_levels_results_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SharedFolderAccessLevelsResults +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SharedFolderAccessLevelsResults' do + before do + # run before each test + @instance = JCAPIv2::SharedFolderAccessLevelsResults.new + end + + after do + # run after each test + end + + describe 'test an instance of SharedFolderAccessLevelsResults' do + it 'should create an instance of SharedFolderAccessLevelsResults' do + expect(@instance).to be_instance_of(JCAPIv2::SharedFolderAccessLevelsResults) + end + end + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/shared_folder_access_levels_spec.rb b/jcapiv2/spec/models/shared_folder_access_levels_spec.rb new file mode 100644 index 0000000..42e7083 --- /dev/null +++ b/jcapiv2/spec/models/shared_folder_access_levels_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SharedFolderAccessLevels +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SharedFolderAccessLevels' do + before do + # run before each test + @instance = JCAPIv2::SharedFolderAccessLevels.new + end + + after do + # run after each test + end + + describe 'test an instance of SharedFolderAccessLevels' do + it 'should create an instance of SharedFolderAccessLevels' do + expect(@instance).to be_instance_of(JCAPIv2::SharedFolderAccessLevels) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/shared_folder_details_spec.rb b/jcapiv2/spec/models/shared_folder_details_spec.rb new file mode 100644 index 0000000..9cf48fe --- /dev/null +++ b/jcapiv2/spec/models/shared_folder_details_spec.rb @@ -0,0 +1,106 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SharedFolderDetails +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SharedFolderDetails' do + before do + # run before each test + @instance = JCAPIv2::SharedFolderDetails.new + end + + after do + # run after each test + end + + describe 'test an instance of SharedFolderDetails' do + it 'should create an instance of SharedFolderDetails' do + expect(@instance).to be_instance_of(JCAPIv2::SharedFolderDetails) + end + end + describe 'test attribute "compromised_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "old_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "reused_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "weak_passwords"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "created_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "items_in_folder"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_score"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "score_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "users_with_access"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/shared_folder_groups_spec.rb b/jcapiv2/spec/models/shared_folder_groups_spec.rb new file mode 100644 index 0000000..84697f4 --- /dev/null +++ b/jcapiv2/spec/models/shared_folder_groups_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SharedFolderGroups +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SharedFolderGroups' do + before do + # run before each test + @instance = JCAPIv2::SharedFolderGroups.new + end + + after do + # run after each test + end + + describe 'test an instance of SharedFolderGroups' do + it 'should create an instance of SharedFolderGroups' do + expect(@instance).to be_instance_of(JCAPIv2::SharedFolderGroups) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/shared_folder_spec.rb b/jcapiv2/spec/models/shared_folder_spec.rb new file mode 100644 index 0000000..158b3be --- /dev/null +++ b/jcapiv2/spec/models/shared_folder_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SharedFolder +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SharedFolder' do + before do + # run before each test + @instance = JCAPIv2::SharedFolder.new + end + + after do + # run after each test + end + + describe 'test an instance of SharedFolder' do + it 'should create an instance of SharedFolder' do + expect(@instance).to be_instance_of(JCAPIv2::SharedFolder) + end + end + describe 'test attribute "created_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "items_in_folder"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passwords_score"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "score_updated_at"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "users_with_access"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/shared_folder_users_results_spec.rb b/jcapiv2/spec/models/shared_folder_users_results_spec.rb new file mode 100644 index 0000000..21f2705 --- /dev/null +++ b/jcapiv2/spec/models/shared_folder_users_results_spec.rb @@ -0,0 +1,94 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SharedFolderUsersResults +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SharedFolderUsersResults' do + before do + # run before each test + @instance = JCAPIv2::SharedFolderUsersResults.new + end + + after do + # run after each test + end + + describe 'test an instance of SharedFolderUsersResults' do + it 'should create an instance of SharedFolderUsersResults' do + expect(@instance).to be_instance_of(JCAPIv2::SharedFolderUsersResults) + end + end + describe 'test attribute "access_level_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "access_level_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "apps"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "employee_uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "external_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/shared_folder_users_spec.rb b/jcapiv2/spec/models/shared_folder_users_spec.rb new file mode 100644 index 0000000..49f82c4 --- /dev/null +++ b/jcapiv2/spec/models/shared_folder_users_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SharedFolderUsers +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SharedFolderUsers' do + before do + # run before each test + @instance = JCAPIv2::SharedFolderUsers.new + end + + after do + # run after each test + end + + describe 'test an instance of SharedFolderUsers' do + it 'should create an instance of SharedFolderUsers' do + expect(@instance).to be_instance_of(JCAPIv2::SharedFolderUsers) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/shared_folders_list_spec.rb b/jcapiv2/spec/models/shared_folders_list_spec.rb new file mode 100644 index 0000000..041bc20 --- /dev/null +++ b/jcapiv2/spec/models/shared_folders_list_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SharedFoldersList +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SharedFoldersList' do + before do + # run before each test + @instance = JCAPIv2::SharedFoldersList.new + end + + after do + # run after each test + end + + describe 'test an instance of SharedFoldersList' do + it 'should create an instance of SharedFoldersList' do + expect(@instance).to be_instance_of(JCAPIv2::SharedFoldersList) + end + end + describe 'test attribute "results"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/software_app_apple_vpp_spec.rb b/jcapiv2/spec/models/software_app_apple_vpp_spec.rb new file mode 100644 index 0000000..e5731f7 --- /dev/null +++ b/jcapiv2/spec/models/software_app_apple_vpp_spec.rb @@ -0,0 +1,80 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SoftwareAppAppleVpp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareAppAppleVpp' do + before do + # run before each test + @instance = JCAPIv2::SoftwareAppAppleVpp.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareAppAppleVpp' do + it 'should create an instance of SoftwareAppAppleVpp' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareAppAppleVpp) + end + end + describe 'test attribute "app_configuration"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "assigned_licenses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "available_licenses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "details"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_config_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "supported_device_families"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('Array', ["IPAD", "IPHONE", "IPOD", "MAC"]) + # validator.allowable_values.each do |value| + # expect { @instance.supported_device_families = value }.not_to raise_error + # end + end + end + + describe 'test attribute "total_licenses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/software_app_create_spec.rb b/jcapiv2/spec/models/software_app_create_spec.rb new file mode 100644 index 0000000..4a96022 --- /dev/null +++ b/jcapiv2/spec/models/software_app_create_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SoftwareAppCreate +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareAppCreate' do + before do + # run before each test + @instance = JCAPIv2::SoftwareAppCreate.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareAppCreate' do + it 'should create an instance of SoftwareAppCreate' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareAppCreate) + end + end + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "settings"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "upload_url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/software_app_google_android_spec.rb b/jcapiv2/spec/models/software_app_google_android_spec.rb new file mode 100644 index 0000000..43f9b49 --- /dev/null +++ b/jcapiv2/spec/models/software_app_google_android_spec.rb @@ -0,0 +1,176 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SoftwareAppGoogleAndroid +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareAppGoogleAndroid' do + before do + # run before each test + @instance = JCAPIv2::SoftwareAppGoogleAndroid.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareAppGoogleAndroid' do + it 'should create an instance of SoftwareAppGoogleAndroid' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareAppGoogleAndroid) + end + end + describe 'test attribute "app_pricing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "app_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "author"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "auto_update_mode"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["AUTO_UPDATE_DEFAULT", "AUTO_UPDATE_POSTPONED", "AUTO_UPDATE_HIGH_PRIORITY"]) + # validator.allowable_values.each do |value| + # expect { @instance.auto_update_mode = value }.not_to raise_error + # end + end + end + + describe 'test attribute "category"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "content_rating"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_mode"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "distribution_channel"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "full_description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "icon_url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "install_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["AVAILABLE", "FORCE_INSTALLED", "BLOCKED"]) + # validator.allowable_values.each do |value| + # expect { @instance.install_type = value }.not_to raise_error + # end + end + end + + describe 'test attribute "managed_configuration_template_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "managed_properties"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "min_sdk_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "permission_grants"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "runtime_permission"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["PROMPT", "GRANT", "DENY"]) + # validator.allowable_values.each do |value| + # expect { @instance.runtime_permission = value }.not_to raise_error + # end + end + end + + describe 'test attribute "start_url"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["APP_TYPE_UNSPECIFIED", "PUBLIC", "PRIVATE", "WEBAPP"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end + end + end + + describe 'test attribute "update_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "version_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/software_app_permission_grants_spec.rb b/jcapiv2/spec/models/software_app_permission_grants_spec.rb new file mode 100644 index 0000000..8daa487 --- /dev/null +++ b/jcapiv2/spec/models/software_app_permission_grants_spec.rb @@ -0,0 +1,50 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SoftwareAppPermissionGrants +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareAppPermissionGrants' do + before do + # run before each test + @instance = JCAPIv2::SoftwareAppPermissionGrants.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareAppPermissionGrants' do + it 'should create an instance of SoftwareAppPermissionGrants' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareAppPermissionGrants) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "policy"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["PROMPT", "GRANT", "DENY"]) + # validator.allowable_values.each do |value| + # expect { @instance.policy = value }.not_to raise_error + # end + end + end + +end diff --git a/jcapiv2/spec/models/software_app_reclaim_licenses_spec.rb b/jcapiv2/spec/models/software_app_reclaim_licenses_spec.rb new file mode 100644 index 0000000..cedb8ac --- /dev/null +++ b/jcapiv2/spec/models/software_app_reclaim_licenses_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SoftwareAppReclaimLicenses +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareAppReclaimLicenses' do + before do + # run before each test + @instance = JCAPIv2::SoftwareAppReclaimLicenses.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareAppReclaimLicenses' do + it 'should create an instance of SoftwareAppReclaimLicenses' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareAppReclaimLicenses) + end + end + describe 'test attribute "assigned_licenses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "available_licenses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "reclaimed_licenses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_licenses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/software_app_settings_spec.rb b/jcapiv2/spec/models/software_app_settings_spec.rb new file mode 100644 index 0000000..90fa05d --- /dev/null +++ b/jcapiv2/spec/models/software_app_settings_spec.rb @@ -0,0 +1,154 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SoftwareAppSettings +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareAppSettings' do + before do + # run before each test + @instance = JCAPIv2::SoftwareAppSettings.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareAppSettings' do + it 'should create an instance of SoftwareAppSettings' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareAppSettings) + end + end + describe 'test attribute "allow_update_delay"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "apple_vpp"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "asset_kind"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "asset_sha256_size"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "asset_sha256_strings"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "auto_update"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "command_line_arguments"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "desired_state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enterprise_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "google_android"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "location"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "location_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "package_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "package_kind"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "package_manager"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "package_subtitle"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "package_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "stored_package"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "stored_package_object_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/software_app_spec.rb b/jcapiv2/spec/models/software_app_spec.rb new file mode 100644 index 0000000..f1e0dac --- /dev/null +++ b/jcapiv2/spec/models/software_app_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SoftwareApp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareApp' do + before do + # run before each test + @instance = JCAPIv2::SoftwareApp.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareApp' do + it 'should create an instance of SoftwareApp' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareApp) + end + end + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "settings"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/software_app_status_spec.rb b/jcapiv2/spec/models/software_app_status_spec.rb new file mode 100644 index 0000000..3a409bd --- /dev/null +++ b/jcapiv2/spec/models/software_app_status_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SoftwareAppStatus +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareAppStatus' do + before do + # run before each test + @instance = JCAPIv2::SoftwareAppStatus.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareAppStatus' do + it 'should create an instance of SoftwareAppStatus' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareAppStatus) + end + end + describe 'test attribute "code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "details"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "software_app_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "timestamp"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/software_app_with_status_spec.rb b/jcapiv2/spec/models/software_app_with_status_spec.rb new file mode 100644 index 0000000..17c527e --- /dev/null +++ b/jcapiv2/spec/models/software_app_with_status_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SoftwareAppWithStatus +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareAppWithStatus' do + before do + # run before each test + @instance = JCAPIv2::SoftwareAppWithStatus.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareAppWithStatus' do + it 'should create an instance of SoftwareAppWithStatus' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareAppWithStatus) + end + end + describe 'test attribute "app"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/software_apps_retry_installation_request_spec.rb b/jcapiv2/spec/models/software_apps_retry_installation_request_spec.rb new file mode 100644 index 0000000..f3ead90 --- /dev/null +++ b/jcapiv2/spec/models/software_apps_retry_installation_request_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SoftwareAppsRetryInstallationRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SoftwareAppsRetryInstallationRequest' do + before do + # run before each test + @instance = JCAPIv2::SoftwareAppsRetryInstallationRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of SoftwareAppsRetryInstallationRequest' do + it 'should create an instance of SoftwareAppsRetryInstallationRequest' do + expect(@instance).to be_instance_of(JCAPIv2::SoftwareAppsRetryInstallationRequest) + end + end + describe 'test attribute "system_ids"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/sshkeylist_spec.rb b/jcapiv2/spec/models/sshkeylist_spec.rb deleted file mode 100644 index 6096adb..0000000 --- a/jcapiv2/spec/models/sshkeylist_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::Sshkeylist -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Sshkeylist' do - before do - # run before each test - @instance = JCAPIv2::Sshkeylist.new - end - - after do - # run after each test - end - - describe 'test an instance of Sshkeylist' do - it 'should create an instance of Sshkeylist' do - expect(@instance).to be_instance_of(JCAPIv2::Sshkeylist) - end - end - describe 'test attribute "_id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "create_date"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "public_key"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/subscription_spec.rb b/jcapiv2/spec/models/subscription_spec.rb new file mode 100644 index 0000000..f207db0 --- /dev/null +++ b/jcapiv2/spec/models/subscription_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::Subscription +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'Subscription' do + before do + # run before each test + @instance = JCAPIv2::Subscription.new + end + + after do + # run after each test + end + + describe 'test an instance of Subscription' do + it 'should create an instance of Subscription' do + expect(@instance).to be_instance_of(JCAPIv2::Subscription) + end + end + describe 'test attribute "annual_price"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "features"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "list_price"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "product_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/suggestion_counts_spec.rb b/jcapiv2/spec/models/suggestion_counts_spec.rb new file mode 100644 index 0000000..7540d83 --- /dev/null +++ b/jcapiv2/spec/models/suggestion_counts_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SuggestionCounts +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SuggestionCounts' do + before do + # run before each test + @instance = JCAPIv2::SuggestionCounts.new + end + + after do + # run after each test + end + + describe 'test an instance of SuggestionCounts' do + it 'should create an instance of SuggestionCounts' do + expect(@instance).to be_instance_of(JCAPIv2::SuggestionCounts) + end + end + describe 'test attribute "add"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "remove"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_billing_mapping_configuration_option_spec.rb b/jcapiv2/spec/models/syncro_billing_mapping_configuration_option_spec.rb new file mode 100644 index 0000000..e9881da --- /dev/null +++ b/jcapiv2/spec/models/syncro_billing_mapping_configuration_option_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroBillingMappingConfigurationOption +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroBillingMappingConfigurationOption' do + before do + # run before each test + @instance = JCAPIv2::SyncroBillingMappingConfigurationOption.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroBillingMappingConfigurationOption' do + it 'should create an instance of SyncroBillingMappingConfigurationOption' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroBillingMappingConfigurationOption) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "values"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_billing_mapping_configuration_option_value_line_spec.rb b/jcapiv2/spec/models/syncro_billing_mapping_configuration_option_value_line_spec.rb new file mode 100644 index 0000000..b064f5b --- /dev/null +++ b/jcapiv2/spec/models/syncro_billing_mapping_configuration_option_value_line_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroBillingMappingConfigurationOptionValueLine +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroBillingMappingConfigurationOptionValueLine' do + before do + # run before each test + @instance = JCAPIv2::SyncroBillingMappingConfigurationOptionValueLine.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroBillingMappingConfigurationOptionValueLine' do + it 'should create an instance of SyncroBillingMappingConfigurationOptionValueLine' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroBillingMappingConfigurationOptionValueLine) + end + end + describe 'test attribute "label"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_billing_mapping_configuration_option_value_spec.rb b/jcapiv2/spec/models/syncro_billing_mapping_configuration_option_value_spec.rb new file mode 100644 index 0000000..a92b83a --- /dev/null +++ b/jcapiv2/spec/models/syncro_billing_mapping_configuration_option_value_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroBillingMappingConfigurationOptionValue +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroBillingMappingConfigurationOptionValue' do + before do + # run before each test + @instance = JCAPIv2::SyncroBillingMappingConfigurationOptionValue.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroBillingMappingConfigurationOptionValue' do + it 'should create an instance of SyncroBillingMappingConfigurationOptionValue' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroBillingMappingConfigurationOptionValue) + end + end + describe 'test attribute "label"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "lines"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_billing_mapping_configuration_options_resp_spec.rb b/jcapiv2/spec/models/syncro_billing_mapping_configuration_options_resp_spec.rb new file mode 100644 index 0000000..1870073 --- /dev/null +++ b/jcapiv2/spec/models/syncro_billing_mapping_configuration_options_resp_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroBillingMappingConfigurationOptionsResp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroBillingMappingConfigurationOptionsResp' do + before do + # run before each test + @instance = JCAPIv2::SyncroBillingMappingConfigurationOptionsResp.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroBillingMappingConfigurationOptionsResp' do + it 'should create an instance of SyncroBillingMappingConfigurationOptionsResp' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroBillingMappingConfigurationOptionsResp) + end + end + describe 'test attribute "options"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_company_resp_spec.rb b/jcapiv2/spec/models/syncro_company_resp_spec.rb new file mode 100644 index 0000000..0211fb9 --- /dev/null +++ b/jcapiv2/spec/models/syncro_company_resp_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroCompanyResp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroCompanyResp' do + before do + # run before each test + @instance = JCAPIv2::SyncroCompanyResp.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroCompanyResp' do + it 'should create an instance of SyncroCompanyResp' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroCompanyResp) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "total_count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_company_spec.rb b/jcapiv2/spec/models/syncro_company_spec.rb new file mode 100644 index 0000000..1e4f062 --- /dev/null +++ b/jcapiv2/spec/models/syncro_company_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroCompany +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroCompany' do + before do + # run before each test + @instance = JCAPIv2::SyncroCompany.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroCompany' do + it 'should create an instance of SyncroCompany' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroCompany) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_integration_patch_req_spec.rb b/jcapiv2/spec/models/syncro_integration_patch_req_spec.rb new file mode 100644 index 0000000..b01ada6 --- /dev/null +++ b/jcapiv2/spec/models/syncro_integration_patch_req_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroIntegrationPatchReq +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroIntegrationPatchReq' do + before do + # run before each test + @instance = JCAPIv2::SyncroIntegrationPatchReq.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroIntegrationPatchReq' do + it 'should create an instance of SyncroIntegrationPatchReq' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroIntegrationPatchReq) + end + end + describe 'test attribute "api_token"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "subdomain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_integration_req_spec.rb b/jcapiv2/spec/models/syncro_integration_req_spec.rb new file mode 100644 index 0000000..0675579 --- /dev/null +++ b/jcapiv2/spec/models/syncro_integration_req_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroIntegrationReq +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroIntegrationReq' do + before do + # run before each test + @instance = JCAPIv2::SyncroIntegrationReq.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroIntegrationReq' do + it 'should create an instance of SyncroIntegrationReq' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroIntegrationReq) + end + end + describe 'test attribute "api_token"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "subdomain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_integration_spec.rb b/jcapiv2/spec/models/syncro_integration_spec.rb new file mode 100644 index 0000000..e3120d5 --- /dev/null +++ b/jcapiv2/spec/models/syncro_integration_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroIntegration +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroIntegration' do + before do + # run before each test + @instance = JCAPIv2::SyncroIntegration.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroIntegration' do + it 'should create an instance of SyncroIntegration' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroIntegration) + end + end + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "is_msp_auth_configured"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "subdomain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_line_item_id_spec.rb b/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_line_item_id_spec.rb new file mode 100644 index 0000000..831a767 --- /dev/null +++ b/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_line_item_id_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemId +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroMappingRequestBillingConfigurationsFieldsLineItemId' do + before do + # run before each test + @instance = JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemId.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroMappingRequestBillingConfigurationsFieldsLineItemId' do + it 'should create an instance of SyncroMappingRequestBillingConfigurationsFieldsLineItemId' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemId) + end + end + describe 'test attribute "kind"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "number_value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_line_item_name_spec.rb b/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_line_item_name_spec.rb new file mode 100644 index 0000000..c35e594 --- /dev/null +++ b/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_line_item_name_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemName +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroMappingRequestBillingConfigurationsFieldsLineItemName' do + before do + # run before each test + @instance = JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemName.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroMappingRequestBillingConfigurationsFieldsLineItemName' do + it 'should create an instance of SyncroMappingRequestBillingConfigurationsFieldsLineItemName' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroMappingRequestBillingConfigurationsFieldsLineItemName) + end + end + describe 'test attribute "kind"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "string_value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_spec.rb b/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_spec.rb new file mode 100644 index 0000000..2aec216 --- /dev/null +++ b/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_fields_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroMappingRequestBillingConfigurationsFields +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroMappingRequestBillingConfigurationsFields' do + before do + # run before each test + @instance = JCAPIv2::SyncroMappingRequestBillingConfigurationsFields.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroMappingRequestBillingConfigurationsFields' do + it 'should create an instance of SyncroMappingRequestBillingConfigurationsFields' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroMappingRequestBillingConfigurationsFields) + end + end + describe 'test attribute "line_item_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "line_item_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "schedule_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "schedule_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_spec.rb b/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_spec.rb new file mode 100644 index 0000000..344995c --- /dev/null +++ b/jcapiv2/spec/models/syncro_mapping_request_billing_configurations_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroMappingRequestBillingConfigurations +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroMappingRequestBillingConfigurations' do + before do + # run before each test + @instance = JCAPIv2::SyncroMappingRequestBillingConfigurations.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroMappingRequestBillingConfigurations' do + it 'should create an instance of SyncroMappingRequestBillingConfigurations' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroMappingRequestBillingConfigurations) + end + end + describe 'test attribute "fields"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_mapping_request_data_spec.rb b/jcapiv2/spec/models/syncro_mapping_request_data_spec.rb new file mode 100644 index 0000000..102c0ad --- /dev/null +++ b/jcapiv2/spec/models/syncro_mapping_request_data_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroMappingRequestData +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroMappingRequestData' do + before do + # run before each test + @instance = JCAPIv2::SyncroMappingRequestData.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroMappingRequestData' do + it 'should create an instance of SyncroMappingRequestData' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroMappingRequestData) + end + end + describe 'test attribute "billing_configurations"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "company"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "delete"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_mapping_request_spec.rb b/jcapiv2/spec/models/syncro_mapping_request_spec.rb new file mode 100644 index 0000000..df7258f --- /dev/null +++ b/jcapiv2/spec/models/syncro_mapping_request_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroMappingRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroMappingRequest' do + before do + # run before each test + @instance = JCAPIv2::SyncroMappingRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroMappingRequest' do + it 'should create an instance of SyncroMappingRequest' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroMappingRequest) + end + end + describe 'test attribute "data"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_mapping_response_spec.rb b/jcapiv2/spec/models/syncro_mapping_response_spec.rb new file mode 100644 index 0000000..1af540f --- /dev/null +++ b/jcapiv2/spec/models/syncro_mapping_response_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroMappingResponse +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroMappingResponse' do + before do + # run before each test + @instance = JCAPIv2::SyncroMappingResponse.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroMappingResponse' do + it 'should create an instance of SyncroMappingResponse' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroMappingResponse) + end + end + describe 'test attribute "company"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "organization"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_settings_patch_req_spec.rb b/jcapiv2/spec/models/syncro_settings_patch_req_spec.rb new file mode 100644 index 0000000..5201399 --- /dev/null +++ b/jcapiv2/spec/models/syncro_settings_patch_req_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroSettingsPatchReq +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroSettingsPatchReq' do + before do + # run before each test + @instance = JCAPIv2::SyncroSettingsPatchReq.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroSettingsPatchReq' do + it 'should create an instance of SyncroSettingsPatchReq' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroSettingsPatchReq) + end + end + describe 'test attribute "automatic_ticketing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_settings_spec.rb b/jcapiv2/spec/models/syncro_settings_spec.rb new file mode 100644 index 0000000..f582467 --- /dev/null +++ b/jcapiv2/spec/models/syncro_settings_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroSettings +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroSettings' do + before do + # run before each test + @instance = JCAPIv2::SyncroSettings.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroSettings' do + it 'should create an instance of SyncroSettings' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroSettings) + end + end + describe 'test attribute "automatic_ticketing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_ticketing_alert_configuration_list_spec.rb b/jcapiv2/spec/models/syncro_ticketing_alert_configuration_list_spec.rb new file mode 100644 index 0000000..9915c88 --- /dev/null +++ b/jcapiv2/spec/models/syncro_ticketing_alert_configuration_list_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroTicketingAlertConfigurationList +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroTicketingAlertConfigurationList' do + before do + # run before each test + @instance = JCAPIv2::SyncroTicketingAlertConfigurationList.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroTicketingAlertConfigurationList' do + it 'should create an instance of SyncroTicketingAlertConfigurationList' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroTicketingAlertConfigurationList) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_ticketing_alert_configuration_option_spec.rb b/jcapiv2/spec/models/syncro_ticketing_alert_configuration_option_spec.rb new file mode 100644 index 0000000..64ba5bf --- /dev/null +++ b/jcapiv2/spec/models/syncro_ticketing_alert_configuration_option_spec.rb @@ -0,0 +1,46 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroTicketingAlertConfigurationOption +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroTicketingAlertConfigurationOption' do + before do + # run before each test + @instance = JCAPIv2::SyncroTicketingAlertConfigurationOption.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroTicketingAlertConfigurationOption' do + it 'should create an instance of SyncroTicketingAlertConfigurationOption' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroTicketingAlertConfigurationOption) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "values"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_ticketing_alert_configuration_options_spec.rb b/jcapiv2/spec/models/syncro_ticketing_alert_configuration_options_spec.rb new file mode 100644 index 0000000..09d2a6c --- /dev/null +++ b/jcapiv2/spec/models/syncro_ticketing_alert_configuration_options_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroTicketingAlertConfigurationOptions +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroTicketingAlertConfigurationOptions' do + before do + # run before each test + @instance = JCAPIv2::SyncroTicketingAlertConfigurationOptions.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroTicketingAlertConfigurationOptions' do + it 'should create an instance of SyncroTicketingAlertConfigurationOptions' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroTicketingAlertConfigurationOptions) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_ticketing_alert_configuration_request_spec.rb b/jcapiv2/spec/models/syncro_ticketing_alert_configuration_request_spec.rb new file mode 100644 index 0000000..4355b2b --- /dev/null +++ b/jcapiv2/spec/models/syncro_ticketing_alert_configuration_request_spec.rb @@ -0,0 +1,76 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroTicketingAlertConfigurationRequest +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroTicketingAlertConfigurationRequest' do + before do + # run before each test + @instance = JCAPIv2::SyncroTicketingAlertConfigurationRequest.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroTicketingAlertConfigurationRequest' do + it 'should create an instance of SyncroTicketingAlertConfigurationRequest' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroTicketingAlertConfigurationRequest) + end + end + describe 'test attribute "due_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "priority"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "problem_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "should_create_tickets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/syncro_ticketing_alert_configuration_spec.rb b/jcapiv2/spec/models/syncro_ticketing_alert_configuration_spec.rb new file mode 100644 index 0000000..244ef68 --- /dev/null +++ b/jcapiv2/spec/models/syncro_ticketing_alert_configuration_spec.rb @@ -0,0 +1,100 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SyncroTicketingAlertConfiguration +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SyncroTicketingAlertConfiguration' do + before do + # run before each test + @instance = JCAPIv2::SyncroTicketingAlertConfiguration.new + end + + after do + # run after each test + end + + describe 'test an instance of SyncroTicketingAlertConfiguration' do + it 'should create an instance of SyncroTicketingAlertConfiguration' do + expect(@instance).to be_instance_of(JCAPIv2::SyncroTicketingAlertConfiguration) + end + end + describe 'test attribute "category"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "due_days"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "priority"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "problem_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "should_create_tickets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_graph_management_req_attributes_spec.rb b/jcapiv2/spec/models/system_graph_management_req_attributes_spec.rb deleted file mode 100644 index a63291c..0000000 --- a/jcapiv2/spec/models/system_graph_management_req_attributes_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SystemGraphManagementReqAttributes -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SystemGraphManagementReqAttributes' do - before do - # run before each test - @instance = JCAPIv2::SystemGraphManagementReqAttributes.new - end - - after do - # run after each test - end - - describe 'test an instance of SystemGraphManagementReqAttributes' do - it 'should create an instance of SystemGraphManagementReqAttributes' do - expect(@instance).to be_instance_of(JCAPIv2::SystemGraphManagementReqAttributes) - end - end - describe 'test attribute "sudo"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/system_graph_management_req_attributes_sudo_spec.rb b/jcapiv2/spec/models/system_graph_management_req_attributes_sudo_spec.rb deleted file mode 100644 index 756b114..0000000 --- a/jcapiv2/spec/models/system_graph_management_req_attributes_sudo_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SystemGraphManagementReqAttributesSudo -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SystemGraphManagementReqAttributesSudo' do - before do - # run before each test - @instance = JCAPIv2::SystemGraphManagementReqAttributesSudo.new - end - - after do - # run after each test - end - - describe 'test an instance of SystemGraphManagementReqAttributesSudo' do - it 'should create an instance of SystemGraphManagementReqAttributesSudo' do - expect(@instance).to be_instance_of(JCAPIv2::SystemGraphManagementReqAttributesSudo) - end - end - describe 'test attribute "enabled"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "without_password"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/system_graph_management_req_spec.rb b/jcapiv2/spec/models/system_graph_management_req_spec.rb deleted file mode 100644 index cc4e596..0000000 --- a/jcapiv2/spec/models/system_graph_management_req_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SystemGraphManagementReq -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SystemGraphManagementReq' do - before do - # run before each test - @instance = JCAPIv2::SystemGraphManagementReq.new - end - - after do - # run after each test - end - - describe 'test an instance of SystemGraphManagementReq' do - it 'should create an instance of SystemGraphManagementReq' do - expect(@instance).to be_instance_of(JCAPIv2::SystemGraphManagementReq) - end - end - describe 'test attribute "attributes"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "op"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) - #validator.allowable_values.each do |value| - # expect { @instance.op = value }.not_to raise_error - #end - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "user", "user_group"]) - #validator.allowable_values.each do |value| - # expect { @instance.type = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/system_group_data_spec.rb b/jcapiv2/spec/models/system_group_data_spec.rb deleted file mode 100644 index c39cde7..0000000 --- a/jcapiv2/spec/models/system_group_data_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SystemGroupData -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SystemGroupData' do - before do - # run before each test - @instance = JCAPIv2::SystemGroupData.new - end - - after do - # run after each test - end - - describe 'test an instance of SystemGroupData' do - it 'should create an instance of SystemGroupData' do - expect(@instance).to be_instance_of(JCAPIv2::SystemGroupData) - end - end - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/system_group_graph_management_req_spec.rb b/jcapiv2/spec/models/system_group_graph_management_req_spec.rb deleted file mode 100644 index 28eb162..0000000 --- a/jcapiv2/spec/models/system_group_graph_management_req_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SystemGroupGraphManagementReq -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SystemGroupGraphManagementReq' do - before do - # run before each test - @instance = JCAPIv2::SystemGroupGraphManagementReq.new - end - - after do - # run after each test - end - - describe 'test an instance of SystemGroupGraphManagementReq' do - it 'should create an instance of SystemGroupGraphManagementReq' do - expect(@instance).to be_instance_of(JCAPIv2::SystemGroupGraphManagementReq) - end - end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "op"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) - #validator.allowable_values.each do |value| - # expect { @instance.op = value }.not_to raise_error - #end - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "user", "user_group"]) - #validator.allowable_values.each do |value| - # expect { @instance.type = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/system_group_members_req_spec.rb b/jcapiv2/spec/models/system_group_members_req_spec.rb deleted file mode 100644 index b6f1b21..0000000 --- a/jcapiv2/spec/models/system_group_members_req_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SystemGroupMembersReq -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SystemGroupMembersReq' do - before do - # run before each test - @instance = JCAPIv2::SystemGroupMembersReq.new - end - - after do - # run after each test - end - - describe 'test an instance of SystemGroupMembersReq' do - it 'should create an instance of SystemGroupMembersReq' do - expect(@instance).to be_instance_of(JCAPIv2::SystemGroupMembersReq) - end - end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "op"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove"]) - #validator.allowable_values.each do |value| - # expect { @instance.op = value }.not_to raise_error - #end - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["system"]) - #validator.allowable_values.each do |value| - # expect { @instance.type = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/system_group_post_spec.rb b/jcapiv2/spec/models/system_group_post_spec.rb new file mode 100644 index 0000000..a3de123 --- /dev/null +++ b/jcapiv2/spec/models/system_group_post_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemGroupPost +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemGroupPost' do + before do + # run before each test + @instance = JCAPIv2::SystemGroupPost.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemGroupPost' do + it 'should create an instance of SystemGroupPost' do + expect(@instance).to be_instance_of(JCAPIv2::SystemGroupPost) + end + end + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query_exemptions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_suggestions_notify"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "membership_method"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_group_put_spec.rb b/jcapiv2/spec/models/system_group_put_spec.rb new file mode 100644 index 0000000..5b6481a --- /dev/null +++ b/jcapiv2/spec/models/system_group_put_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemGroupPut +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemGroupPut' do + before do + # run before each test + @instance = JCAPIv2::SystemGroupPut.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemGroupPut' do + it 'should create an instance of SystemGroupPut' do + expect(@instance).to be_instance_of(JCAPIv2::SystemGroupPut) + end + end + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query_exemptions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_suggestions_notify"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "membership_method"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_group_spec.rb b/jcapiv2/spec/models/system_group_spec.rb index 8b1f9d4..3d4e506 100644 --- a/jcapiv2/spec/models/system_group_spec.rb +++ b/jcapiv2/spec/models/system_group_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,27 +31,68 @@ expect(@instance).to be_instance_of(JCAPIv2::SystemGroup) end end + describe 'test attribute "attributes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query_exemptions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_suggestions_notify"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "membership_method"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["system_group"]) - #validator.allowable_values.each do |value| - # expect { @instance.type = value }.not_to raise_error - #end + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["system_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end end end end - diff --git a/jcapiv2/spec/models/system_insights_alf_exceptions_spec.rb b/jcapiv2/spec/models/system_insights_alf_exceptions_spec.rb new file mode 100644 index 0000000..81d5a2c --- /dev/null +++ b/jcapiv2/spec/models/system_insights_alf_exceptions_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsAlfExceptions +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsAlfExceptions' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsAlfExceptions.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsAlfExceptions' do + it 'should create an instance of SystemInsightsAlfExceptions' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsAlfExceptions) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_alf_explicit_auths_spec.rb b/jcapiv2/spec/models/system_insights_alf_explicit_auths_spec.rb new file mode 100644 index 0000000..0b3aebc --- /dev/null +++ b/jcapiv2/spec/models/system_insights_alf_explicit_auths_spec.rb @@ -0,0 +1,52 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsAlfExplicitAuths +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsAlfExplicitAuths' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsAlfExplicitAuths.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsAlfExplicitAuths' do + it 'should create an instance of SystemInsightsAlfExplicitAuths' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsAlfExplicitAuths) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "process"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_alf_spec.rb b/jcapiv2/spec/models/system_insights_alf_spec.rb new file mode 100644 index 0000000..07b1661 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_alf_spec.rb @@ -0,0 +1,88 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsAlf +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsAlf' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsAlf.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsAlf' do + it 'should create an instance of SystemInsightsAlf' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsAlf) + end + end + describe 'test attribute "allow_signed_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "firewall_unload"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "global_state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "logging_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "logging_option"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "stealth_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_appcompat_shims_spec.rb b/jcapiv2/spec/models/system_insights_appcompat_shims_spec.rb new file mode 100644 index 0000000..3a9ee41 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_appcompat_shims_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsAppcompatShims +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsAppcompatShims' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsAppcompatShims.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsAppcompatShims' do + it 'should create an instance of SystemInsightsAppcompatShims' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsAppcompatShims) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "executable"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "install_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sdb_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_apps_spec.rb b/jcapiv2/spec/models/system_insights_apps_spec.rb index 91ec59d..a61fa3f 100644 --- a/jcapiv2/spec/models/system_insights_apps_spec.rb +++ b/jcapiv2/spec/models/system_insights_apps_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,129 +33,128 @@ end describe 'test attribute "applescript_enabled"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "bundle_executable"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "bundle_identifier"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "bundle_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "bundle_package_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "bundle_short_version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "bundle_version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "category"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "compiler"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "copyright"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "development_region"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "display_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "element"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "environment"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "info_string"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "last_opened_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "minimum_system_version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_authorized_keys_spec.rb b/jcapiv2/spec/models/system_insights_authorized_keys_spec.rb new file mode 100644 index 0000000..5449c71 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_authorized_keys_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsAuthorizedKeys +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsAuthorizedKeys' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsAuthorizedKeys.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsAuthorizedKeys' do + it 'should create an instance of SystemInsightsAuthorizedKeys' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsAuthorizedKeys) + end + end + describe 'test attribute "algorithm"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "key"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "key_file"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "uid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_azure_instance_metadata_spec.rb b/jcapiv2/spec/models/system_insights_azure_instance_metadata_spec.rb new file mode 100644 index 0000000..9db015b --- /dev/null +++ b/jcapiv2/spec/models/system_insights_azure_instance_metadata_spec.rb @@ -0,0 +1,142 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsAzureInstanceMetadata +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsAzureInstanceMetadata' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsAzureInstanceMetadata.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsAzureInstanceMetadata' do + it 'should create an instance of SystemInsightsAzureInstanceMetadata' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsAzureInstanceMetadata) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "location"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "offer"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "os_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "placement_group_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "platform_fault_domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "platform_update_domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "publisher"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "resource_group_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sku"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "subscription_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "vm_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "vm_scale_set_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "vm_size"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "zone"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_azure_instance_tags_spec.rb b/jcapiv2/spec/models/system_insights_azure_instance_tags_spec.rb new file mode 100644 index 0000000..c66a2bd --- /dev/null +++ b/jcapiv2/spec/models/system_insights_azure_instance_tags_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsAzureInstanceTags +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsAzureInstanceTags' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsAzureInstanceTags.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsAzureInstanceTags' do + it 'should create an instance of SystemInsightsAzureInstanceTags' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsAzureInstanceTags) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "key"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "vm_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_battery_spec.rb b/jcapiv2/spec/models/system_insights_battery_spec.rb index 291d399..01c48b5 100644 --- a/jcapiv2/spec/models/system_insights_battery_spec.rb +++ b/jcapiv2/spec/models/system_insights_battery_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,125 +31,124 @@ expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsBattery) end end - describe 'test attribute "amgerage"' do + describe 'test attribute "amperage"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "charged"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "charging"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "condition"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "current_capacity"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "cycle_count"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "designed_capacity"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "health"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "manufacture_date"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "manufacturer"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "max_capacity"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "minutes_to_full_charge"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "minutes_until_empty"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "model"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "percent_remaining"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "serial_number"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "state"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "voltage"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_bitlocker_info_spec.rb b/jcapiv2/spec/models/system_insights_bitlocker_info_spec.rb index 4c8ed72..5fd50a0 100644 --- a/jcapiv2/spec/models/system_insights_bitlocker_info_spec.rb +++ b/jcapiv2/spec/models/system_insights_bitlocker_info_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,51 +33,50 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "conversion_status"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "device_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "drive_letter"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "encryption_method"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "persistent_volume_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "protection_status"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_browser_plugins_spec.rb b/jcapiv2/spec/models/system_insights_browser_plugins_spec.rb index 97b9d7c..7c64368 100644 --- a/jcapiv2/spec/models/system_insights_browser_plugins_spec.rb +++ b/jcapiv2/spec/models/system_insights_browser_plugins_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,75 +33,74 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "development_region"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "disabled"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "identifier"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "native"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "sdk"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_certificates_spec.rb b/jcapiv2/spec/models/system_insights_certificates_spec.rb new file mode 100644 index 0000000..742c4bc --- /dev/null +++ b/jcapiv2/spec/models/system_insights_certificates_spec.rb @@ -0,0 +1,166 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsCertificates +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsCertificates' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsCertificates.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsCertificates' do + it 'should create an instance of SystemInsightsCertificates' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsCertificates) + end + end + describe 'test attribute "authority_key_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ca"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "common_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "issuer"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "key_algorithm"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "key_strength"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "key_usage"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "not_valid_after"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "not_valid_before"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "self_signed"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "serial"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sha1"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "signing_algorithm"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "store"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "store_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "store_location"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "subject"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "subject_key_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_chassis_info_spec.rb b/jcapiv2/spec/models/system_insights_chassis_info_spec.rb new file mode 100644 index 0000000..519c5bf --- /dev/null +++ b/jcapiv2/spec/models/system_insights_chassis_info_spec.rb @@ -0,0 +1,124 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsChassisInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsChassisInfo' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsChassisInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsChassisInfo' do + it 'should create an instance of SystemInsightsChassisInfo' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsChassisInfo) + end + end + describe 'test attribute "audible_alarm"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "breach_description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "chassis_types"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "lock"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manufacturer"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "model"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "security_breach"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "serial"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sku"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "smbios_tag"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "visible_alarm"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_chrome_extensions_spec.rb b/jcapiv2/spec/models/system_insights_chrome_extensions_spec.rb index b7abafe..45c5a1b 100644 --- a/jcapiv2/spec/models/system_insights_chrome_extensions_spec.rb +++ b/jcapiv2/spec/models/system_insights_chrome_extensions_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,81 +33,80 @@ end describe 'test attribute "author"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "identifier"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "locale"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "permissions"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "persistent"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "update_url"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_connectivity_spec.rb b/jcapiv2/spec/models/system_insights_connectivity_spec.rb new file mode 100644 index 0000000..cb042c7 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_connectivity_spec.rb @@ -0,0 +1,100 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsConnectivity +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsConnectivity' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsConnectivity.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsConnectivity' do + it 'should create an instance of SystemInsightsConnectivity' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsConnectivity) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disconnected"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ipv4_internet"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ipv4_local_network"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ipv4_no_traffic"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ipv4_subnet"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ipv6_internet"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ipv6_local_network"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ipv6_no_traffic"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ipv6_subnet"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_crashes_spec.rb b/jcapiv2/spec/models/system_insights_crashes_spec.rb index 81a7c42..3d509fd 100644 --- a/jcapiv2/spec/models/system_insights_crashes_spec.rb +++ b/jcapiv2/spec/models/system_insights_crashes_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,101 +31,112 @@ expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsCrashes) end end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "crash_path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "crashed_thread"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "datetime"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "exception_codes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "exception_notes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "exception_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "identifier"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "parent"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "pid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "registers"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "responsible"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "stack_trace"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_cups_destinations_spec.rb b/jcapiv2/spec/models/system_insights_cups_destinations_spec.rb new file mode 100644 index 0000000..8b7efe4 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_cups_destinations_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsCupsDestinations +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsCupsDestinations' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsCupsDestinations.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsCupsDestinations' do + it 'should create an instance of SystemInsightsCupsDestinations' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsCupsDestinations) + end + end + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "option_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "option_value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_disk_encryption_spec.rb b/jcapiv2/spec/models/system_insights_disk_encryption_spec.rb index f609992..08cacbd 100644 --- a/jcapiv2/spec/models/system_insights_disk_encryption_spec.rb +++ b/jcapiv2/spec/models/system_insights_disk_encryption_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,57 +33,56 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "encrypted"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "encryption_status"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "user_uuid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uuid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_disk_info_spec.rb b/jcapiv2/spec/models/system_insights_disk_info_spec.rb index fa34abc..25f8679 100644 --- a/jcapiv2/spec/models/system_insights_disk_info_spec.rb +++ b/jcapiv2/spec/models/system_insights_disk_info_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,81 +33,80 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "disk_index"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "disk_size"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "hardware_model"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "manufacturer"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "partitions"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "pnp_device_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "serial"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_dns_resolvers_spec.rb b/jcapiv2/spec/models/system_insights_dns_resolvers_spec.rb new file mode 100644 index 0000000..e0c8b77 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_dns_resolvers_spec.rb @@ -0,0 +1,76 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsDnsResolvers +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsDnsResolvers' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsDnsResolvers.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsDnsResolvers' do + it 'should create an instance of SystemInsightsDnsResolvers' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsDnsResolvers) + end + end + describe 'test attribute "address"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "netmask"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "options"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_etc_hosts_spec.rb b/jcapiv2/spec/models/system_insights_etc_hosts_spec.rb index 11d69d9..570ca48 100644 --- a/jcapiv2/spec/models/system_insights_etc_hosts_spec.rb +++ b/jcapiv2/spec/models/system_insights_etc_hosts_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,27 +33,26 @@ end describe 'test attribute "address"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "hostnames"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_firefox_addons_spec.rb b/jcapiv2/spec/models/system_insights_firefox_addons_spec.rb index cee4796..60abfef 100644 --- a/jcapiv2/spec/models/system_insights_firefox_addons_spec.rb +++ b/jcapiv2/spec/models/system_insights_firefox_addons_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,99 +33,98 @@ end describe 'test attribute "active"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "autoupdate"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "creator"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "disabled"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "identifier"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "location"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "source_url"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "visible"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_groups_spec.rb b/jcapiv2/spec/models/system_insights_groups_spec.rb index 25045f3..f37da0d 100644 --- a/jcapiv2/spec/models/system_insights_groups_spec.rb +++ b/jcapiv2/spec/models/system_insights_groups_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,45 +33,44 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "comment"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "gid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "gid_signed"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "group_sid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "groupname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_ie_extensions_spec.rb b/jcapiv2/spec/models/system_insights_ie_extensions_spec.rb index 8ecf181..2bd8fde 100644 --- a/jcapiv2/spec/models/system_insights_ie_extensions_spec.rb +++ b/jcapiv2/spec/models/system_insights_ie_extensions_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,39 +33,38 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "registry_path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_interface_addresses_spec.rb b/jcapiv2/spec/models/system_insights_interface_addresses_spec.rb index 214ee94..c3df19e 100644 --- a/jcapiv2/spec/models/system_insights_interface_addresses_spec.rb +++ b/jcapiv2/spec/models/system_insights_interface_addresses_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,57 +33,56 @@ end describe 'test attribute "address"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "broadcast"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "friendly_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "interface"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "mask"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "point_to_point"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_interface_details_spec.rb b/jcapiv2/spec/models/system_insights_interface_details_spec.rb new file mode 100644 index 0000000..eab8f17 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_interface_details_spec.rb @@ -0,0 +1,250 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsInterfaceDetails +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsInterfaceDetails' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsInterfaceDetails.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsInterfaceDetails' do + it 'should create an instance of SystemInsightsInterfaceDetails' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsInterfaceDetails) + end + end + describe 'test attribute "collisions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "connection_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "connection_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dhcp_enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dhcp_lease_expires"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dhcp_lease_obtained"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dhcp_server"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dns_domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dns_domain_suffix_search_order"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dns_host_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "dns_server_search_order"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "flags"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "friendly_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ibytes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "idrops"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ierrors"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "interface"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ipackets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_change"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "link_speed"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "mac"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manufacturer"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "metric"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "mtu"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "obytes"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "odrops"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "oerrors"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "opackets"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "pci_slot"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "physical_adapter"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "service"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "speed"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_kernel_info_spec.rb b/jcapiv2/spec/models/system_insights_kernel_info_spec.rb index 0be5880..100f67f 100644 --- a/jcapiv2/spec/models/system_insights_kernel_info_spec.rb +++ b/jcapiv2/spec/models/system_insights_kernel_info_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,39 +33,38 @@ end describe 'test attribute "arguments"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "device"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_launchd_spec.rb b/jcapiv2/spec/models/system_insights_launchd_spec.rb index f8cf184..d8f948c 100644 --- a/jcapiv2/spec/models/system_insights_launchd_spec.rb +++ b/jcapiv2/spec/models/system_insights_launchd_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,141 +33,140 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "disabled"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "groupname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "inetd_compatibility"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "keep_alive"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "label"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "on_demand"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "process_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "program"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "program_arguments"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "queue_directories"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "root_directory"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "run_at_load"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "start_interval"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "start_on_mount"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "stderr_path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "stdout_path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "username"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "watch_paths"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "working_directory"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_linux_packages_spec.rb b/jcapiv2/spec/models/system_insights_linux_packages_spec.rb new file mode 100644 index 0000000..2aae6aa --- /dev/null +++ b/jcapiv2/spec/models/system_insights_linux_packages_spec.rb @@ -0,0 +1,106 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsLinuxPackages +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsLinuxPackages' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsLinuxPackages.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsLinuxPackages' do + it 'should create an instance of SystemInsightsLinuxPackages' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsLinuxPackages) + end + end + describe 'test attribute "arch"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "install_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "maintainer_or_vendor"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "mount_namespace_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "package_format"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "package_group_or_section"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "pid_with_namespace"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "release_or_revision"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "size"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_logged_in_users_spec.rb b/jcapiv2/spec/models/system_insights_logged_in_users_spec.rb index a07cb48..01191c7 100644 --- a/jcapiv2/spec/models/system_insights_logged_in_users_spec.rb +++ b/jcapiv2/spec/models/system_insights_logged_in_users_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,51 +33,50 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "host"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "pid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "tty"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "user"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_logical_drives_spec.rb b/jcapiv2/spec/models/system_insights_logical_drives_spec.rb new file mode 100644 index 0000000..758d780 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_logical_drives_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsLogicalDrives +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsLogicalDrives' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsLogicalDrives.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsLogicalDrives' do + it 'should create an instance of SystemInsightsLogicalDrives' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsLogicalDrives) + end + end + describe 'test attribute "boot_partition"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "device_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "file_system"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "free_space"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "size"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_logical_drvies_spec.rb b/jcapiv2/spec/models/system_insights_logical_drvies_spec.rb deleted file mode 100644 index 801aac0..0000000 --- a/jcapiv2/spec/models/system_insights_logical_drvies_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SystemInsightsLogicalDrvies -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SystemInsightsLogicalDrvies' do - before do - # run before each test - @instance = JCAPIv2::SystemInsightsLogicalDrvies.new - end - - after do - # run after each test - end - - describe 'test an instance of SystemInsightsLogicalDrvies' do - it 'should create an instance of SystemInsightsLogicalDrvies' do - expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsLogicalDrvies) - end - end - describe 'test attribute "boot_partition"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "collection_time"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "device_id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "file_system"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "free_space"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "size"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "system_id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/system_insights_managed_policies_spec.rb b/jcapiv2/spec/models/system_insights_managed_policies_spec.rb new file mode 100644 index 0000000..22cb754 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_managed_policies_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsManagedPolicies +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsManagedPolicies' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsManagedPolicies.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsManagedPolicies' do + it 'should create an instance of SystemInsightsManagedPolicies' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsManagedPolicies) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "domain"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manual"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "uuid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "value"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_mounts_spec.rb b/jcapiv2/spec/models/system_insights_mounts_spec.rb index d3773ed..2389a8b 100644 --- a/jcapiv2/spec/models/system_insights_mounts_spec.rb +++ b/jcapiv2/spec/models/system_insights_mounts_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,81 +33,80 @@ end describe 'test attribute "blocks"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "blocks_available"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "blocks_free"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "blocks_size"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "device"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "device_alias"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "flags"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "inodes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "inodes_free"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_os_version_spec.rb b/jcapiv2/spec/models/system_insights_os_version_spec.rb index 264ec28..5612d52 100644 --- a/jcapiv2/spec/models/system_insights_os_version_spec.rb +++ b/jcapiv2/spec/models/system_insights_os_version_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,75 +33,74 @@ end describe 'test attribute "build"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "codename"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "install_date"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "major"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "minor"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "patch"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "platform"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "platform_like"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_patches_spec.rb b/jcapiv2/spec/models/system_insights_patches_spec.rb index 4fb0104..81f00a2 100644 --- a/jcapiv2/spec/models/system_insights_patches_spec.rb +++ b/jcapiv2/spec/models/system_insights_patches_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,63 +33,62 @@ end describe 'test attribute "caption"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "csname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "fix_comments"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "hotfix_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "install_date"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "installed_by"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "installed_on"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_programs_spec.rb b/jcapiv2/spec/models/system_insights_programs_spec.rb index 0fb05cb..1d8992f 100644 --- a/jcapiv2/spec/models/system_insights_programs_spec.rb +++ b/jcapiv2/spec/models/system_insights_programs_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,69 +33,68 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "identifying_number"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "install_date"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "install_location"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "install_source"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "language"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "publisher"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uninstall_string"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_python_packages_spec.rb b/jcapiv2/spec/models/system_insights_python_packages_spec.rb new file mode 100644 index 0000000..07f2e17 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_python_packages_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsPythonPackages +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsPythonPackages' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsPythonPackages.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsPythonPackages' do + it 'should create an instance of SystemInsightsPythonPackages' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsPythonPackages) + end + end + describe 'test attribute "auther"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "directory"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "license"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "summary"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_safari_extensions_spec.rb b/jcapiv2/spec/models/system_insights_safari_extensions_spec.rb index d7d93fd..e916d9e 100644 --- a/jcapiv2/spec/models/system_insights_safari_extensions_spec.rb +++ b/jcapiv2/spec/models/system_insights_safari_extensions_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,75 +33,74 @@ end describe 'test attribute "author"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "developer_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "identifier"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "path"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "sdk"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "update_url"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_scheduled_tasks_spec.rb b/jcapiv2/spec/models/system_insights_scheduled_tasks_spec.rb new file mode 100644 index 0000000..505ea20 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_scheduled_tasks_spec.rb @@ -0,0 +1,100 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsScheduledTasks +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsScheduledTasks' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsScheduledTasks.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsScheduledTasks' do + it 'should create an instance of SystemInsightsScheduledTasks' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsScheduledTasks) + end + end + describe 'test attribute "action"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "hidden"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_run_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_run_message"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_run_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "next_run_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_secureboot_spec.rb b/jcapiv2/spec/models/system_insights_secureboot_spec.rb new file mode 100644 index 0000000..99bf421 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_secureboot_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsSecureboot +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsSecureboot' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsSecureboot.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsSecureboot' do + it 'should create an instance of SystemInsightsSecureboot' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsSecureboot) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "secure_boot"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "setup_mode"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_services_spec.rb b/jcapiv2/spec/models/system_insights_services_spec.rb new file mode 100644 index 0000000..6fc6ff8 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_services_spec.rb @@ -0,0 +1,112 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsServices +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsServices' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsServices.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsServices' do + it 'should create an instance of SystemInsightsServices' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsServices) + end + end + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "display_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "module_path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "pid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "service_exit_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "service_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "start_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_account"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "win32_exit_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_shadow_spec.rb b/jcapiv2/spec/models/system_insights_shadow_spec.rb new file mode 100644 index 0000000..4ae589c --- /dev/null +++ b/jcapiv2/spec/models/system_insights_shadow_spec.rb @@ -0,0 +1,106 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsShadow +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsShadow' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsShadow.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsShadow' do + it 'should create an instance of SystemInsightsShadow' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsShadow) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "expire"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "flag"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "hash_alg"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "inactive"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_change"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "max"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "min"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "password_status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "warning"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_shared_folders_spec.rb b/jcapiv2/spec/models/system_insights_shared_folders_spec.rb new file mode 100644 index 0000000..1189d85 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_shared_folders_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsSharedFolders +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsSharedFolders' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsSharedFolders.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsSharedFolders' do + it 'should create an instance of SystemInsightsSharedFolders' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsSharedFolders) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_shared_resources_spec.rb b/jcapiv2/spec/models/system_insights_shared_resources_spec.rb new file mode 100644 index 0000000..043a536 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_shared_resources_spec.rb @@ -0,0 +1,94 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsSharedResources +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsSharedResources' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsSharedResources.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsSharedResources' do + it 'should create an instance of SystemInsightsSharedResources' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsSharedResources) + end + end + describe 'test attribute "allow_maximum"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "install_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "maximum_allowed"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_sharing_preferences_spec.rb b/jcapiv2/spec/models/system_insights_sharing_preferences_spec.rb new file mode 100644 index 0000000..71ced83 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_sharing_preferences_spec.rb @@ -0,0 +1,106 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsSharingPreferences +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsSharingPreferences' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsSharingPreferences.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsSharingPreferences' do + it 'should create an instance of SystemInsightsSharingPreferences' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsSharingPreferences) + end + end + describe 'test attribute "bluetooth_sharing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "content_caching"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disc_sharing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "file_sharing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "internet_sharing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "printer_sharing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "remote_apple_events"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "remote_login"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "remote_management"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "screen_sharing"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_sip_config_spec.rb b/jcapiv2/spec/models/system_insights_sip_config_spec.rb new file mode 100644 index 0000000..211ddf4 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_sip_config_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsSipConfig +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsSipConfig' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsSipConfig.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsSipConfig' do + it 'should create an instance of SystemInsightsSipConfig' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsSipConfig) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "config_flag"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enabled_nvram"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_startup_items_spec.rb b/jcapiv2/spec/models/system_insights_startup_items_spec.rb new file mode 100644 index 0000000..11f50a0 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_startup_items_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsStartupItems +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsStartupItems' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsStartupItems.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsStartupItems' do + it 'should create an instance of SystemInsightsStartupItems' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsStartupItems) + end + end + describe 'test attribute "args"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "source"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "status"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "username"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_system_controls_spec.rb b/jcapiv2/spec/models/system_insights_system_controls_spec.rb index 33adaf7..bb2077f 100644 --- a/jcapiv2/spec/models/system_insights_system_controls_spec.rb +++ b/jcapiv2/spec/models/system_insights_system_controls_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,57 +33,56 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "config_value"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "current_value"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "field_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "oid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "subsystem"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_system_info_spec.rb b/jcapiv2/spec/models/system_insights_system_info_spec.rb index adf22a5..f7d9484 100644 --- a/jcapiv2/spec/models/system_insights_system_info_spec.rb +++ b/jcapiv2/spec/models/system_insights_system_info_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,105 +33,104 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "computer_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "cpu_brand"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "cpu_logical_cores"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "cpu_microcode"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "cpu_physical_cores"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "cpu_subtype"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "cpu_type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "hardware_model"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "hardware_serial"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "hardware_vendor"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "hardware_version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "hostname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "local_hostname"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "physical_memory"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uuid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_tpm_info_spec.rb b/jcapiv2/spec/models/system_insights_tpm_info_spec.rb new file mode 100644 index 0000000..d0e492e --- /dev/null +++ b/jcapiv2/spec/models/system_insights_tpm_info_spec.rb @@ -0,0 +1,100 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsTpmInfo +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsTpmInfo' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsTpmInfo.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsTpmInfo' do + it 'should create an instance of SystemInsightsTpmInfo' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsTpmInfo) + end + end + describe 'test attribute "activated"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "enabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manufacturer_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manufacturer_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "manufacturer_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "owned"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "physical_presence_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "product_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "spec_version"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_uptime_spec.rb b/jcapiv2/spec/models/system_insights_uptime_spec.rb index 09e752c..93cdd11 100644 --- a/jcapiv2/spec/models/system_insights_uptime_spec.rb +++ b/jcapiv2/spec/models/system_insights_uptime_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,45 +33,44 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "days"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "hours"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "minutes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "seconds"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "total_seconds"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_usb_devices_spec.rb b/jcapiv2/spec/models/system_insights_usb_devices_spec.rb index b1b15c2..e032f04 100644 --- a/jcapiv2/spec/models/system_insights_usb_devices_spec.rb +++ b/jcapiv2/spec/models/system_insights_usb_devices_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,87 +33,86 @@ end describe 'test attribute "_class"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "model"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "model_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "protocol"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "removable"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "serial"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "subclass"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "usb_address"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "usb_port"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "vendor"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "vendor_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "version"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_user_groups_spec.rb b/jcapiv2/spec/models/system_insights_user_groups_spec.rb index ed6893e..f7d5466 100644 --- a/jcapiv2/spec/models/system_insights_user_groups_spec.rb +++ b/jcapiv2/spec/models/system_insights_user_groups_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,27 +33,26 @@ end describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "gid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_user_ssh_keys_spec.rb b/jcapiv2/spec/models/system_insights_user_ssh_keys_spec.rb new file mode 100644 index 0000000..8483065 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_user_ssh_keys_spec.rb @@ -0,0 +1,64 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsUserSshKeys +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsUserSshKeys' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsUserSshKeys.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsUserSshKeys' do + it 'should create an instance of SystemInsightsUserSshKeys' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsUserSshKeys) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "encrypted"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "uid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_userassist_spec.rb b/jcapiv2/spec/models/system_insights_userassist_spec.rb new file mode 100644 index 0000000..d0c9702 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_userassist_spec.rb @@ -0,0 +1,70 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsUserassist +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsUserassist' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsUserassist.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsUserassist' do + it 'should create an instance of SystemInsightsUserassist' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsUserassist) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "count"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_execution_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "sid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_users_spec.rb b/jcapiv2/spec/models/system_insights_users_spec.rb index c7eb1d0..b7b9e98 100644 --- a/jcapiv2/spec/models/system_insights_users_spec.rb +++ b/jcapiv2/spec/models/system_insights_users_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -32,77 +31,112 @@ expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsUsers) end end + describe 'test attribute "ad_managed"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "admin"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + describe 'test attribute "collection_time"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "description"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "directory"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "gid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "gid_signed"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_login"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "managed"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "real_user"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "shell"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "suspended"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "system_id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uid_signed"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "username"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "uuid"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/system_insights_wifi_networks_spec.rb b/jcapiv2/spec/models/system_insights_wifi_networks_spec.rb new file mode 100644 index 0000000..d8c598c --- /dev/null +++ b/jcapiv2/spec/models/system_insights_wifi_networks_spec.rb @@ -0,0 +1,118 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsWifiNetworks +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsWifiNetworks' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsWifiNetworks.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsWifiNetworks' do + it 'should create an instance of SystemInsightsWifiNetworks' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsWifiNetworks) + end + end + describe 'test attribute "auto_login"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "captive_portal"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "disabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "last_connected"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "network_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "passpoint"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "possibly_hidden"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "roaming"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "roaming_profile"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "security_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ssid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "temporarily_disabled"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_wifi_status_spec.rb b/jcapiv2/spec/models/system_insights_wifi_status_spec.rb new file mode 100644 index 0000000..e2f101d --- /dev/null +++ b/jcapiv2/spec/models/system_insights_wifi_status_spec.rb @@ -0,0 +1,124 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsWifiStatus +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsWifiStatus' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsWifiStatus.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsWifiStatus' do + it 'should create an instance of SystemInsightsWifiStatus' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsWifiStatus) + end + end + describe 'test attribute "bssid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "channel"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "channel_band"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "channel_width"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "country_code"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "interface"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "mode"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "network_name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "noise"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "rssi"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "security_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "ssid"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "transmit_rate"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_windows_crashes_spec.rb b/jcapiv2/spec/models/system_insights_windows_crashes_spec.rb deleted file mode 100644 index bc16acf..0000000 --- a/jcapiv2/spec/models/system_insights_windows_crashes_spec.rb +++ /dev/null @@ -1,162 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SystemInsightsWindowsCrashes -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SystemInsightsWindowsCrashes' do - before do - # run before each test - @instance = JCAPIv2::SystemInsightsWindowsCrashes.new - end - - after do - # run after each test - end - - describe 'test an instance of SystemInsightsWindowsCrashes' do - it 'should create an instance of SystemInsightsWindowsCrashes' do - expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsWindowsCrashes) - end - end - describe 'test attribute "build_number"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "command_line"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "crash_path"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "current_directory"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "datetime"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "exception_address"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "exception_code"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "exception_message"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "machine_name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "major_version"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "minor_version"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "_module"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "path"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "pid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "process_uptime"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "registers"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "stack_trace"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "tid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "username"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "version"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/system_insights_windows_security_center_spec.rb b/jcapiv2/spec/models/system_insights_windows_security_center_spec.rb new file mode 100644 index 0000000..14a0113 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_windows_security_center_spec.rb @@ -0,0 +1,88 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsWindowsSecurityCenter +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsWindowsSecurityCenter' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsWindowsSecurityCenter.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsWindowsSecurityCenter' do + it 'should create an instance of SystemInsightsWindowsSecurityCenter' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsWindowsSecurityCenter) + end + end + describe 'test attribute "antispyware"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "antivirus"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "autoupdate"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "firewall"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "internet_settings"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "user_account_control"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "windows_security_center_service"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/system_insights_windows_security_products_spec.rb b/jcapiv2/spec/models/system_insights_windows_security_products_spec.rb new file mode 100644 index 0000000..36cb1a1 --- /dev/null +++ b/jcapiv2/spec/models/system_insights_windows_security_products_spec.rb @@ -0,0 +1,82 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::SystemInsightsWindowsSecurityProducts +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'SystemInsightsWindowsSecurityProducts' do + before do + # run before each test + @instance = JCAPIv2::SystemInsightsWindowsSecurityProducts.new + end + + after do + # run after each test + end + + describe 'test an instance of SystemInsightsWindowsSecurityProducts' do + it 'should create an instance of SystemInsightsWindowsSecurityProducts' do + expect(@instance).to be_instance_of(JCAPIv2::SystemInsightsWindowsSecurityProducts) + end + end + describe 'test attribute "collection_time"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "remediation_path"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "signatures_up_to_date"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "state_timestamp"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "system_id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/systemfdekey_spec.rb b/jcapiv2/spec/models/systemfdekey_spec.rb index 934e50f..77cef98 100644 --- a/jcapiv2/spec/models/systemfdekey_spec.rb +++ b/jcapiv2/spec/models/systemfdekey_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,9 +33,8 @@ end describe 'test attribute "key"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/systemuser_spec.rb b/jcapiv2/spec/models/systemuser_spec.rb deleted file mode 100644 index b556455..0000000 --- a/jcapiv2/spec/models/systemuser_spec.rb +++ /dev/null @@ -1,282 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::Systemuser -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Systemuser' do - before do - # run before each test - @instance = JCAPIv2::Systemuser.new - end - - after do - # run after each test - end - - describe 'test an instance of Systemuser' do - it 'should create an instance of Systemuser' do - expect(@instance).to be_instance_of(JCAPIv2::Systemuser) - end - end - describe 'test attribute "_id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "account_locked"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "activated"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "allow_public_key"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "associated_tag_count"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "attributes"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "company"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "cost_center"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "created"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "department"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "description"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "displayname"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "email"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "employee_identifier"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "employee_type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "enable_managed_uid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "enable_user_portal_multifactor"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "external_dn"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "external_source_type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "externally_managed"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "firstname"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "job_title"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "lastname"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "ldap_binding_user"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "location"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "mfa"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "middlename"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "password_expiration_date"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "password_expired"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "password_never_expires"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "passwordless_sudo"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "public_key"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "samba_service_user"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "ssh_keys"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "sudo"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "suspended"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "tags"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "totp_enabled"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "unix_guid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "unix_uid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "username"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/systemuserputpost_addresses_spec.rb b/jcapiv2/spec/models/systemuserputpost_addresses_spec.rb deleted file mode 100644 index 4b53a6d..0000000 --- a/jcapiv2/spec/models/systemuserputpost_addresses_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SystemuserputpostAddresses -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SystemuserputpostAddresses' do - before do - # run before each test - @instance = JCAPIv2::SystemuserputpostAddresses.new - end - - after do - # run after each test - end - - describe 'test an instance of SystemuserputpostAddresses' do - it 'should create an instance of SystemuserputpostAddresses' do - expect(@instance).to be_instance_of(JCAPIv2::SystemuserputpostAddresses) - end - end - describe 'test attribute "country"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "extended_address"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "locality"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "po_box"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "postal_code"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "region"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "street_address"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/systemuserputpost_phone_numbers_spec.rb b/jcapiv2/spec/models/systemuserputpost_phone_numbers_spec.rb deleted file mode 100644 index 4de2b1d..0000000 --- a/jcapiv2/spec/models/systemuserputpost_phone_numbers_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::SystemuserputpostPhoneNumbers -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'SystemuserputpostPhoneNumbers' do - before do - # run before each test - @instance = JCAPIv2::SystemuserputpostPhoneNumbers.new - end - - after do - # run after each test - end - - describe 'test an instance of SystemuserputpostPhoneNumbers' do - it 'should create an instance of SystemuserputpostPhoneNumbers' do - expect(@instance).to be_instance_of(JCAPIv2::SystemuserputpostPhoneNumbers) - end - end - describe 'test attribute "number"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/systemuserputpost_spec.rb b/jcapiv2/spec/models/systemuserputpost_spec.rb deleted file mode 100644 index f5e5acd..0000000 --- a/jcapiv2/spec/models/systemuserputpost_spec.rb +++ /dev/null @@ -1,264 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::Systemuserputpost -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'Systemuserputpost' do - before do - # run before each test - @instance = JCAPIv2::Systemuserputpost.new - end - - after do - # run after each test - end - - describe 'test an instance of Systemuserputpost' do - it 'should create an instance of Systemuserputpost' do - expect(@instance).to be_instance_of(JCAPIv2::Systemuserputpost) - end - end - describe 'test attribute "account_locked"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "activated"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "addresses"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "allow_public_key"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "attributes"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "company"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "cost_center"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "department"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "description"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "displayname"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "email"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "employee_identifier"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "employee_type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "enable_managed_uid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "enable_user_portal_multifactor"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "external_dn"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "external_source_type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "externally_managed"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "firstname"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "job_title"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "lastname"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "ldap_binding_user"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "location"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "mfa"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "middlename"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "password"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "password_never_expires"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "passwordless_sudo"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "phone_numbers"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "public_key"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "relationships"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "samba_service_user"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "sudo"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "suspended"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "tags"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "unix_guid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "unix_uid"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "username"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/ticketing_integration_alert_spec.rb b/jcapiv2/spec/models/ticketing_integration_alert_spec.rb new file mode 100644 index 0000000..5445a05 --- /dev/null +++ b/jcapiv2/spec/models/ticketing_integration_alert_spec.rb @@ -0,0 +1,58 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::TicketingIntegrationAlert +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'TicketingIntegrationAlert' do + before do + # run before each test + @instance = JCAPIv2::TicketingIntegrationAlert.new + end + + after do + # run after each test + end + + describe 'test an instance of TicketingIntegrationAlert' do + it 'should create an instance of TicketingIntegrationAlert' do + expect(@instance).to be_instance_of(JCAPIv2::TicketingIntegrationAlert) + end + end + describe 'test attribute "category"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "id"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "name"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/ticketing_integration_alerts_resp_spec.rb b/jcapiv2/spec/models/ticketing_integration_alerts_resp_spec.rb new file mode 100644 index 0000000..92a4f26 --- /dev/null +++ b/jcapiv2/spec/models/ticketing_integration_alerts_resp_spec.rb @@ -0,0 +1,40 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::TicketingIntegrationAlertsResp +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'TicketingIntegrationAlertsResp' do + before do + # run before each test + @instance = JCAPIv2::TicketingIntegrationAlertsResp.new + end + + after do + # run after each test + end + + describe 'test an instance of TicketingIntegrationAlertsResp' do + it 'should create an instance of TicketingIntegrationAlertsResp' do + expect(@instance).to be_instance_of(JCAPIv2::TicketingIntegrationAlertsResp) + end + end + describe 'test attribute "records"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/user_graph_management_req_spec.rb b/jcapiv2/spec/models/user_graph_management_req_spec.rb deleted file mode 100644 index 2af0b0f..0000000 --- a/jcapiv2/spec/models/user_graph_management_req_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::UserGraphManagementReq -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'UserGraphManagementReq' do - before do - # run before each test - @instance = JCAPIv2::UserGraphManagementReq.new - end - - after do - # run after each test - end - - describe 'test an instance of UserGraphManagementReq' do - it 'should create an instance of UserGraphManagementReq' do - expect(@instance).to be_instance_of(JCAPIv2::UserGraphManagementReq) - end - end - describe 'test attribute "attributes"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "op"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) - #validator.allowable_values.each do |value| - # expect { @instance.op = value }.not_to raise_error - #end - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "system", "system_group"]) - #validator.allowable_values.each do |value| - # expect { @instance.type = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/user_group_attributes_posix_groups_spec.rb b/jcapiv2/spec/models/user_group_attributes_posix_groups_spec.rb deleted file mode 100644 index b8ee9b9..0000000 --- a/jcapiv2/spec/models/user_group_attributes_posix_groups_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::UserGroupAttributesPosixGroups -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'UserGroupAttributesPosixGroups' do - before do - # run before each test - @instance = JCAPIv2::UserGroupAttributesPosixGroups.new - end - - after do - # run after each test - end - - describe 'test an instance of UserGroupAttributesPosixGroups' do - it 'should create an instance of UserGroupAttributesPosixGroups' do - expect(@instance).to be_instance_of(JCAPIv2::UserGroupAttributesPosixGroups) - end - end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/user_group_attributes_spec.rb b/jcapiv2/spec/models/user_group_attributes_spec.rb deleted file mode 100644 index 5e9c320..0000000 --- a/jcapiv2/spec/models/user_group_attributes_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::UserGroupAttributes -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'UserGroupAttributes' do - before do - # run before each test - @instance = JCAPIv2::UserGroupAttributes.new - end - - after do - # run after each test - end - - describe 'test an instance of UserGroupAttributes' do - it 'should create an instance of UserGroupAttributes' do - expect(@instance).to be_instance_of(JCAPIv2::UserGroupAttributes) - end - end - describe 'test attribute "posix_groups"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "samba_enabled"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/user_group_graph_management_req_spec.rb b/jcapiv2/spec/models/user_group_graph_management_req_spec.rb deleted file mode 100644 index 42a1fe8..0000000 --- a/jcapiv2/spec/models/user_group_graph_management_req_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::UserGroupGraphManagementReq -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'UserGroupGraphManagementReq' do - before do - # run before each test - @instance = JCAPIv2::UserGroupGraphManagementReq.new - end - - after do - # run after each test - end - - describe 'test an instance of UserGroupGraphManagementReq' do - it 'should create an instance of UserGroupGraphManagementReq' do - expect(@instance).to be_instance_of(JCAPIv2::UserGroupGraphManagementReq) - end - end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "op"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove", "update"]) - #validator.allowable_values.each do |value| - # expect { @instance.op = value }.not_to raise_error - #end - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["active_directory", "application", "command", "g_suite", "ldap_server", "office_365", "policy", "radius_server", "system", "system_group"]) - #validator.allowable_values.each do |value| - # expect { @instance.type = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/user_group_members_req_spec.rb b/jcapiv2/spec/models/user_group_members_req_spec.rb deleted file mode 100644 index 24ea2dd..0000000 --- a/jcapiv2/spec/models/user_group_members_req_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::UserGroupMembersReq -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'UserGroupMembersReq' do - before do - # run before each test - @instance = JCAPIv2::UserGroupMembersReq.new - end - - after do - # run after each test - end - - describe 'test an instance of UserGroupMembersReq' do - it 'should create an instance of UserGroupMembersReq' do - expect(@instance).to be_instance_of(JCAPIv2::UserGroupMembersReq) - end - end - describe 'test attribute "id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "op"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["add", "remove"]) - #validator.allowable_values.each do |value| - # expect { @instance.op = value }.not_to raise_error - #end - end - end - - describe 'test attribute "type"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user"]) - #validator.allowable_values.each do |value| - # expect { @instance.type = value }.not_to raise_error - #end - end - end - -end - diff --git a/jcapiv2/spec/models/user_group_post_spec.rb b/jcapiv2/spec/models/user_group_post_spec.rb index b8f1122..ef5f648 100644 --- a/jcapiv2/spec/models/user_group_post_spec.rb +++ b/jcapiv2/spec/models/user_group_post_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,50 @@ end describe 'test attribute "attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query_exemptions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_suggestions_notify"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "membership_method"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/user_group_put_spec.rb b/jcapiv2/spec/models/user_group_put_spec.rb index a409804..d17586d 100644 --- a/jcapiv2/spec/models/user_group_put_spec.rb +++ b/jcapiv2/spec/models/user_group_put_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,50 @@ end describe 'test attribute "attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query_exemptions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_suggestions_notify"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "membership_method"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/user_group_spec.rb b/jcapiv2/spec/models/user_group_spec.rb index f75250e..dbac29e 100644 --- a/jcapiv2/spec/models/user_group_spec.rb +++ b/jcapiv2/spec/models/user_group_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,31 +33,72 @@ end describe 'test attribute "attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "description"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_query_exemptions"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "member_suggestions_notify"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "membership_method"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "suggestion_counts"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "type"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - #validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user_group"]) - #validator.allowable_values.each do |value| - # expect { @instance.type = value }.not_to raise_error - #end + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # validator = Petstore::EnumTest::EnumAttributeValidator.new('String', ["user_group"]) + # validator.allowable_values.each do |value| + # expect { @instance.type = value }.not_to raise_error + # end end end end - diff --git a/jcapiv2/spec/models/user_spec.rb b/jcapiv2/spec/models/user_spec.rb new file mode 100644 index 0000000..60be192 --- /dev/null +++ b/jcapiv2/spec/models/user_spec.rb @@ -0,0 +1,112 @@ +=begin +#JumpCloud API + +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) + +OpenAPI spec version: 2.0 +Contact: support@jumpcloud.com +Generated by: https://github.com/swagger-api/swagger-codegen.git +Swagger Codegen version: 3.0.47 +=end + +require 'spec_helper' +require 'json' +require 'date' + +# Unit tests for JCAPIv2::User +# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) +# Please update as you see appropriate +describe 'User' do + before do + # run before each test + @instance = JCAPIv2::User.new + end + + after do + # run after each test + end + + describe 'test an instance of User' do + it 'should create an instance of User' do + expect(@instance).to be_instance_of(JCAPIv2::User) + end + end + describe 'test attribute "addresses"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "alternate_email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "company"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "cost_center"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "department"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "email"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "employee_identifier"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "employee_type"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "firstname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "job_title"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "lastname"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "location"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + + describe 'test attribute "phone_numbers"' do + it 'should work' do + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + end + end + +end diff --git a/jcapiv2/spec/models/workday_fields_spec.rb b/jcapiv2/spec/models/workday_fields_spec.rb index 5aca6c5..f7182b5 100644 --- a/jcapiv2/spec/models/workday_fields_spec.rb +++ b/jcapiv2/spec/models/workday_fields_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "report_url"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/workday_input_spec.rb b/jcapiv2/spec/models/workday_input_spec.rb index ac5f612..812f9b6 100644 --- a/jcapiv2/spec/models/workday_input_spec.rb +++ b/jcapiv2/spec/models/workday_input_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,21 +33,20 @@ end describe 'test attribute "auth"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "report_url"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/workday_output_spec.rb b/jcapiv2/spec/models/workday_output_spec.rb index d62b3d7..9a196d9 100644 --- a/jcapiv2/spec/models/workday_output_spec.rb +++ b/jcapiv2/spec/models/workday_output_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,33 +33,32 @@ end describe 'test attribute "auth"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "id"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "last_import"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "report_url"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/workday_request_spec.rb b/jcapiv2/spec/models/workday_request_spec.rb deleted file mode 100644 index e83ff45..0000000 --- a/jcapiv2/spec/models/workday_request_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -=begin -#JumpCloud APIs - -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. - -OpenAPI spec version: 2.0 - -Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - -=end - -require 'spec_helper' -require 'json' -require 'date' - -# Unit tests for JCAPIv2::WorkdayRequest -# Automatically generated by swagger-codegen (github.com/swagger-api/swagger-codegen) -# Please update as you see appropriate -describe 'WorkdayRequest' do - before do - # run before each test - @instance = JCAPIv2::WorkdayRequest.new - end - - after do - # run after each test - end - - describe 'test an instance of WorkdayRequest' do - it 'should create an instance of WorkdayRequest' do - expect(@instance).to be_instance_of(JCAPIv2::WorkdayRequest) - end - end - describe 'test attribute "name"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - - describe 'test attribute "object_id"' do - it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers - end - end - -end - diff --git a/jcapiv2/spec/models/workday_worker_spec.rb b/jcapiv2/spec/models/workday_worker_spec.rb index fde9c12..a006f36 100644 --- a/jcapiv2/spec/models/workday_worker_spec.rb +++ b/jcapiv2/spec/models/workday_worker_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,33 +33,32 @@ end describe 'test attribute "attributes"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "email"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "first_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "last_name"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "username"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/models/workdayoutput_auth_spec.rb b/jcapiv2/spec/models/workdayoutput_auth_spec.rb index 0774e14..8febbf3 100644 --- a/jcapiv2/spec/models/workdayoutput_auth_spec.rb +++ b/jcapiv2/spec/models/workdayoutput_auth_spec.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end require 'spec_helper' @@ -34,15 +33,14 @@ end describe 'test attribute "basic"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end describe 'test attribute "oauth"' do it 'should work' do - # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers + # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers end end end - diff --git a/jcapiv2/spec/spec_helper.rb b/jcapiv2/spec/spec_helper.rb index 38b718d..63e1abc 100644 --- a/jcapiv2/spec/spec_helper.rb +++ b/jcapiv2/spec/spec_helper.rb @@ -1,13 +1,12 @@ =begin -#JumpCloud APIs +#JumpCloud API -# JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. +## Overview JumpCloud's V2 API. This set of endpoints allows JumpCloud customers to manage objects, groupings and mappings and interact with the JumpCloud Graph. ## API Best Practices Read the linked Help Article below for guidance on retrying failed requests to JumpCloud's REST API, as well as best practices for structuring subsequent retry requests. Customizing retry mechanisms based on these recommendations will increase the reliability and dependability of your API calls. Covered topics include: 1. Important Considerations 2. Supported HTTP Request Methods 3. Response codes 4. API Key rotation 5. Paginating 6. Error handling 7. Retry rates [JumpCloud Help Center - API Best Practices](https://support.jumpcloud.com/support/s/article/JumpCloud-API-Best-Practices) # Directory Objects This API offers the ability to interact with some of our core features; otherwise known as Directory Objects. The Directory Objects are: * Commands * Policies * Policy Groups * Applications * Systems * Users * User Groups * System Groups * Radius Servers * Directories: Office 365, LDAP,G-Suite, Active Directory * Duo accounts and applications. The Directory Object is an important concept to understand in order to successfully use JumpCloud API. ## JumpCloud Graph We've also introduced the concept of the JumpCloud Graph along with Directory Objects. The Graph is a powerful aspect of our platform which will enable you to associate objects with each other, or establish membership for certain objects to become members of other objects. Specific `GET` endpoints will allow you to traverse the JumpCloud Graph to return all indirect and directly bound objects in your organization. | ![alt text](https://s3.amazonaws.com/jumpcloud-kb/Knowledge+Base+Photos/API+Docs/jumpcloud_graph.png \"JumpCloud Graph Model Example\") | |:--:| | **This diagram highlights our association and membership model as it relates to Directory Objects.** | # API Key ## Access Your API Key To locate your API Key: 1. Log into the [JumpCloud Admin Console](https://console.jumpcloud.com/). 2. Go to the username drop down located in the top-right of the Console. 3. Retrieve your API key from API Settings. ## API Key Considerations This API key is associated to the currently logged in administrator. Other admins will have different API keys. **WARNING** Please keep this API key secret, as it grants full access to any data accessible via your JumpCloud console account. You can also reset your API key in the same location in the JumpCloud Admin Console. ## Recycling or Resetting Your API Key In order to revoke access with the current API key, simply reset your API key. This will render all calls using the previous API key inaccessible. Your API key will be passed in as a header with the header name \"x-api-key\". ```bash curl -H \"x-api-key: [YOUR_API_KEY_HERE]\" \"https://console.jumpcloud.com/api/v2/systemgroups\" ``` # System Context * [Introduction](#introduction) * [Supported endpoints](#supported-endpoints) * [Response codes](#response-codes) * [Authentication](#authentication) * [Additional examples](#additional-examples) * [Third party](#third-party) ## Introduction JumpCloud System Context Authorization is an alternative way to authenticate with a subset of JumpCloud's REST APIs. Using this method, a system can manage its information and resource associations, allowing modern auto provisioning environments to scale as needed. **Notes:** * The following documentation applies to Linux Operating Systems only. * Systems that have been automatically enrolled using Apple's Device Enrollment Program (DEP) or systems enrolled using the User Portal install are not eligible to use the System Context API to prevent unauthorized access to system groups and resources. If a script that utilizes the System Context API is invoked on a system enrolled in this way, it will display an error. ## Supported Endpoints JumpCloud System Context Authorization can be used in conjunction with Systems endpoints found in the V1 API and certain System Group endpoints found in the v2 API. * A system may fetch, alter, and delete metadata about itself, including manipulating a system's Group and Systemuser associations, * `/api/systems/{system_id}` | [`GET`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_get) [`PUT`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_put) * A system may delete itself from your JumpCloud organization * `/api/systems/{system_id}` | [`DELETE`](https://docs.jumpcloud.com/api/1.0/index.html#operation/systems_delete) * A system may fetch its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/memberof` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembership) * `/api/v2/systems/{system_id}/associations` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsList) * `/api/v2/systems/{system_id}/users` | [`GET`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemTraverseUser) * A system may alter its direct resource associations under v2 (Groups) * `/api/v2/systems/{system_id}/associations` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemAssociationsPost) * A system may alter its System Group associations * `/api/v2/systemgroups/{group_id}/members` | [`POST`](https://docs.jumpcloud.com/api/2.0/index.html#operation/graph_systemGroupMembersPost) * _NOTE_ If a system attempts to alter the system group membership of a different system the request will be rejected ## Response Codes If endpoints other than those described above are called using the System Context API, the server will return a `401` response. ## Authentication To allow for secure access to our APIs, you must authenticate each API request. JumpCloud System Context Authorization uses [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-00) to authenticate API requests. The HTTP Signatures sent with each request are similar to the signatures used by the Amazon Web Services REST API. To help with the request-signing process, we have provided an [example bash script](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh). This example API request simply requests the entire system record. You must be root, or have permissions to access the contents of the `/opt/jc` directory to generate a signature. Here is a breakdown of the example script with explanations. First, the script extracts the systemKey from the JSON formatted `/opt/jc/jcagent.conf` file. ```bash #!/bin/bash conf=\"`cat /opt/jc/jcagent.conf`\" regex=\"systemKey\\\":\\\"(\\w+)\\\"\" if [[ $conf =~ $regex ]] ; then systemKey=\"${BASH_REMATCH[1]}\" fi ``` Then, the script retrieves the current date in the correct format. ```bash now=`date -u \"+%a, %d %h %Y %H:%M:%S GMT\"`; ``` Next, we build a signing string to demonstrate the expected signature format. The signed string must consist of the [request-line](https://tools.ietf.org/html/rfc2616#page-35) and the date header, separated by a newline character. ```bash signstr=\"GET /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" ``` The next step is to calculate and apply the signature. This is a two-step process: 1. Create a signature from the signing string using the JumpCloud Agent private key: ``printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key`` 2. Then Base64-encode the signature string and trim off the newline characters: ``| openssl enc -e -a | tr -d '\\n'`` The combined steps above result in: ```bash signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; ``` Finally, we make sure the API call sending the signature has the same Authorization and Date header values, HTTP method, and URL that were used in the signing string. ```bash curl -iq \\ -H \"Accept: application/json\" \\ -H \"Content-Type: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Input Data All PUT and POST methods should use the HTTP Content-Type header with a value of 'application/json'. PUT methods are used for updating a record. POST methods are used to create a record. The following example demonstrates how to update the `displayName` of the system. ```bash signstr=\"PUT /api/systems/${systemKey} HTTP/1.1\\ndate: ${now}\" signature=`printf \"$signstr\" | openssl dgst -sha256 -sign /opt/jc/client.key | openssl enc -e -a | tr -d '\\n'` ; curl -iq \\ -d \"{\\\"displayName\\\" : \\\"updated-system-name-1\\\"}\" \\ -X \"PUT\" \\ -H \"Content-Type: application/json\" \\ -H \"Accept: application/json\" \\ -H \"Date: ${now}\" \\ -H \"Authorization: Signature keyId=\\\"system/${systemKey}\\\",headers=\\\"request-line date\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"${signature}\\\"\" \\ --url https://console.jumpcloud.com/api/systems/${systemKey} ``` ### Output Data All results will be formatted as JSON. Here is an abbreviated example of response output: ```json { \"_id\": \"525ee96f52e144993e000015\", \"agentServer\": \"lappy386\", \"agentVersion\": \"0.9.42\", \"arch\": \"x86_64\", \"connectionKey\": \"127.0.0.1_51812\", \"displayName\": \"ubuntu-1204\", \"firstContact\": \"2013-10-16T19:30:55.611Z\", \"hostname\": \"ubuntu-1204\" ... ``` ## Additional Examples ### Signing Authentication Example This example demonstrates how to make an authenticated request to fetch the JumpCloud record for this system. [SigningExample.sh](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/shell/SigningExample.sh) ### Shutdown Hook This example demonstrates how to make an authenticated request on system shutdown. Using an init.d script registered at run level 0, you can call the System Context API as the system is shutting down. [Instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) is an example of an init.d script that only runs at system shutdown. After customizing the [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) script, you should install it on the system(s) running the JumpCloud agent. 1. Copy the modified [instance-shutdown-initd](https://github.com/TheJumpCloud/SystemContextAPI/blob/master/examples/instance-shutdown-initd) to `/etc/init.d/instance-shutdown`. 2. On Ubuntu systems, run `update-rc.d instance-shutdown defaults`. On RedHat/CentOS systems, run `chkconfig --add instance-shutdown`. ## Third Party ### Chef Cookbooks [https://github.com/nshenry03/jumpcloud](https://github.com/nshenry03/jumpcloud) [https://github.com/cjs226/jumpcloud](https://github.com/cjs226/jumpcloud) # Multi-Tenant Portal Headers Multi-Tenant Organization API Headers are available for JumpCloud Admins to use when making API requests from Organizations that have multiple managed organizations. The `x-org-id` is a required header for all multi-tenant admins when making API requests to JumpCloud. This header will define to which organization you would like to make the request. **NOTE** Single Tenant Admins do not need to provide this header when making an API request. ## Header Value `x-org-id` ## API Response Codes * `400` Malformed ID. * `400` x-org-id and Organization path ID do not match. * `401` ID not included for multi-tenant admin * `403` ID included on unsupported route. * `404` Organization ID Not Found. ```bash curl -X GET https://console.jumpcloud.com/api/v2/directories \\ -H 'accept: application/json' \\ -H 'content-type: application/json' \\ -H 'x-api-key: {API_KEY}' \\ -H 'x-org-id: {ORG_ID}' ``` ## To Obtain an Individual Organization ID via the UI As a prerequisite, your Primary Organization will need to be setup for Multi-Tenancy. This provides access to the Multi-Tenant Organization Admin Portal. 1. Log into JumpCloud [Admin Console](https://console.jumpcloud.com). If you are a multi-tenant Admin, you will automatically be routed to the Multi-Tenant Admin Portal. 2. From the Multi-Tenant Portal's primary navigation bar, select the Organization you'd like to access. 3. You will automatically be routed to that Organization's Admin Console. 4. Go to Settings in the sub-tenant's primary navigation. 5. You can obtain your Organization ID below your Organization's Contact Information on the Settings page. ## To Obtain All Organization IDs via the API * You can make an API request to this endpoint using the API key of your Primary Organization. `https://console.jumpcloud.com/api/organizations/` This will return all your managed organizations. ```bash curl -X GET \\ https://console.jumpcloud.com/api/organizations/ \\ -H 'Accept: application/json' \\ -H 'Content-Type: application/json' \\ -H 'x-api-key: {API_KEY}' ``` # SDKs You can find language specific SDKs that can help you kickstart your Integration with JumpCloud in the following GitHub repositories: * [Python](https://github.com/TheJumpCloud/jcapi-python) * [Go](https://github.com/TheJumpCloud/jcapi-go) * [Ruby](https://github.com/TheJumpCloud/jcapi-ruby) * [Java](https://github.com/TheJumpCloud/jcapi-java) OpenAPI spec version: 2.0 - +Contact: support@jumpcloud.com Generated by: https://github.com/swagger-api/swagger-codegen.git -Swagger Codegen version: 2.3.1 - +Swagger Codegen version: 3.0.47 =end # load the gem From ebc343df6e931e9c11c94dd8d0f10c6d8b659000 Mon Sep 17 00:00:00 2001 From: Kevin Ruggiero Date: Thu, 5 Oct 2023 08:18:30 -0400 Subject: [PATCH 2/2] update version and config --- .DS_Store | Bin 8196 -> 8196 bytes config_v1.json | 2 +- config_v2.json | 2 +- jcapiv1/.DS_Store | Bin 0 -> 6148 bytes jcapiv1/README.md | 8 ++++---- jcapiv1/lib/jcapiv1/configuration.rb | 2 +- jcapiv1/lib/jcapiv1/version.rb | 2 +- jcapiv2/README.md | 8 ++++---- jcapiv2/lib/jcapiv2/version.rb | 2 +- 9 files changed, 13 insertions(+), 13 deletions(-) create mode 100644 jcapiv1/.DS_Store diff --git a/.DS_Store b/.DS_Store index 35ca6a9c28814ef606d2d77d1a588fca715059d6..767db28a851615ea0ef46e3ed596d61d1e6d3929 100644 GIT binary patch delta 132 zcmZp1XmOa}&&a+pU^hP_`(z%0hny+J$vH{+`8kZ6?+ZL*)i8wf85kJY8L}9X84?)^ q7%~~k7!1pTi}G^v^U{Gbj2jD?88@>_d}G=COyoWz(b^UkG6Dcz^(Djr delta 411 zcmZp1XmOa}&&aVcU^hP_$7CLXhnrahZ?N(jCzTf$B<18MF)%Rfnye;Js3}!lZD?+3 zsH0$LU}0ISqfl*WWT2y9Vr*7h%gG_CtZy9@pPiGNm)|pazkqywFHj#lLl#3aLn1=~ zLncERgKH1@V-^m;4Wg<&0T*E43hX&L&p$$qDprKhvt+--jT7}7np#A3 zem<@ulZcFPQ@L2!n>{z**++&mCkOWA81W14cNZlEfg7;MkzE(HCqgga^y>{tEnwC%0;vJ&^%eQ zLs35+`xjp>T0 3.0.0' + gem 'jcapiv1', '~> 4.0.0' ### Install from Git diff --git a/jcapiv1/lib/jcapiv1/configuration.rb b/jcapiv1/lib/jcapiv1/configuration.rb index 540e1b5..db942a8 100644 --- a/jcapiv1/lib/jcapiv1/configuration.rb +++ b/jcapiv1/lib/jcapiv1/configuration.rb @@ -127,7 +127,7 @@ class Configuration def initialize @scheme = 'https' @host = 'console.jumpcloud.com' - @base_path = 'https://console.jumpcloud.com/api' + @base_path = '/api' @api_key = {} @api_key_prefix = {} @timeout = 0 diff --git a/jcapiv1/lib/jcapiv1/version.rb b/jcapiv1/lib/jcapiv1/version.rb index 40ed732..c42b79e 100644 --- a/jcapiv1/lib/jcapiv1/version.rb +++ b/jcapiv1/lib/jcapiv1/version.rb @@ -10,5 +10,5 @@ =end module JCAPIv1 - VERSION = '3.0.0' + VERSION = '4.0.0' end diff --git a/jcapiv2/README.md b/jcapiv2/README.md index f34bb36..59d8e75 100644 --- a/jcapiv2/README.md +++ b/jcapiv2/README.md @@ -7,7 +7,7 @@ JCAPIv2 - the Ruby gem for the JumpCloud API This SDK is automatically generated by the [Swagger Codegen](https://github.com/swagger-api/swagger-codegen) project: - API version: 2.0 -- Package version: 3.0.0 +- Package version: 4.0.0 - Build package: io.swagger.codegen.v3.generators.ruby.RubyClientCodegen For more information, please visit [https://support.jumpcloud.com/support/s/](https://support.jumpcloud.com/support/s/) @@ -24,15 +24,15 @@ gem build jcapiv2.gemspec Then either install the gem locally: ```shell -gem install ./jcapiv2-3.0.0.gem +gem install ./jcapiv2-4.0.0.gem ``` -(for development, run `gem install --dev ./jcapiv2-3.0.0.gem` to install the development dependencies) +(for development, run `gem install --dev ./jcapiv2-4.0.0.gem` to install the development dependencies) or publish the gem to a gem hosting service, e.g. [RubyGems](https://rubygems.org/). Finally add this to the Gemfile: - gem 'jcapiv2', '~> 3.0.0' + gem 'jcapiv2', '~> 4.0.0' ### Install from Git diff --git a/jcapiv2/lib/jcapiv2/version.rb b/jcapiv2/lib/jcapiv2/version.rb index 389b333..922a161 100644 --- a/jcapiv2/lib/jcapiv2/version.rb +++ b/jcapiv2/lib/jcapiv2/version.rb @@ -10,5 +10,5 @@ =end module JCAPIv2 - VERSION = '3.0.0' + VERSION = '4.0.0' end